Wtf Shadow and LoL

So, http://leagueoflegends.comis a pretty fun game.

I like shadow more than ninjas though…

So I modded the game so you can use him instead.

http://leaguecraft.com/skins/3691-shen-as-shadow-the-hedgehog-v2-1-sounds-particle.xhtml

Phoenix Malware Stinks

So, apparently way back in the day “Phoenix.exe” was the name of some malware program. This isn’t even interesting, I am sure you will find malware with nearly every english name in existance these days.

However, some anti-virus programs are completely full of —-. We have norton and trend micro who feel like it is cool to block programs from downloading just because “not allot of our users have this file”, and whats worse, we have some programs blocking phoenix just because it used to be a name of malware back in the day!

So.. the easy work around is just to ask users to rename Phoenix.exe to something else, (because asking them to burn their antivirus program with fire makes you look evil), however.. apparently the people with this overzealous type of antivirus.. are not the easiest people to support.

Therefore, the forces beyond my control have decided that it is best to let stupidity guide us, and have chosen that Phoenix.exe will now be renamed to PhoenixViewer.exe for all future installations. All Shortcuts made by the installer will be updated and life goes on.

This leaves one slight issue though. Some people have a single directory for phoenix, and do all their updates to the same folder. Some have custom shortcuts to help them automatically use a certain setting file, or certain account names, or even batch files to help them run phoenix in a portable mode.
This new name change would break these modifications, as they would be linking to the (old) phoenix.exe name, instead of the new phoenixviewer.exe.

One solution would be to make the installer delete the old Phoenix.exe file, forcing these scripts and shortcuts to error, so the creator can look, see whats wrong, and update to the new name.
In my opinion, a better solution is to have a small program (named Phoenix.exe) be installed as well. All old shortcuts link to it, and it’s job is to simply redirect all information to the new PhoenixViewer.exe, therefore no one notices anything, and life goes on with sunshine and double rainbows. Source code to this program -> here.

Unfortunately, I am a very bad programmer… and this really needs to be tested too.

Emergence Notice

As I had hoped, a group of emerald developers and supporters broke away to finally do the job right, and if you have not heard of them before, I am very proud to be able to introduce you. They are the Phoenix team.
They have recompiled all the binaries in order to confidently assure no hidden surprises or hidden code from the emerald project make it into theirs.

The developers of this project are Jessica Lyon, Techwolf Lupindo, Tonya Souther, Vortex Saito, Hell Firanelli, Dakun Flux, Kadah Coba, Kitty Barnett, Liny Odell, Mobius Ryba, Wickman Gibbs, and Arrehn Oberlander.

Now, each one of them has the ability to potentially mess everything up, however they have shown me that they are genuine people who will consider your privacy and safety above anything else. Additionally they have provided their real life details to linden lab and are listed on the third party viewer directory.

The Phoenix team is made up of talented developers who wish to listen to you and create the viewer that emerald was meant to be, and an equally talented support team who can really make this viewer greater than I would ever be able to do on my own with emergence. Phoenix will be maintained and supported much more than emergence, and will be able to produce safe binaries made for all operating systems.

For the most part, the emergence project is suspended, it has fulfilled what it was designed to accomplish, and it is now advised to move on and download the Phoenix viewer Here. Macintosh, Linux, and Windows are all supported, and it has all of the emergence features.
Additionally, as the phoenix project was near its first release, I was invited in to help out, and I look forward to working with this team, their dedication to getting a clean build out despite all of the stress as admirable, and I really appreciate their ability to provide an alternative where I was not.

It is very difficult for me to make this post… despite how everything in this team has shown good signs.. It is hard for me to trust anyone fully. I am not forcing people to leave emergence, if you do not wish to use Phoenix for any reason, emergence will remain open for download, and periodically have necessary updates. Although I am focused on phoenix, I also have plans to assist around 5 different open source viewer projects, to help ensure the greatest good for the greatest number.

For allot of you, this will probably be the last time you hear from me directly. I wanted to personally thank you for your support.

I hope you understand

-Greg

Jessica Lyon

http://jessicalyons.wordpress.com/
And I thought what I did was difficult…
will post more later.

