Lex Neva's thoughts blog of Lex Neva in Second Life

June 11, 2008

Two Suggestions to Help SL Scale

Filed under: Scaling — Tags: , — lex @ 4:51 pm

LL has a problem.

This year has been especially rough. April saw a huge drop in availability, the worst month we’d had in a long time. June is seeing its own trouble, with downtime or severe stability issues every single day for the last 12 days [as of 6/10/08; source]. March was my all-time best month of sales, but in April my sales dropped to more than 30% below normal levels. I know this wasn’t just my products, but a trend that affected many retailers in SL. April’s availability drop also brought with it a huge number of failed transactions and lost inventory, with frequent warnings from LL to “avoid transactions as necessary” during database trouble. The bottom line: customer confidence is way down, and many customers and retailers are losing money, while LL scrambles to keep the grid afloat.

I have two ideas that could alleviate the situation, which I’ll present below.


March 19, 2008

Lex Neva comic

Filed under: Miscellaneous — lex @ 9:24 pm

Drawn by the beautiful Amon26 Yellowjacket, it’s a Lex Neva superhero comic!


December 1, 2007

Disable QuickTime in SL

Filed under: Miscellaneous — lex @ 3:18 pm

I know you’ve all seen the warning that there’s a vulnerability in quicktime, but I just want to urge you to disable quicktime in SL if you haven’t decided to already.

There’s now a proof of concept that this vulnerability can be used to take over your SL viewer and make it do whatever an attacker wants, such as sending them your L$.


Just to avoid being alarmist:

  • There is no evidence that evil people have done this yet.
  • You MUST be on land owned or controlled by the attacker for them to get you.
  • You can disable quicktime and completely remove the possibility that you’ll be attacked.
  • Playing a video on land owned by a friend you trust is not going to leave you vulnerable.

So no running around and screaming. But on the other hand, this is more serious than LL’s blog post makes it seem. This vulnerability CAN let attackers gain complete control over your system, and working exploits for the QuickTime vulnerability itself can be found on the web. LL has said that they’ll be active in investigating any reports of the actual use of this vulnerability in SL, but that might not be enough. What if someone uses their control over your system to “open source” all of your products, distributing them for free?

I’ve sent an email to LL urging that they hit their big quicktime offswitch, despite what I know this would mean for several of the projects I’ve worked on in SL. In the mean time, I urge you to disable quicktime in SL, or at the very least follow these steps to disable RTSP (the vulnerable part of quicktime):

  1. Start Quicktime.
  2. Edit -> Preferences -> Quicktime Preferences
  3. File Types tab
  4. Expand “Streaming – Streaming movies”
  5. Uncheck “RTSP stream descriptor”.

It’s very likely that this will completely mitigate the vulnerability. However, I’ve seen a littel conflicting evidence on this front, so, since I have so much at risk with my products in SL, I’ve decided to go the paranoid route and only enable quicktime in SL when I completely trust the owner of the parcel I’m on.

Again, I don’t want to incite panic here, but I think knowledge about the possibilities opened up by these kinds of vulnerabilities is critical to making an informed choice.

November 25, 2007

JIRA drama

Filed under: JIRA — lex @ 5:07 pm

Apparently I was the catalyst of some major JIRA drama.

For those new to the game, JIRA is a product by Atlassian that helps software developers keep track of a monstrously huge pile of bug reports and feature requests. It helps organize issues in relation to each other so that the huge pile of information can be presented in an intelligible manner.

Linden Lab has used JIRA internally for a long time, and this year, with the advent of their open source client, they opened a new instance of JIRA to the SL public, called the “Public JIRA” or “PJIRA”. It’s for us in the community to track issues that affect SL, provide technical information, and help fellow residents by providing more information on the bugs they report. It’s a HUGE step forward in allowing the community to communicate with LL, and I really want to see it succeed. Before this, all we had was the Bug Report black box, and we had no idea if LL had even read what we reported.


February 18, 2007

on screaming at customer service

Filed under: Reputation — lex @ 11:59 am

I ended up writing something in the forums just now that has been on my mind for awhile. You can find it in the SL forums, and I’ll also repost it here:

Talarus Luan wrote:

A lot of times, verbal abuse comes as a result of lack of communication. I’ve seen it before; lived it, even.

Basically, as a customer, when you ask nicely 100 times and get ignored, then switch tactics on the 101st time, and things start happening, you tend to stick with what works. As such, it is as much the Lindens’ fault as anyone’s for not having effective and consistent communication channels set up with the customer base. It is true with every other business in the world; why do game development (and, more generally, software development) companies think they can get away with it?

They need someone to communicate, and not just delegate communication to the lunchroom announcement board. Communication is a two-way street. They need to listen and respond to what they are hearing, directly. I would estimate that a large percentage of churn is a direct result of the lackadaisical communications policy that they have fully embraced in the last year.

I don’t think you can entirely pin this on the Lindens’ difficulties with communication. For one thing, you have to remember just how many residents there are, and how few lindens there are. If they really spent the time to read and acknowledge the huge body of text that’s directed their way in the forums, the blog, and on various blogs throughout the web, they wouldn’t have time to actually implement anything. Don’t get me wrong, I think maybe they could be doing a little better than they are now, but I’m realistic and know that they can’t have perfect one-on-one communication with everyone.

I think that a lot of the time, customers have unrealistic expectations about communication with a company, and customers of LL are no exception. Especially in my country (the US), it seems like people who are buying a service or product automatically feel like the company is evil and they have to fight tooth and nail to get heard. People seem to feel the need to go in swinging to get any kind of attention. Ask any customer service representative and you’ll know that no matter how reasonable you are, customers will always come in and be incredibly rude, when soft, persistent tones would be just as effective if not more.

