Posted in Emerald, Phoenix / Firestorm, Privacy & identity, Second Life, Viewers

Emerald Viewer to be Blocked From Second Life

Just posted on the Second Life blog:

As of 10am PT Wednesday, September 8, the Emerald Viewer will be blocked from logging in to Second Life as a result of violations of our Policy on Third Party Viewers. Residents who have been using any version of the Emerald Viewer will need to use a different Viewer to access Second Life. You can download the official Second Life Viewer, developed by Linden Lab, here. Or you can learn more about alternative Viewers, developed by third parties, here. There are several new Viewers listed in the TPV Directory, so there are many alternatives available to you.

We take Residents’ privacy, safety, and security very seriously and will take action to enforce the policies that help protect it. As our CEO, Philip Rosedale, has blogged about, we recently removed the Emerald Viewer from our Third-Party Viewer Directory due to violations of our Policy on Third-Party Viewers.

Since then, we have been in communication with the Emerald development team and have requested several changes in order to remedy violations of our policy, including changes necessary to meet our privacy requirements, and to address GPL license violations. Unfortunately, the team was unable to comply within a stipulated time frame. As a result, we have decided to block logins from the Emerald Viewer in order to protect our Residents. All versions of the Emerald Viewer will be blocked from logging in to Second Life as of tomorrow at 10am. Please be aware that attempting to circumvent our blocking to access Second Life with a banned Viewer is a violation of the Policy on Third-Party Viewers and may result in the loss of one’s account.

[Source: Second Life Blog]

Well, this isn’t a huge surprise. And given the number of people I see still running Emerald, it’s probably for the best. Yes, some will moan but I think LL have little alternative but to do this.
And now that Phoenix (Emerald without the bad stuff) is available then I don’t see what the big issue is.

Posted in Emerald, Imprudence, Second Life, Viewers

Emerald, Emergence, Phoenix – confused? You’re not alone!

I was talking to a friend in Second Life today who was really scratching her head over what viewer was what and what the hell was going on. So this is just a short post for her and anyone else who might benefit.

  • Emerald – well, I think everyone knows about Emerald. And those that are still running it are simply ignorant or don’t care.
  • Emergence – this is a sanitised Emerald (ie. Emerald with the bad stuff taken out) that was done by LordGregGreg. Don’t get too attached to it because he has said he is not going to develop it further. So there will be no updates. This is partly because he is now on the development team of…
  • Phoenix – this is another sanitised Emerald and is being actively developed by some of the ex-Emerald team. They are following good software practises as detailed in this post of mine, so I have very high hopes that this is going to be a goodie.
  • Imprudence – this has nothing to do with Emerald and is a completely different Viewer. It is also following good software practises. I wrote a short review on it here

There are other Viewers out there too – Cool Viewer and Kirsten’s Viewer, for example. However I don’t have enough experience of them to comment.

Posted in Emerald, Privacy & identity, Second Life, Viewers

The Phoenix Arises – Emerald by a different name

Well, it seems Jessica Lyons doesn’t hang around and has assembled a team to take over where Emerald left off. And amongst that team is LordGregGreg.

According to her blog entry [here], Phoenix is starting out as a sanitised Emerald, like LordGregGreg’s Emergence Viewer, and will be developed from there.

In keeping with my recent post [here] on how an Open Source Project should be run, they’re running a publicly-viewable repository and full transparency.

This is very encouraging news indeed.

Posted in Emerald, Opinion, Second Life, Viewers

Emerald – so what went wrong?

[Disclaimer: This blog entry is personal opinion based on a personal understanding of current events. Should you feel any facts are materially wrong then please contact me, citing sources, and I will be happy to make corrections or retractions as appropriate]

I try to keep my RL separate from my SL, but I guess it’s not giving too much away to say that I work in the IT Industry and have direct experience with software development. So the self-destruction of Emerald has been very interesting for me.

So, where did it all go wrong? I think to answer that you need to look at how a proper Open Source Project is run.

Generally you have a version control system which is able to be read (but not written to) by anyone who cares to do so. Obviously members of the development team can write as well.

This open access ensures transparency, because anyone with the technical ability can examine and review the source code to make sure there is nothing nefarious in it. They are also able to download the entire codebase and compile their own version of the application rather than trusting that the pre-built binaries available for download were actually made from the source code.
Furthermore, the version control system has an audit trail of every check-in, showing what changes were made, by whom, and when. This makes it more difficult to introduce malicious code although there are ways round it, of course. However, even if the developer subverts the process to avoid the audit trail (if they have direct access to the actual files on the server hosting the repository), the code is still available for inspection and anyone can compare a previous snapshot of the code with the current one using an automated difference tool. So there is still transparency.

The trouble with Emerald is that the version control system was not open and there was no transparency. Yes, the source code was published periodically but in a snapshot form. You were expected to trust that this source code was the real deal and not some sanitised version. And that trust was betrayed.

Because there was no transparency, certain members of the Emerald team were able to inject undesirable code (which is well documented elsewhere so I won’t bother going into it here).

Worse still, Emerald also used some Closed Source software which meant that only the developer(s) of that code knew what was in it and the members of the Emerald team were expected to trust that it was non-malicious. Again, that trust was betrayed.

It also appears to me that the team weren’t really following good Software Engineering process. This isn’t too surprising as, as far as I understand, they were all programming for fun and were all fairly young. So there were few controls in place to audit what was going on. I genuinely believe that the more respectable members of the team (and I’ll leave it for you to decide who they are) didn’t know what was being put in by the less respectable members. This is why we have processes, checks and safeguards in professional Software Development and I simply don’t think they were in place for Emerald.

