Friday, February 18, 2011

Redzone Dissapears from secondlife marketplace and Aventity Issues a Public Apology

Well I looked up secondlife marketplace today and did a search for redzone, it no longer shows, is this Linden Labs taking action finally? or a ploy by zfire xue to get the userbase off his back about privacy violations? you decide,I've seen things disappear from marketplace and users assume something was done about it for the content that was supposedly removed to be reposted, so user beware its too early to celebrate just yet.

Also today I viewed my blog and saw a user by the name of chef had left me a comment slandering me to be an alt of a supposed age player that I know nothing about, dunno how I defend myself against that being accused of being someone I know nothing about but it really goes to show what effectiveness redzone lacks I decided I would reply to them and point out their fallacy as I've been blogging against this redzone thing longer than this person they accused me of being has perhaps been banned, also as a result I contacted Mephitis Jezebel the owner of Aventity/Chimera regarding the slander her partner posted in my topic, and I will admit I did have a nasty choice of words against her but it was reasonable and to the point and the point was to notify her that if I was harassed by any member of Aventity any further I would be turning over an IC3 complaint for the violation, she did agree with me that the reaction of this user called chef her partner was inappropriate, and stated she got rid of Redzone soon as she realized it was a violation during the conversation with her there was a Vixen Resident who had a nasty attitude and was unreasonable so they've been muted as well as chef being banned from some sims we don't want Redzones HUD being used in. Anyhow I discussed the privacy violation with her and the harassment issue from her groupies and she apologized and stated about the removal of the Redzone orb and stated she hadn't used it for quite some time when someone else notified her of the violations. after the discussion she said she would be sending out a notice apologizing to her customers, I don't know if shes passing this apology to her customers on database, or her group or avatar makers guild or what but I asked for a copy of this apology and received a notecard titled "A public apology" as such I will Post a copy of this apology here:

"
It's recently come to my attention that a lot of people are worried (and rightfully upset) at me for choosing to use zfRedZone (a security orb that advertises its ability to ban copybotters and their alts) in the past. The only reason I used this system was to prevent an onslaught of copybotters from continuing to target products at .:chimera:.. The zfRedZone orb was only rezzed for a short period of time, was promptly deleted when a few people told me it violated ToS, and hasn't been rezzed for months. However, I want to personally apologize to everyone who had been logged by this system during the time it was active. It was not my intention at all to violate anyone's privacy.

For a more in-depth understanding of what I'm talking about, I would like to forward you all to Treminari's blog entries regarding security systems such as zfRedZone.

http://treminarisecondlife.blogspot.com/2010/12/aventity-chimera-uses-zf-redzone-which.html

http://treminarisecondlife.blogspot.com/2010/07/spywaretos-and-legal-violation-in.html

http://treminarisecondlife.blogspot.com/2010/12/zf-redzone-can-disrupt-secondlife.html

In closing, I want to reassure all of you that .:chimera:. and the sim it's located in (Ascendant) has not used zfRedZone for months. We do not use any type of loggin/security system, and never will.
"

