Saturday, March 12, 2011

Redzone more then just Alts

Reported by Cummere Mayo
It should be noted the fine folks at SLU and Alphaville Herald did most of the work, speculation, and collaberation of evidence.

So as anyone following the main SLU thread about Redzone knows... its not just about identifying ALTs.

As the leak to the Alphaville Herald shows conclusively and irrefutably Zfire was not only keeping tables of his customer's failed log in attempts on his website in the hopes of getting lucky and getting their SL passwords, but he was also monitoring people through his Zf Animator tool as well.

Furthermore, he used to host the Knights of Mars site directly from the same server as the (Not to be confused with the old site which coincidently used to ALSO host a mirror of the KoM site). The site brags about its ability to get avatars permabanned from Second Life.

What this is looking like is massive computer account fraud, theft, and security breaches the likes of which SL has never seen before. It is something as a cop I have never seen before.

Here is what we know:

Zfire is monitoring his customer's failed attempts to log into his site and keeping them on a table.
He (or else on the very slim chance he is NOT Mike, his partner in crime), shared this information with someone named Mariana about a year ago via a private Youtube video that recently got linked. We know through facial comparisons with other videos that the person in that video is named Mike, very likely Mike Prime the co-ceo of Insanity Productions, and very likely is Zfire himself.

He created and hosted the ZF animator which is admittedly one of the best prim animation scriptors around allowing you to animate sculpts, linksets, and tons of other things by communicating with his server which would create a custom script. While it was doing this, his tool would ALSO at minimum send the UUID's of the prims to the server. This means that Zfire could use a script to allow himself to make sculpties using the very UUID of any sculpt map ever run through his system. This isn't copybotting, this is something on its own level of theft.

Now here is where it gets into masive speculation. Zfire or this Mariana could use these scripts then to make objects similar or EXACTLY like what the merchants made and market them, thus leading to believe they were copybotted. Now, since they have the Zf Animator, why wouldn't they trust the Zf Redzone to work equally well? Unless they know how it works, there's no reason at all for the average merchant not to believe it...

So... lets recap... Zfire sells Animator to merchant. Merchant uses it to create item. Zfire (or Mariana) then create identical items as Merchant. Merchant thinks they are copybotted and then runs to buy Zf Redzone...

but wait we are not done...
Merchant owns Redzone and uses the Redzone site to login. Perhaps they use the same password as their SL account and misenter it, or perhaps they use a different one and mistakenly enter their SL password. Either way with very little work Zfire and Mariana have their SL passwords allowing them to steal money, products, whatever, from the merchant (or any other Redzone user that they have acquired a password for.)

Now say someone has a grudge against said merchant, and they go to the Knights of Mars and put a bounty on said Merchant. Zfire, or Mariana already have the password to that account. They can go in and delete the account, OR steal from the account, or use the account to grief others, or just about anything they want till the account is permabanned. And it is doubtful Linden Lab would ever think twice. Nor would they likely listen to "That wasn't me, I swear."
So the merchant then is screwed...

Now I am not saying this happened, I'm saying that there is very strong circumstantual evidence gathered up by the good people of SLU and the Alphaville Herald that this happened.
It is time and past time for LL to bring the FBI into this.


Elba said...

And still the tunbleweed rolls through the JIRA on this.

Anonymous said...

I do not believe any of this. There is evidence to suggest that zFire Xue was a victim of a well-organized Green Zone mob who not only posted fake videos and manipulated photos, but actually employed someone named "Anon" who had perfusely posted all over the internet on how he/she hacked ZFire's website. Neither videos or photos can be considred legitimate, hense no one should really be pointing a finger at zFire Xue. Linking avatar's alternative accounts was unethical. As far as BIG accusations against zFire Xue go - I do not believe there is any common sense of ground for it. Cheers.

PS. ZFire animator is really a great tool. I would really miss all of the updates zFire was doing regularly on it.