Bringing you the best of Second Life since 2008.

A Little More Emerald Drama

I have another pretty picture post coming soon as I hate to leave these text messages at the top of my blog, BUT I really felt I needed to pass along this extra info on Emerald.

I deleted the Emerald viewer last week amidst all the hubbub. Recently a techie friend of mine (edit: who fends of Denial off  Service Attacks on a seemingly weekly basis)  and no longer logs into SL but had Emerald on his system, warned me to be sure and delete the support files as well as the program. I did a search for "Emerald" and found a folder full of textures and such that was not uninstalled with the program.

Now these files were texture folders (edit: there were however files besides textures). Trying to send the whole Emerald folder to the recycle bin didn't work. I repeatedly got the "file in use" message. I then systematically started deleting subfolder one by one with good success but for two folders. I think they were "7" and "0". I still kept getting the "in use" message.

I had no open programs and I couldn't see why any programs running in the background -- or any program I currently had for that matter -- would be accessing Emerald files. This didn't make me very happy, especially since one of the Emerald team mentioned that the trojan was hidden in a texture file (edit: possibly WITHIN the texture file folders). Another of the team (no longer with the team) mentioned that there could easily be others that hadn't been found.

I rebooted my machine and immediately deleted the folders, then dumped my recycle bin. I do not know if one of the "in use" files was the trojan that caused the recent exodus from Emerald. When I was Goggling on this topic though, I came across the article from a few months ago when the Avast antivirus system (which I use) was reporting a trojan in the current viewer. Could it have been that Avast was right all along and the "fix" was to hide the trojan better?

An interesting thought.

I was also advised to change my password. This would be especially important if you  A. actually have money in your SL account *wink* or B. use the same password for other sites. I do neither but will change have changed it anyway.

I still wish the remaining team well, but I am afraid the battle to gain back trust is a very uphill one.

Comments

Woody said…
lol, a Trojaner in a Texture rofl, this is a Hoax. It was a Iframe without Textures^^. No Panik^^
TrinityBelle said…
I saw your post and decided to do a search for emerald related stuff. I didn't have any issue deleting what I came across. But I was surprised at what was still there...a folder with 27000 items - almost 900 MB!
Chic Aeon said…
Trinity my files were in the 2,356,678 range. A LOT. It took forever to get rid of. Glad you had no issues deleting.

And Kya what you say may be true, but there is so much floating around the web these days. This comment about the trojan being in a texture file came from Jessica Lyon of Emerald support on the Paisley Bebe show last week. So I am considering that a good source. I may have misunderstood however. I am not watching it all over again to find out :D. So if someone official wants to clue us in that would be great.

Thanks for your comments.
Jaxie Oceanlane said…
Thanks for this info Chic!
Thanks for the info and advice Chic!
Chic Aeon said…
Here is a bit of info direct from Linden Labs about the "texture" part of the equation:

The published privacy policy for the Emerald viewer does not disclose what user information the viewer collects. When it came to our attention that the Emerald viewer was collecting the installation path without stripping any user account names present in the path, and storing it in textures produced by the viewer’s graphics library wrapper, we asked that this code be altered to omit full directory paths. After assurances from Emerald developers (Lonely Bluebird) that the code would be altered, we were disappointed to learn that instead of stopping the practice of adding data to textures, the Emerald viewer code encrypted the data in order to obfuscate the data collection practices.

Here is the full post from Emerald:

http://blog.modularsystems.sl/2010/09/01/the-end/

Popular Posts