Anyhow she sent this to me and stated that she would be sending this out to others whether or not she has done it I don't know. As It's titled a public apology I assume its public and have duplicated it here, if your a past or current customer of Aventity you can choose whether or not to accept this apology and decide whether or not its sufficient. I'm not one for holding grudges except where its warranted like Zfire Xue, but I dunno if this is enough and while I was considering getting an Aventity white fox before taking notice to this in addition to some of their other well designed avatars, I've got mixed feelings for such a violation as when I first discovered Redzone on marketplace for myself considering the privacy violation and slander from her business partner, but it was my common sense that said it was illegal when I found it on Xstreet and lead me to researching it and finding it was in Violation of ToS 8.3 and BPC22575-22579. I'm still quite upset about the violation and Don't know whether or not I will return as a customer or not myself, I tend to collect lots of avatars and such, My hope is that Aventity at least shows better discretion in the future when using questionable countermeasures and that other content creators do the same, there are ways users can legally defend themselves from copybot clients such as reporting Piracy of their Content to the IC3 which is actually the FBI's internet crimes division and filing DMCA reports properly with Linden Labs, as avatar creators are copyright holders their rights are as the music industry has when they themselves sue over piracy, I do believe those who steal content should be held up to the same standards and strung up by the balls so to say with lawsuits just like the music industry does those who steal music, but also believe they have the same responsibility to defend themselves with legal means rather than this frontier justice style bullshit, and not take matters into their own hands making the situation worse for everyone else, I see zf Redzones spyware service the same as Sony did with their rootkits in a lawsuit which you can read about here: http://news.cnet.com/Sony-settles-rootkit-class-action-lawsuit/2100-1002_3-6012173.html as you can see there is such a thing as crossing the line and doing whatever you can to defend your product might not always be legal. I'm not saying you should go out and sue content creators who have used this illegal product, as their fears have been played on by zfire xue and they may or may not know what their doing is legal, but if their common sense doesn't say its sensible they need to learn and I would question their sense of ethics, and zfire xue is the operator of the database of this illegal service, so I really feel all responsibility for the privacy violations should fall on Him as he created and marketed this illegal product and is the one turning a profit from the exploit, also as a final note before closing, you content creators who use this product, really should think about it and consider my previous posts, It didn't protect Aventity as I stated in a previous blog post, it got me upset with them, and I'm sure I'm not the only customer they've lost as a result, and redzone is quite careless with the Bans it issues as you can see with the post about it disrupting service for UAE users, so your failing to kick copybots and kicking out legit customers which could potentially up your profits, but what I want you to consider is something most important of all which I will explain in more detail in a later post, by using redzone and settling for a half baked solution, your distracting from a legitimate and effective solution which may actually work by making others who might design a better solution settling for something less, so in essence, you really only help the copybot problem and put yourself at risk of upsetting and losing your customers. And as stated by aventity in this case “rightfully upset” customers.

Monday, February 14, 2011

Geo Location and beyond

Well we all know what geo-location is.... but thats an assumption, so I will explain it in brief, its a Process of tracking a packet across the Internet and reading the information on Internet routers in order to see where the packet goes, this process can locate city and state a user lives in, but may be inaccurate as far as city goes and may identify a city nearby, for example running a Geo Location service against me, would identify me as a user from Victorville California, While not from Victorville, It's so to say only a stones throw away from me, as we know zfire xue with their redzone product goes as far as to use Geo Location against a user, Well many ISP's have hoped to bring advertising to users to a more local level, not just simply ad's like" burn baby burn" for CD Burning software anyone can order, or "Hot girls in Victorville are looking for you" for a town that is likely the users residence or close by, but bringing users ad's for their local Grocery store or the like, Well some ISP's have figured out a way to share enough information to bring users more localized ad's in their web browsing experience, so that they could get a cut of the advertising revenue, while normally I provide links to news sites I've read and whatnot I feel it would be best to leave out this in the case of this blog article is read by privacy violators, however I would like to note, that if your ISP is involved in this advertising program or one of its affiliates, it is possible through HTTP requests such as those used by secondlifes media that an advertiser, or somebody wishing to violate privacy such as Redzone to obtain more detailed information. However unfortunately as it appears such privacy violating systems does not use such info(it would be more accurate than using an IP address as redzone does) I wont name or explain this system in detail or at all for that matter, however, I will say this much, I emailed a Linden involved with Linden Labs security the same article I read for their viewing and told them what Jira articles it related to VWR-21305, VWR-24746, and VWR-17044 and described to them why this is such a threat to users, to give an Idea as to how accurate this information is, where as I said Victorville is a stones throw from my home, the information revealed by ISP's involved in this advertising program can put someone within a half hours walking distance of my home, and also allow such privacy violators to know exactly the very post office I visit!

Anyhow, I would like to apologize for the lack of detail in this blogpost, and the lack of my usual transparency where I Provide links to my information sources, but I'm trying to avoid giving instructions as to how to do this, how to use this information, and avoid providing a means to see how, the only person I've told in Full Detail the potential nastiness for this exploit is the particular Linden I emailed, but I thought I would say the potential violation of privacy with this issue, again I apologize for the sloppy writing but its difficult when ommitting potentially abusable details.

