Insecurity and malware in virtual universes
Morton Swimmer, Dirk Husemann IBM
Virtual universes, which used to be the domain of gamers, have been growing up recently and have started to appeal to
the corporate world. Linden Lab's SecondLife has managed to acquire quite a following amongst corporations wanting to
utilize the platform for education and collaborative, or just marketing purposes. The utility of these platforms lies
in the depth of the interaction as compared with email, IM, wikis or similar tools. The current brood of virtual
universes are still in their infancy, but the evangelists see them as models for a '3D Internet' but admit that we
are about at 1994 compared with the Web. But with any new technology, no matter how utopic, it is fraught with
security issues. Besides the rather mundane breach of security experienced by Linden Labs' wiki in September 2006,
there have been recurring issues with viruses (called Grey Goo), Griefers and invasion of the privacy and security
of the residents that inhabit SecondLife. These problems must be resolved for any virtual universe to succeed as a
business platform. This paper will look at examples of past incidents and look at the complete security picture of
a virtual universe (in contrast to the real world) and what needs to be fixed.
