I’ve supported Emerald. I’ve been happy to use it for around 18 months. In that time a lot has been made about it being a malicious viewer, with many, many claims going around that it does everything from raiding your L$ balance to spying on your granny while she’s having a bath…and they all remain pretty unsubstantiated. Emerald has also come in for more than its share of people misrepresenting its capabilities (such as making your avatar “invisible” allows you to run around griefing people. If you’ve ever used the “invisible” function, you’ll appreciate how ludicrous these claims are).
However, there comes a time when one is forced to sit up and take notice of what is being said – and that time is when it is being said by one of the Emerald developers.
LordGregGreg Back is not someone I classify as an SL friend or even an acquaintance. Our dealings have always been at a distance, via IMs usually. BUT…throughout the time I’ve been using Emerald, I’ve never found him to be anything less than honest in his dealings with people. It has been because of his involvement (alongside that of Chalice Yao) that I’ve remained an Emerald user. Yes, both at times have had to do *some* verbal acrobatics when being pushed to defend the antics of others, and in doing so have potentially harmed their standing in the eyes of others. But just because they have, does not, and has not meant their efforts and work with regards to Emerald have been anything less than honest.
So when Greg up and publishes his own misgivings about Emerald, I admit I sit up and take notice.
The crux of the matter is the manner in which a .dll is being used – in this case emkdu.dll – which is related to texture loading and which allowed a viewer’s title bar and executable path to be broadcast in an obfuscated manner (and possibly recorded by other in-world devices). Despite promises the issue had been fixed, made to both Greg and Emerald support manager, Jessica Lyon, it wasn’t. Instead, encryption was used to further obfuscate what was going on, and further requests for the code to be cleaned up only increased the degree of encryption being applied.
The worrying this here is that the encryption meant that the code could not longer be properly vetted and verified – Greg’s role in the Emerald team. This, as Greg explains, undermines trust. Encryption / obfuscation is suggestive of malign intent, whether or not it is in fact the case. So why do it? Probably because the individual responsible cannot help but jerk an immature middle finger at his detractors at the thought of them scrabbling around trying to prove the code is in fact malicious, then giggling himself to sleep at night.
But in doing so, the individual concerned pretty much jabs a finger vertically at the rest of the Emerald team with the result that those with a conscience feel they have no option but to gradually bow out. And this is a shame, as it lessens the value of Emerald while simultaneously enabling a further round of accusations and drama.
More than this, it leads to an undermining of faith in Emerald as held by existing users. After all, one developer is actively seeking to mask what the code is doing from his fellow developer and placing active barriers in the way of ensuring the code is properly verified as “clean” – so why on Earth should any of us continue to trust and use Emerald?
Inara Pey: Living in a Modemworld 