Thursday, February 10, 2011

A couple Jira topics In Need of votes

Well theres a Jira topic that suggests fixing the issue that allows redzone to happen and yet another Jira topic suggesting we get rid of zf redzone, you can view and vote for both topics here:

https://jira.secondlife.com/browse/VWR-17044

https://jira.secondlife.com/browse/VWR-24746

I noticed these both on the greenzone mouthpiece blog which you can view here:

http://greenzonemouthpiece.blogspot.com/?zx=c7242f21b6dfe88

anyhow In the topic suggesting a ban of redzone if you view the comments section you can see oz linden commenting that this is not a viewer issue and should be dealt with support, as we all know support only passes the buck after a week or two if they even get to you at all and sais file an AR where it is promptly ignored, I've filed several notifying LL of zfire xue's illegal activity, but oz linden didn't stop there, he even went as far as to threaten to revoke a Users Jira privileges because supposedly this is not a viewer issue, even though this is related to a security hole in the viewers media functionality



"Oz Linden added a comment - 08/Feb/11 12:54 PM
Regardless... this is still not a viewer issue.
If you reopen this here, your Jira privileges will be revoked."



given the extended time Linden Labs has not responded to the privacy violation issues and the stance a Linden has taken and the number of notices they have ignored regarding the illegal activity taking place on their servers, and numerous ignored abuse reports from me and many other secondlife users, it might be a good idea to start taking our complaints outside of secondlife and to organizations such as the FTC, IC3, BBB, and filing the complaints against Linden Labs itself, as redzone is not the only privacy violating tool on secondlife, I hear a system called CDS does the same thing as redzone and yet another system cropped up that does the same thing I found myself called quickware alts pro, if you know of another organization that handles such criminal activity inside or outside the US that might handle such complaints, other privacy laws these illegal tools violate inside or outside the US(like BPC22575-22579), feel free to leave a comment get it some mention and perhaps get this bad situation dealt with

Edit:Found an additional Jira article that addresses this issue:
https://jira.secondlife.com/browse/VWR-21305

Tuesday, February 8, 2011

Well this is disturbing

if you've ever confronted zfire xue or theBoris Gothly about privacy violations you've probably gotten the same rant I got, redzone is about protecting businesses in secondlife from copybot and the business owners don't care who your alts are well we all know thats bullshit and...... it gets worse.

http://forcemesilverspar.blogspot.com/2011/02/redzone-warning.html

Give the blog a read through if you have an alt and want any privacy.

so much for that alt I created to keep a separation between my personal and business life on SL.

Saturday, February 5, 2011

Greenzone a counter Product to Redzone

Well over a week ago I came across a tool called greenzone on secondlife marketplace:

https://marketplace.secondlife.com/p/GreenZone-Not-sold-by-me-any-more-Click-to-read-why/1849012

now at:

https://marketplace.secondlife.com/p/GreenZone-Detect-zF-RedZone-Keep-your-privacy/1907392

anyhow at first I found it only provided a false sense of security with version 1.8, however I recently attached the tool and it sent an update to version 2.1 its now something I can recommend as I tested it and it seems to work great!

version 1.8 of greenzone had a major flaw, it could only detect redzone orbs within 96m and most users hide theirs high up in the sky and way out of the users reach, this could be a serious problem if your relying on this for security. as it would be likely that redzone spyware would detect a user before the user detected it. this limitation could compromise user security by giving a false sense of security, version 2.1 is much much better, I visited a sim that I knew had the redzone orb that I used to frequent called balcones which hosts the "extreme fetishists club", they have a redzone orb in plain view behind the bar counter of their club, I flew up to about 900m and the greenzone HUD attachment was still alerting me to the presence of a redzone orb.

while the script contained in the tool is no modify which makes me wonder how it works and whether or not its reliable enough to depend on for security(i still would recommend keeping media functionality disabled in your viewer) it does have a much higher chance of alerting you to zfire xues continued illegal activity and ToS violations in secondlife, and better yet, their transferable and copyable, I recommend picking one up from secondlife marketplace if you absolutely must use the media functions in your viewer time to time.

https://marketplace.secondlife.com/p/GreenZone-Detect-zF-RedZone-Keep-your-privacy/1907392

EDIT:forgot to mention theres another blog that lists discovered redzone privacy violations.
you can find it here: http://greenzonemouthpiece.blogspot.com/