Comments on: New express exploit reporting feature and L$ bounty

By: Official Linden Blog » Blog Archive Update: Exploit bounty rules and stuff «

Mon, 09 Apr 2007 17:49:36 +0000

[...] Thursday, August 17th, 2006 at 10:11 AM PDT by: Brent Linden I’ve updated both my original post and my follow up post with new information, bounty collection rule clarifications and some more [...]

By: biglietti

biglietti — Fri, 16 Feb 2007 11:28:49 +0000

luogo fine, sapete..

By: Trusted Worlds » Bug Bounties in Second Life

Trusted Worlds » Bug Bounties in Second Life — Mon, 23 Oct 2006 16:39:37 +0000

[...] Companies paying bounties for bugs and particularly security exploits is not particularly new, there are even business models for standalone companies built around the idea. But I still found this Second Life blog post interesting, and certainly topical. Linden recently closed out a limited time offer of $10k per exploit. [...]

By: Seraphim Vixen

Seraphim Vixen — Sat, 14 Oct 2006 17:26:10 +0000

actually even with the inconvience of not being on temporarily i’m glad u all r checking into these things as i myself am a creator and would not want such things to happen to my things so i applaud all of u in sl working so hard to protect all of us

By: Official Linden Blog » Blog Archive Grid temporarily closed to investigate permissions exploit «

Sat, 14 Oct 2006 14:05:54 +0000

[...] [7:00 AM PDT] I’m still here, still reading comments. I wanted to communicate that: (1) if we could have broadcast a warning and given more time to prepare to log off, we would have, because we reserve grid closures for the most serious issues; (2) there’s no evidence this is a deliberate “grid attack”, but an exploit; and (3) I was woken out of bed to get on this, as were several other Lindens, so it must be important. [...]

By: Zen Zeddmore

Zen Zeddmore — Tue, 12 Sep 2006 02:50:00 +0000

* The bug can be used to steal or create Linden Dollars (L$).
3. You must not use the exploit for personal gain.

Could you please suggest appropriate protocal to legally and unoffensily comply with BOTH of the above?

By: slothbear

slothbear — Fri, 18 Aug 2006 00:42:10 +0000

Using the “secondlife�? tag on a post in the Second Life Blog is kind of extra. It tends to obscure the Tag Cloud (where secondlife is currently the biggest tag).

By: SuezanneC Baskerville

SuezanneC Baskerville — Thu, 17 Aug 2006 22:55:26 +0000

I suppose the restrictions mean I should not file an exploit report for every occurrence of gray textures with white outlines. Darn.

By: Brent Linden

Brent Linden — Thu, 17 Aug 2006 17:15:44 +0000

When I mentioned possibly blocking the reports sent by those without payment information, I merely meant that we could block on that because this instant exploit reporting feature could be abused. After thinking more about it, a resident age limit does seem like the way to go. I will discuss it with development and see what can be done. Please note that any restriction placed will not affect your ability to report regular bugs. It merely won’t allow you to report bugs with the “Exploit” feature (or, if it does, it won’t flag them to be emailed to my phone at 3 am
Check out my update on how the new feature is working and some of the changes we’re making. Watch for further up-to-the-minute information in this blog!

By: Chase Cournoyer

Chase Cournoyer — Thu, 17 Aug 2006 04:57:52 +0000

Excellent. Never seen a more dedicated Linden :P. Just wondering how many people will ACTUALLY use this after the bounty is over :O