About two weeks ago, we asked the question, Will Second Life Ever Be Safe? That day may come, but it hasn’t yet arrived. As noted in the previous post here, the virtual world of Second Life was today hit by yet another attack that necessitated Linden Lab‘s closing its Grid, the third time in two weeks. (The last attack, which came just yesterday, was blogged by Tony Walsh at Clickable Culture.) The attacks all have one thing in common: they take advantage of the single most attractive aspect of SL — the ability for users to create their own objects — and turn it against the virtual world.
The history of what LL calls “global attacks” stretches back at least to October 2005, which seems to be the first time the Grid was downed by self-replicating objects. An attack in November was contained when LL took a number of regions offline, but another in December brought the Grid down yet again. Now there have been three more in the span of two weeks’ time.
The crashes have undeniably cost LL money, but what the company can do to protect against them remains unclear. After last November’s attack, CEO Philip Rosedale said he had turned over the attacker’s name to the FBI. The Lindens are again “working with the authorities to go after the people responsible for these attacks,” according to LL VP Robin Harper. But will that be enough?
It would seem that what’s at stake here is nothing less than Second Life’s model of free content creation. At the moment, anyone can log into Second Life on a free account and set about dreaming up 3D creations straight from their imagination. The world presents an unprecedented 3D canvas that’s available to anyone, and has attracted more than 200,000 members as a result.
But that freedom also means that it’s relatively easy to launch the kind of denial-of-service attacks that SL has suffered recently, in which self-replicating objects choke the world’s servers into submission. Is there a way to prevent such attacks without hamstringing the open content creation that is the hallmark of SL?
Linden Lab’s current tactic seems to be to rely on real-world authorities. If punishment is harsh enough, this could serve as a deterrent. But if it isn’t, chances are that LL will have to rethink some part of their model. That was the company’s initial reaction to the first attack, last October. In the wake of that attack, LL disabled object creation except on property owned by the resident who owned the object in question. But this essentially removed all interesting functionality from the world — vendors, for instance, could no longer sell objects in someone else’s shop — and was soon rolled back. A technological solution has yet to be found, apparently.
Interestingly, LL’s initial vision of content creation is one that might have protected against self-replicating DOS objects. When the Grid first opened, residents were charged a small amount for each object they created. At the time, residents were billed at the end of each week. A real-time payment scheme would provide a deterrent for someone contemplating unleashing millions of objects onto the Grid. But this would be a crude and heavy-handed solution that probably wouldn’t go over well, and would certainly slow adoption to a crawl.
The timing of the latest attack comes at a particularly bad time, with Second Life receiving unprecendented media attention, as well as commentary from high-profile bloggers like Robert Scoble. Major corporations are currently contemplating moves into SL, or have projects under way there already. At least one high-profile event is scheduled for this evening — a Second Life Future Salon featuring machinima-makers Paul Marino and Pierce Portocarrero — and may have to be postponed.
Like any other service provider, Linden Lab will have to find a way to insure that its service will be up and running on a consistent basis. How this can be done is anything but clear, at this point. I imagine a solution will eventually be found, but its timing could make an enormous difference to the success or failure of Second Life.
Attacking the problem could also necessitate a shift in Linden Lab’s internal philosophy. The company currently runs on a flat, cooperative model of prioritizing new features and bug fixes; the things that get done there are determined more by what the employees feel like tackling than they are by a strong hand at the top. (Philip Rosedale has described the model to us on SecondCast.) Whether that model can focus enough energy on a solution is an interesting question. At the moment, Linden Lab’s marketing machine seems to be moving faster than its technologists. That may have to change if the world is to continue to thrive.