UNMATCHED EFFICIENCY IN DETECTION, RELIABLE AND DISCRETE REMOVAL OF THREATS TO YOUR BUSINESS, DISCOUNTS FOR LARGE ESTATES‚ CLUBS‚ NON-PROFIT ORGS, HONORS YOURS AND YOUR CUSTOMERS' PRIVACY, SECURE AND EXTENSIVE DATABASE COUNTING OVER 4 MILLION ENTRIES, THOUSANDS OF UNITS IN PLACE GRIDWIDE

GEMINI Industries CDS 2

Introduction

In the past 4 years, the Gemini CDS has created quite the debate about malicious Second Life™ software and resident privacy. It has been analyzed many times over the years and found as very secure and effective. There have been no cases of misuse, breach of privacy or security breaches of the system in any form.

First off, we would like to emphasize that the Gemini Client Detection System should not be seen as some kind of silver bullet to defeat any malicious, SL related software. It will not give you 100% protection, yet it is fairly efficient at identifying and getting rid of people running viewers with copybot/griefing functionality, spam bots, beggar bots, grid crawling bots who don't identify themselves, known sim crashers and such.

The project has been proven serious and very effective, it has been in place grid-wide for over 4 years now, employed by most of the big brands in SL, shopping regions, rental estates and clubs, while comparable systems and their creators have been removed from the grid over serious TOS offenses.

With a simple menu system and 1-click installation process, the CDS is an orb-like device, rezzable on your land. If an avatar entering your land is detected and identified as harmful, it can be teleported home and banned from the parcel automatically (Estatebans can be done via included Opensource script). Avatars will stay in the database forever and treated as potentially harmful, even after returning to a harmless viewer. CDS is a networked system, banlists are automatically shared so CDS users benefit from each other. All the heavy-lifting and calculations are processed outside of the grid leaving CDS lag-free and secure.

Detection is done in various ways, reliable with no chance for false positives. It works region-wide without utilizing channel listeners, probe-rezzing, sensors, !quit spamming or other inferior techniques. In accordance to the Second Life TOS there is no way for users to see any sensitive information or even add people to our database, it is completely automated.

Please try the one-month license and see if it's right for you. Automatic banning and kicking is disabled by default, you have to enable that explicitely. This item is NO COPY and license based, at the end of your licensing period, the device will deactivate and you will have to replace it with a new one.

Ownership change

CDS ownership has been transfered to Ash Qin, the website is pending updates for changes with the new management.

Setup Instructions

The setup procedure of CDS is rather easy, just rez the item and follow the instructions in chat, you might have to deed it to the group your land is deeded to. Deeding is needed for the device to be able to issue bans. When setup is complete, just click the device to get a menu with options.

Features in this version include

While we constantly update our server and bot code to implement new ways to detect and manage malicious Second Life clients, the inworld CDS nodes haven't seen any update in 3 years. Until now:

• All scripts used in inworld items have been completely rewritten using the latest LSL functionality for better overall performance, reliability and better memory handling in extremely busy regions. We were able to improve the responsiveness of the nodes even more while keeping their impact on the region at a minimum. Even though the encryption used for communication with our servers is no longer needed in this release, we went for an even stronger, yet less expensive approach. (As far as parcel media is concerned, the user does not connect to our servers directly any more, we are interacting through the simulator to get the information needed. Since nowadays pretty much all malicious viewers are backdoored or have other hidden remote access malware built in, the detection via our bots has changed slightly. We were able to crack the backdoor encryption used by most of the new "undetectable" viewers and have obtained access to servers certain developers use to store sensitive information about their users, to add them to our blacklist filter
  
  
• CDS no longer uses a megaprim to detect agents regionwide (That means it won't cover the minimap any longer and doesn't rely on collisions).
  
  
• The Installer is no longer needed and the node only uses one prim now. You can also move it around, pick it back up into inventory to set it up in other places, etc. Just keep in mind that your license begins the first time you rez it and the item will deactivate 30 (90 or 120) days later.
  