Past, Present, Future

  • Past:

I made a thorough post concerning lots of emerald related issues recently, however I feel i need to clue people in on the conclusions I have made based off it, and let you decide whether they are logical.
The recent discoveries have made it very clear to me that certain people find it ok to hide code behind both the developer’s, and the user’s back. Considering the circumstances and evidence that I have already provided, it is apparent that the binaries coming out of emerald can not be trusted regardless of the security methods used to check it. Packet sniffing would not have detected this, as it was encoded inside a normal clothing image already sent to the linden servers. Anti-virus software did not detect this because installed programs are allowed to access a wide range of files (including your saved password file) without any cause for alarm (as most programs use that ability legitimately, and restricting it would cripple nearly every program). Despite this, by some stoke of luck the hidden code in emkdu was discovered after months of it existing; however, considering how long this took to find, it is illogical to assume that other hidden code does not exist or should have been discovered by now. Which also means that simply removing emkdu is not an action that would give you a safe viewer (I apologize if my posts before appeared to be a solution). Code similar and far more malicious could and may be embedded in any binary with an even more cryptic way to hide it, and without going into crazy conspiracy nonsense, it is clear that having an untrusted binary running on your computer is absolutely unacceptable. A new tpv policy will be in place banning encrypted binaries in an attempt to help protect the users, however this is not adequate protection either considering how *hiding* the code had a far greater effect than *encrypting* it. (Hiding this code kept it from exposure for months, encrypting it kept it for weeks)
Also, concerning the latest modsys announcements, it appears to only be a PR stunt, the people involved still are.

  • Present:

Despite being sick of dealing with all of this, I have witnessed too many of my friends in a position where they are hurt. They either loose the features in emerald, or they have their computer placed at risk.
I have decided to do what I can to help, and have created my own private project, the “Emergence Viewer” which is simply a clone of the latest emerald source code I had, compiled and produced in a way where all binaries are either provided from a well known trusted source (such as linden lab or openjpeg), or myself. http://code.google.com/p/emergence-viewer/ Because of limited resources available, I will only be able to provide a windows binary. If you learn anything from this whole experience (I have learned numerous), do not ever trust binaries that you do not fully trust the source of! If you do not know me or have a good reason to trust me, do not use this binary! However, since I am the only developer on this project, I can fully promise that emergence will be entirely free of any malware or hidden code of any kind to the very best of my ability. I am happy to be fully responsible for everything in it directly, though I do not take the credit for it, as most of the code is from other generous developers who have given freely of themselves.
I do not plan on updating or making changes to this viewer unless absolutely necessary, this is a last minute salvage operation, nothing more.

  • Future:

I have had my trust broken by too many people who I honestly felt never would, it will take time for me to come to terms and process all of that in a way I can use it, and unfortunately some people who have always been there for me will have to wait for me to understand all of this. More importantly, I try to make it a rule to not make the same mistake twice, which is part of why I really have no plans on further developing emergence or any other third party viewer. I have however, had a great opportunity opened to me, and I plan to spend my time working with the people of Virtual Ability http://virtualability.org , as I really feel that this is a way I can do the greatest good for the greatest number. (It is actually really exciting, they have done some amazing things already (got a linden prize o.o), have been around and stable for a while, and get this. I asked a bunch of people to try and find as much crap/drama/dirt on these people as they could (everyone is evil at least a little bit right?), the contrast to what I was in before is staggering, I even ran into a second hand report (saying they actually do what they say!) It looks like I will be able to continue working on open-source viewer development for second life, just focused in a way make it more accessible to people who really need it. I hope it goes well, if anyone has any information (a first hand story would be epic) please IM me.)

Also, thank you so much to the people who have offered me any sort of support. I felt betrayed and abandoned and your help has really made a difference to me.

(edit: due to current events, I will be either updating emergence, or providing links via the login for a different viewer for people to switch to)

Hall Of Fame XD

Windows Instructions to not use emkdu

1.) Navigate to your Emerald installation directory
Normally “C:\Program Files (x86)\Emerald Viewer” or “C:\Program Files\Emerald Viewer”
2.) Look inside for the file name emkdu or emkdu.dll
3.) Delete it while Emerald is closed
4.) Optionally copy in llkdu from one of Linden Lab’s viewers

I will be making a simple installer to do this automatically for you soon.