'Second Life' fending off denial-of-service attacks

Popular virtual world taken offline twice over the weekend so its publisher could clean up effects of grid attacks.

Daniel Terdiman Former Senior Writer / News
Daniel Terdiman is a senior writer at CNET News covering Twitter, Net culture, and everything in between.
Daniel Terdiman
3 min read
The popular virtual world "Second Life" was shut down twice over the weekend as its publisher, Linden Lab, fended off denial-of-service attacks.

The attacks took the form of someone creating self-replicating objects in the world that began to crash servers and forced San Francisco-based Linden Lab to temporarily close down the entire "Second Life" grid.

This is not the first time "Second Life" has been hit by denial-of-service attacks. Last fall, it was hit with similar assaults. Shortly thereafter Philip Rosedale, the company's CEO, told "Second Life" members that the company planned to turn the responsible parties in to the FBI.

"Second Life" is an open-ended virtual world that allows its users to create, buy and sell nearly any kind of avatars, vehicles, attire and buildings they can imagine. Users can play for free, and Linden Lab makes money through the sale of virtual "land" and subsequent land-maintenance fees.

"Second Life" is not the only virtual world to suffer recent server problems. Over the past month, Blizzard Entertainment's "World of Warcraft" has been dealing with a variety of ongoing server problems that prevented users from getting into the game, kicked some out with no warning and deactivated their accounts due to billing problems. Those issues, however, are not related to any kind of outside attack.

This weekend's attacks took advantage of the fact that any "Second Life" member can create nearly any kind of objects in the virtual world that they like.

"What happened is people create an object that then replicates itself, and then of course, it's like cell division," said Robin Harper, vice president of community development and support. First there's "two and then four, and pretty soon you've got objects sprouting and they go across boundaries and they crash servers."

Harper said that Linden Lab had been able to contain the object replication, and indeed, a check by CNET News.com Monday morning showed that "Second Life" was up and running normally.

Still, she said that the attacks are serious business and that Linden Lab is once again getting federal authorities involved.

"It's certainly a very important issue because it disrupts commerce," said Harper. "It disrupts events. People have weddings planned or a party or something, and it gets in the way. It's (also) costing our customers money, and that's what makes it something we can discuss with the federal authorities, because it's a significant economic disruption."

Ginsu Yoon, Linden Lab's general counsel, said that he expects federal authorities to take action, but isn't sure when that will happen. He said law enforcement action on the previous attacks is forthcoming as well, and that the perpetrators shouldn't take heart in any delay in prosecution.

"People who are thinking that they're off free because there's been grid attacks before and nothing happened--they will be surprised," said Yoon. "It's just a matter of time."

And while Linden Lab won't say who the perpetrators are, citing the ongoing investigation and the company's policy not to give out the names of its customers, it hinted that it knows.

"We have very specific information about the identities of individuals involved in the attacks," Yoon wrote to CNET News.com on Monday in an e-mail originally drafted in January. "There are people who think that bringing down our grid is fun, and that it's not breaking the law. I'd encourage those people to read the federal code" about denial-of-service attacks.