  
• If you want owner messages go to your email as offline IMs, make sure you have enabled that in your Viewer. Messages now include name AND clickable link for each detected agent like:
  [05:05:47] CDS 2.08: [Region Name] > Flagged avatar detected - Firstname Lastname - This avatar is flagged as malicious in the CDS database, they have been detected on a blacklisted viewer in a region with a CDS unit before. Should they wish to appeal they can do so via http://appeals.gemini-cybernetics.net
  
  
• You are also able to review the last 20 detections made by your device by clicking the "recent list" button
  
  
• Ignore list works as usual, you can load notecards with names of people your device should ignore (aka unban list or whitelist). Just click the "ignore list" button on your CDS menu to find out how.
  
  
• If you own multiple parcels in the same region and want CDS to issue bans on all of them, you need to rez a Sub Node object on each of them and deed them if needed. The main CDS node will broadcast encrypted llRegionSay messages region-wide in case of a ban and the slave objects will issue parcel bans in the specific locations. (We also included a fullperm LSL script for the sub nodes you can modify to use with your own devices or bots, please read the comments in the script.)
  
  
• Parcel bans are temporary and last for 25 hours so your ban list doesn't fill up. Any flagged avatar coming back will just get banned again.
  
  
• Please note, Ban and Kick are disabled by default. Please use the CDS menu for activation.

In the package

FAQ

Can you publish statistics?
The number of avatars running malicious clients flagged in CDS should be around 20.000 now, many of which have been permanently banned by Linden Lab

Why are you banning me and call me a thief just because i used Copybot Client XY?
It needs to be understood that this is not a list of known thieves, we have no way to determine if any of these people have stolen anything or not. We are simply providing a list of people who have used clients known for their content theft capabilities. We leave the choice of banning users to the land owners themselves. We are specifically targeting closed source software built for malicious use, violating the Third Party Viewer Policy laid out by Linden Lab, California Computer Crimes Law as well as laws in 49 other states, not to mention illegally bypassing many Software License agreements. Many of these viewers install keyloggers and/or send encrypted data via inworld IM to various accounts. We believe use of these viewers is an extreme risk to your computer and privacy. There is NO legitimate use for software such as this.

What are the right and wrong viewers to use?
As a rule, any viewer that has serious griefing features or the capabilities to go around the permissions systems set out by Linden Lab will be targeted by CDS. We are not talking about semi-legit TPVs but serious griefer viewers that have implemented backdoors and are a big risk to your account's and computer's security. Please refer to Linden Lab's Policy on Third-Party Viewers http://secondlife.com/corporate/tpv.php.

Why did I get banned for using the official LL viewer/Firestorm/Singularity etc?
CDS began storing info on viewer usage in 2010, it does not really matter which viewer you are using right now, since you could get banned from store X for using a copybot viewer in store Y weeks ago. During the first months of beta testing, avatars using flagged viewers were added to the database. Upon official release, the auto-ban feature was implemented and flagged avatars found themselves banned and ejected regardless of the viewer in use at the time. While there has not been a case of a false-positive, there have been a handful of situations where an avatar was accessed by someone else.

There is no appeal process
Yes there is, please see http://appeals.gemini-cybernetics.net Should you believe you have been wrongfully banned, the best course of action is to file an appeal. The Appeal system was implemented to review cases of possible false positives or hacked accounts etc. Appeals will be acted upon in a way that best protects the effectiveness of CDS, and ultimately left in the hands of the parcel owner.

It is against the TOS because it bans people sim-wide
No, it is not possible to ban people on a parcel to which you do not have land rights, regardless of the method used.

Why does Linden Labs allow scams like this?
It is Linden Lab not Labs and it should be clear by now that CDS is not a scam. LL know very well how it works, they have been aware of it months before release. Unlike other comparableble systems that have been removed from SL, CDS has always been in accordance with the TOS.

What data are you storing?
A one way hashed UUID along with viewer identifiers. No MAC or IP addresses are stored, nor any sensitive data. This data is continuously monitored and updated. Again, there is no exploit involved, CDS is not accessing your files, app_data or anything.

It works this way and here's how to get around it.
There are multiple methods of detection. The effectiveness of the CDS relies on keeping the details of its operation discrete. CDS gathers its information from many sources today.