We see that in these forums every single day. Customers come in here and scream their heads off, berating LL and telling them how horrible their service is (and yet, more often than not, not choosing to end their business relationship with LL). There seems to be a feeling that LL is completely ignoring us, which is not true. There’s an unrealistic expectation that every single thing we say or suggest, constructive or not, must be read and responded to by LL, no matter which dark corner of the forums we speak it in, and no matter how unclear and unconstructive our comments are.

It’s not constructive or efficient for LL to personally address everything we say about/toward them. It’s not even possible: for every single suggestion made, at least one other person will be vehemently opposed. For every feature that LL implements that a large part of the community celebrates as having been a long time coming, at least a handful of people will come out rabidly against it. It happens every single time. If LL listened to everyone’s feelings all of the time, they would be frozen in indecision and unable to take any action whatsoever.

Simply put, I’m saying that it’s never okay to be belligerent, rude, obnoxious, loud, and personally abusive in the course of business. We must never forget that we’re dealing with real, normal, everyday people when we do that. Most of the time, when a customer is belligerent, they’re being rude to someone who wasn’t really responsible for the decision that made them mad, and maybe can’t do much about it. Shouting at someone just makes them feel horrible inside, and hardens them against customers, which is exactly what we don’t want to have happen. If you wouldn’t treat your neighbor that way, you shouldn’t treat an employee of a company you’re doing business that way.

And if that means that you can’t manage to get your way, even with as much persistence, patience, and compassion for the people you speak to as you can bear, then it’s time to reconsider what you’re doing. It’s not worth making someone go home and feel horrible for the rest of the day just so that you can get your way. If the company is truly so horrible that you feel you need to scream at them to get what you want, then it’s not worth doing business with them. If it still is worth it to you to continue doing business with them, then you need to be calm and reasonable. In the case of LL, maybe it’s time to email Philip Linden. I’ve done it, and I even got a personal response.

January 8, 2007

Linden Lab Open Sources SL Client

Filed under: Miscellaneous — lex @ 3:44 pm

So, LL has gone and given away (some of) the goods: they’ve open-sourced the SL client. This is going to lead to a lot of interesting things, like largely obseleting the current modus operandi of LibSL and opening the door for lots of fun things like end-user security audits, resident-contributed features, and resident-released clients.

This just underlines the need for a trust metric in Second Life. If someone decides to release a client, I need to know that I can trust them. How do I know their client won’t steal my password and tell it to them so that they can run in and wipe my account of Lindens? How do I know their code won’t make a mess out of my computer? How do I know their code won’t inadvertently make me do something that LL’s servers consider griefing? What if their code stole all of my content and sent a copy to them?

Of course, any client that’s developed and released by a third party, due to LL’s licensing, must be open-sourced itself. However, that’s not necessarily enough to make it Safe. That code would still need to be vetted by the community to ensure that there aren’t any hidden trojans that do nasty things when you run the client. I don’t know about you, but I don’t have either the time or the energy to vette a third-party SL client’s code before I run it. I know other people are like me in that respect, and that means that a malicious programmer could release a trojan SL client and do some damage before the community caught on.

So, for now I won’t be running any client that’s not released by Linden Lab, because I have no way of knowing if I can trust the person releasing it. If we had a system like the Reputation System I proposed previously, then it would be much easier for me to make a quick and yet confident decision about whether to trust a client written by a third party. I simply need to check their Reputation Score, and think about how badly they would be affected if their reputation were tarnished. In the case of a big name in SL, someone who’s been around in the community for a long time, it’s pretty likely that they wouldn’t risk ruining their reputation by releasing malicious code in the form of a trojan SL client, because they would, essentially, lose the use of their entire SL identity in the process.

December 27, 2006

Reputation in Second Life

Filed under: Reputation — lex @ 10:31 pm

In this article, I’m going to hash out my idea for a Reputation system in Second Life. This, I believe, is a feasible, workable solution to the griefer problem currently plaguing Second Life and many other online gathering places. This article’s going to be long, so bear with me. My underlying idea is fairly simple, but it’s going to take a fair amount of text to really get it across and nip potential detracting arguments in the bud.

It’s worth reading, though. If I’m right, you can use this article as a blueprint to design and build a Reputation system that could make SL a much better place to live. It might even make you rich. All I want to do is get this idea out of my head and into yours, so that I can have the benefit of its ultimate implementation (or find out why it’s doomed to failure). So sit back, grab a beverage, and dig in.


Whoa, a blog.

Filed under: Miscellaneous,Reputation — lex @ 5:38 pm

This, it turns out, is the first blog I’ve ever set up solely for myself. There’s the Suffugium Blog, and then there’s the blog I set up for my grandfather, but I’ve never had one for myself, unless you count a livejournal.

I started this blog for one reason: to write up a fairly long essay I’ve been tossing around in my brain and in my paper journal. It’s going to deal with the huge problems Second Life (and by analogy all internet gathering places) is dealing with regarding jerks: people who just don’t know how to get along with others, or who actively try to piss everyone off.

I’m going to present a pretty good solution to the problem of griefers in Second Life. A lot of people have presented a lot of solutions, and most of them are unworkable for various reasons. Mine’s different: it actually stands a good chance of working, and it clearly and neatly answers every objection I can think of that normally kills ideas of this sort in their infancy.

So stay tuned. I’ll be posting soon, once I get the whole thing composed in a clear, concise manner that presents the idea well. It may take me awhile, because my wrists ache if I type too much.

Powered by WordPress