Reply to comment

When I wrote L&L In Trouble; Same Old Situation, I didn't have as much information as I would have liked to and I speculated that the Linden Lab's hidden Risk API rule was invoked somehow. That was incorrect, as Lindsay Druart commented yesterday.

The banking software itself had been cracked. The affected banks we know of are:

• L&L Bank and Trust
• SL Investor's Bank (Tyrian Camillo, no losses)
• Giovinazzo Choice Investments (Barton Giovinazzo)
• Whitfield Holdings/Royal Invest (Cristopher Whitfield)
• SL Business Bank (Anre Heron)

The Latest Second Life Banking Crisis (Aldon Huffhines) writes:

...Yet I remain optimistic about the capital markets in Second Life. People have pointed out that it is like the Wild West. There is plenty of fraud, stealing, and anything else you can think of. Yet like the Wild West, there are opportunities for the wise player...

Fair enough, but carry a gun and don't cry if you get shot. The 3.2 million Lindens looks like this in $US: $11,552.35. It is hard to balance a loss like that against opportunities, especially in this instance where it was bank software that was cracked. How many people out there can research bank software enough to justify an investment?

VirtualSecond writes:

...While LNLBT is currently under a lot of flak at various blogs and in economic forums, I think this may be the price they pay for stepping into the open and warning everyone about what is going on. Security through obscurity has proven to never work in Real Life, why would it work in Second Life? So, for their transparency, I once again applaud the LNLBT team, even if such transparency may not help me recover my account balance.

I’m not panicking, and neither should you. We all know what happened when Ginko went down, and recently Midas Bank bit the dust. A massive bank run only makes the situation worse for everyone...

That is pretty even-handed. I agree with it, to a point - I'm not sure where that point is, though.

Tyrian Camillo, of course, alleges that I alleged he was responsible - but given that he gave the warning to L&L Bank trust, it did look a little peculiar at the time. That he somehow managed to avoid losses is interesting. What made SLIB so special? What did they do differently? Serious questions that other banks probably should be looking into. And as far as Tyrian's comments about me, well - we don't like each other. That isn't a secret. However, he doesn't actually respond to what it was that made his bank so special that it took no losses. Maybe he doesn't know. Either way, he does seem to stand out in the crowd. Maybe its all those ads.

All in all, this does get back to the standardization of banking software in Second Life. It would appear that the affected banks may have been using the same software, and it also seems that the security hole was actually on the server end - where brute force attacks on the web were used. It is very difficult to say exactly how all of this was done, but one thing is certain: Some people need to harden their servers as well as start holding the banking software to standards of security.

As more comes to light, this topic will be revisited.