Griefing and the Metaverse
If you’ve been following some of the posts here on Metaversing, you may have noticed a slant towards planning and design issues. This isn’t by accident. Many issues seem innocent or almost trivial, but need to be carefully considered before jumping into an implementation. A well thought-out design can save countless hours of trouble down the road in the systems development life cycle.
Today, I have an easy prediction: the Metaverse is going to be the stuff of legends for hackers, griefers, trolls, vigilantes, security researchers, and spy agencies. If you’re already familiar with the scene at the top of this article, then you know what we’re looking at: an in-world denial of service attack. Do you see it? Is it the guy in the pool with the antlers on his head? No? To explain, let’s go back to design.
One Metaverse might be be pinned to a basic concept such as, “You have a substantial presence in our world.” One way that concept might be implemented is for players to fully occupy a volume of space, and only one avatar or one object can be in any one space at a time. Let’s say that Alice is standing in a room. Bob comes along and tries to walk through Alice. What happens when two avatars try to occupy the same space?
Do you let Bob push Alice out of position? Does Bob teleport past Alice? Is Bob simply blocked by Alice and unable to move forward? Each of these sounds like a potential solution, but they each can result in unique problems. We’ll explore these three cases at a basic level.
This time, let’s imagine that Alice is standing in the middle of a doorway, and directly on the other side of the doorway is a pool. Again, we’re in a Metaverse where avatars have a unique physical presence. Do we let Bob push Alice into the pool? Does Bob teleport into the pool when he (intentionally or not) collides with Alice? Is Bob unable to move past Alice and denied access to the pool beyond?
The most simple design issues can have very large consequences in a virtual environment. (If you are looking for an exercise, imagine how the three potential solutions above would turn out if Bob is trying to traverse a crowded room.)
In the 2D world of Habbo Hotel, each avatar occupies a unique space, and your avatar cannot move through another avatar. You’re blocked. In the picture at the top of this article, you’ll see one character (with a large afro and gray suit) standing in front of the pool’s ladder. That’s an Afro Blocker. What is he doing? Just standing there. He’s also denying everyone access to and from the pool.
You might wonder if this kind of griefing is really possible in a 3D Metaverse? If that Metaverse uses a similar rule to exclude two avatars from sharing the same space, then yes, absolutely.
Let’s turn away from design for a bit, and look at what might happen in the operational phase.
When those Afro Blockers moved on from Habbo Hotel they then went to Second Life. Second Life didn’t fully enforce a unique physical presence for avatars, so their old denial of service trick didn’t work. They had to come up with new attacks.
One such attack, seen above, was to take advantage of particle effects to fill the environment with Marios falling from the sky. Because the effect was tied to their avatar’s appearance, it could even be performed inside of land where the player did not have permission to deploy objects.
The Wikipedia page for Patriotic Nigras seems surprisingly detailed for a griefer group. This may be attributable to academic interest in the group. It may be a good read to learn about some of the disruptive activities they were able to perform in a virtual environment, and the cat-and-mouse game they played with those trying to stop them.
An account from Professor Henry Jenkins at USC describes how a vigilante group of players in Second Life doxed the Patriotic Nigras (doxing is explained at Wikipedia) allegedly with the assistance of Linden employees. The Justice League is said to have operated like a spy agency and created dossiers on other users. They defend their own actions as follows:
…users of Second Life access the grid on the condition that they know that information like this is liable to be collected by automated scripted systems all over the grid and stored in off-world servers, with the blessing of Linden Lab itself.
This specific case to the side, what are your plans to react when griefers invade your Metaverse? Do you have an incident response policy ready, in advance of the situation, or are you going to wing it? Do you have a policy which would allow or deny your employees the ability to provide information to other users who are trying to counter the situation in-world? Do you know which operational controls might apply and how you plan to use them?
Consider this next example:
The Minecraft Wiki on griefing provides a good taxonomy of the methods used for in-world griefing. I’m not going to rehash their list, but it is far more complete than I would have imagined. Even better, they were thoughtful enough to include potential controls (solutions) which can be applied to existing servers to address these situations.
You may be designing a Metaverse right now, or maybe you’ve moved on to implementation. Regardless of what phase you are in, it is very good idea to review known vulnerabilities in these and other virtual environments to see how they might apply in your own Metaverse. Are these things that you can counter in your design, implementation, or operations? You need to be spending time on this now, not after deployment.
This is our introductory article on the topic of Metaverse security. Security is an issue we’re sure to hit again and from different angles. What else should we be thinking about when it comes to the security design?