The most recent Emerald related debacle is that of a DoS (Denial Of Service) attack upon a blog website maintained by someone who is creating a viewer with copybot capabilities. The attack was caused by one of the Modular Systems developers throwing some code into the Emerald login screen that, when a user logged in with Emerald, sent a barrage of image requests to Hazim Gozov’s website, quickly causing their website to grind to a halt. Regardless of the recipient of the DoS attack, this is illegal, pretty much everywhere except Russia.
Despite what the Modularsystems blog says, the incident fits the description of a DoS attack. (See this Wikipedia article for further info)
“A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a computer resource unavailable to its intended users”
“One common method of attack involves saturating the target (victim) machine with external communications requests, such that it cannot respond to legitimate traffic, or responds so slowly as to be rendered effectively unavailable. In general terms, DoS attacks are implemented by either forcing the targeted computer(s) to reset, or consuming its resources so that it can no longer provide its intended service or obstructing the communication media between the intended users and the victim so that they can no longer communicate adequately.”
Source: Wikipedia
Now, the Modular Systems blog has swiftly swooped down with a blanket statement that denies everything and explains nothing – which is normal standards for them now. It’s all damage control, and while it’s easy enough for the average joe to swallow – most people aren’t fooled.
Two weeks ago, amid an atmosphere of pride and boasting about Emerald traffic, a silly idea was hatched.
This idea was to target a blog owned by a creator of a malicious viewer, and boast of the traffic Emerald has captured. The method for doing this was to add links to the Emerald log in page linked to said blog. Each time anyone logged in, our page loaded up and also the other page loaded up – simply to show off our volume of traffic.
This was not a DDoS. This was a poor attempt at boasting that failed miserably. Once we discovered this, these links were deleted and the dev concerned was disciplined.
The entire Emerald Team offers it’s sincere apologies for concern, panic, worry, mistrust and disappointment felt by our users because of this. I can most strongly assure you that this will not happen again.
Sincerely,
The Emerald Dev Team
Source: Modular Systems Blog
This, is complete bull. There would be easier and less invasive ways of boasting traffic, and why on earth would they want to boast to some unknown, who makes copybot viewers? It doesn’t make any sense at all. Now, the statement that it was not a DDoS attack is technically true – they weren’t using a distributed method of attack, but it *was* a DoS attack. The whole message doesn’t even make sense! If you were gonna boast about stats, it would take a matter of minutes to whack a big old graph up on their website.
“A DoS attack can be perpetrated in a number of ways. The five basic types of attack are:
- Consumption of computational resources, such as bandwidth, disk space, or processor time.
- Disruption of configuration information, such as routing information.
- Disruption of state information, such as unsolicited resetting of TCP sessions.
- Disruption of physical network components.
- Obstructing the communication media between the intended users and the victim so that they can no longer communicate adequately.
Source: Wikipedia
As you can see from these descriptions, it would be classified as a DoS, as the iframe use on the login screen requested a number of images everyt time someone logged in using Emerald. Times this by the amount of user logging into SL, and you have a LOT of requests being sent to the server, consuming resources, and obstructing users from accessing the site at all.
They used every user who logged in using Emerald during the time frame, as tools in (what to me) is an obvious e-peen competition, against the guy who exposed their use of stealth code within the emkdu.dll, and leaked the data mining info.
I mean, this is a HUGE case of the pot calling the kettle black here, a fair few of the Emerald dev team worked on copybot viewers before deciding to go ‘legit’. I honestly don’t use or contemplate using Emerald now; after the data mining fiasco, I just felt that I couldn’t trust Modular Systems to keep its young developers in check. It seems I was right.
If Modular Systems want to think of themselves as a developer company, providing a service – they need to smarten the hell up, pronto. No self respecting business or venture would even dream of fucking around for hi-jinx. It doesn’t matter how malicious another person is, two wrongs just don’t make a right – there’s no reason for them to have even acknowledged Hazim Gazov at all. Two wrongs do *not* make a right.
Y DO U HAET EMARALD CYLIC GEAREZ???!?!? R U JELOUS?!
You are making the delicious words, I must eat them!
> It doesn’t make any sense at all. Now, the statement that it was not a DDoS attack is technically true – they weren’t using a distributed method of attack, but it *was* a DoS attack.
That is false. The method was distributed: the users who ran Emerald were carrying out the attack.
Well, usually it would be some webservers inta DDoS instance, compromised by the attackers – *technically* it isn’t a DDoS attack, in essence it was, if that makes sense at all. At least that’s how it was explained to me.
You are right, technically it wasn’t a DDoS by some standards but considering the attacking machines had no idea they were doing it – (similar to malware, zombies, etc some typical DDoS type scenarios) I’d classify it as a full DDoS. That’s just me, though.