Vint Falken, a frequent blogger about SL and an avid user, ”writes about the QuickTime exploit in SL that continues to pose a security hazard to users of SL.
While Linden Labs claimed to have fixed the breach that affected those who streamed video from SL in QuickTime, Vint writes that the breach remains. This could have serious repercussions down the road, as users may be vulnerable to not just hits on their Linden money, but debits to their RL credit cards.
“Linden Lab has done little to change the architecture that allowed the exploit to work in the first place,” she writes.
This points to a bigger issue with the development of SL that Greg Hogland, the author of “Exploiting Online Games: Cheating Massively Distributed Systems,” has noted.
“When you look at Second Life,” he wrote as quoted on Vint’s blog, “you know in your bones they simply did not think about security when they developed this application. It’s broken from the inside.”
At a recent hacker conference in Washington, two Apple security experts demonstrated how the SL/QuickTime exploit works.