And I’m not even going to comment on the clash of personalities, egos, hidden agenda and motivations of the actual developers of Emerald. That’s not something I want to explore as this piece is really more about the technical side of things.

In many ways, the Emerald project was a nuclear reactor being run without control rods or safety systems, and it went critical and suffered a meltdown.

So, where does this leave Third Party Viewer Development? Are we doomed to use Linden Lab’s awful Viewer 2.0? The short answer is no!
Emerald was not the only Third Party Viewer and some of the others are being run properly. Imprudence, for example, is fully transparent and Open Source. They are by no means the only one, of course, but it’s the one that springs most readily to mind.

Finally, I just want to say that this blog entry may seem very negative about Emerald. However, I don’t mean it to be because I do genuinely believe that Emerald was truly innovative and really moved the Second Life Viewer game onwards. The developers added some very good features (the nefarious ones notwithstanding) and they should be praised for it; they’re clearly very talented. However, as I’ve said, I think the project was very badly run and was very open to abuse. And that abuse was made.

Posted in Emerald, Privacy & identity, Second Life, Viewers

Farewell to Emerald

[Originally posted 01-Sep-2010 here]

As you know, there has been a lot of worry and concern over Emerald with regards to privacy issues, data mining and illegal activities.

Linden Lab have removed Emerald from their Third Party Viewers list and advised everyone to use other Viewers.

As of today the developers of Emerald have folded the project due to mutiny, disagreement, and Linden Lab demanding that certain developers be removed which they were unwilling to do.

I’m sad to see Emerald go as, for all it’s warts and dodginess, it was a very good Viewer and was very innovative.
It’s just a shame that it was ruined by a bunch of immature Script Kiddies who couldn’t resist messing it all up for everyone.

I’m sure the hard work will be back-ported into other Viewers. LordGregGreg has a version of the full source code for Emerald that he has released as “Emergence” although has stated he will not be actively developing it.

Meanwhile Jessica Lyon has resigned from Emerald and has set up a blog to discuss her side of things –

Posted in Imprudence, Second Life, Viewers

Imprudence – a review

[Originally posted 26-Aug-2010 here]

Well, I’ve been using Imprudence for a few days now.

I’m pretty impressed. It has a lot of Emerald’s features, and some are better resolved – I like the fact the client-side radar is much smaller and hung off the bottom of the mini-map. Although I’d like to be able to increase its size without increasing the size of the mini-map (ie. stretch it vertically)

It’s lacking Emerald’s hacky multiple attach points – the Imprudence developers are planning on back-porting proper multiple attach support from Viewer 2.0 and state that they are not interested in hacks and dodgy code. I rather like that attitude.

It’s also lacking Emerald’s spell checker and command-line mode (so you can’t type “dd 256” to set your draw distance to 256m). This means that the quick-rezz gesture that many of us use doesn’t work. However Imprudence appears to have a quick-rezz built in (I’m basing that on the fact there is a checkbox to turn it off in the Advanced settings).

Like Emerald, it is possible to hide your LookAt and PointAt beacons. However, unlike Emerald it is not presented in a nice friendly setup page. To, say, make LookAt private you need to go to
Advanced -> Character -> Private LookAt

Likewise it supports Emerald’s famous “Breast Physics” but the settings are all hidden away in the Debug menu rather than being in a nice friendly setup page.

Imprudence also support the new tattoo and alpha layers from Viewer 2.0 and I think that will interest a lot of people.
Emerald v1.23.5.1636 (the last version I used) didn’t have this, although I’m told the very latest Emerald does.

One feature I do like in Imprudence that I haven’t seen in other Viewers is the title bar of the Communicate window shows how many unread IMs you have. This is very, very useful when you get IM hell and the tabs go off the end of the window. No more missing an IM because the tab that is flashing is off the screen.

In summary:

Imprudence is a little rough round the edges, being only a Release Candidate rather than a full stable release, and did crash on me several times when changing settings. However, I think it has a lot of potential and I felt instantly at home with it. I would certainly recommend it to Emerald refugees like myself.

I wrote the following in response to an nice email from someone and thought I would share…

“It’s true that Imprudence isn’t as friendly as Emerald – there are less whizzy menus and stuff is hidden away in menus more. However the Imprudence team do seem to be better on documentation and they have a FAQ on their Wiki that tells Emerald users where stuff is. You’ll find Imprudence has more features than you think.”

Posted in Emerald, Opinion, Privacy & identity, Second Life, Viewers

Emerald and alternatives

[Originally posted 26-Aug-2010 here]

Oh dear. Just when we thought Emerald was ok, it turns out that it (or possibly just one developer) had nefarious intentions after all.

I love Emerald and it has some fantastic features, but this is very concerning. I think that it’s laudable that the remaining members of the Emerald team are making very positive noises about restoring confidence in the viewer, but I think perhaps it is time to investigate other viewers. Not least because of questions on whether Fractured Crystal was working alone or in collusion with developers who are still on the Emerald team.

Talk on the blogs and stuff is that the Imprudence Viewer is worth a look as it has a lot of the features Emerald has, including a client-side radar, RLVa, temporary texture uploads, Disable Login/Logout/Teleport Screens, See object’s Last (previous) Owner, IM autoresponder, and Breast Physics. Yes, we all claim that Breast Physics is no big deal but we all know it is. LOL.

So I’m going to have a play with it tonight. Imprudence, I mean. Not my breasts.

Have fun