cc image by vdu, j4mie

One of the things I’ve been tinkering with since leaving Linden Lab is Creatarr: a creative, collaborative social game. Creatarr’s goal is to bring some of the magical collaborative creation found in Second Life to a wider audience and to push creativity in social games and the web beyond virtual farming and impact text on animal pictures.

I quickly got busy building the CREST API for CCP and I’m likely to have even less free time when I start my new gig, but Facebook are happy for me to continue to tinker with Creatarr and I like shipping code, so I’ve decided to make Creatarr public and run it for as long as people are playing. There are plenty of rough edges, but there are also some neat ideas and plenty of fun to be had, so head over to creatarr.com and dive in.

Thanks to @mrkemeny, Irene Soler, Chris James, @yandle and @profaniti for helping to build Creatarr.

There was a slide in the early talks that Cory Ondrejka used to give about Second Life about alien abductions in Second Life. One of the most exciting moments in Second Life for the early Lindens was when a resident constructed a UFO and flew around the world abducting other residents and then returning them to the world with a commemorative t-shirt. It was exciting because it was unanticipated. The Lindens had created a virtual world that enabled interaction and someone had taken it and run with it to create a fun and engaging experience.

So, once I’d finished implementing a simple interest management and collision detection system for the Brighton Digital Festival JavaScript Jungle to enable interactions, I thought I would implement an alien abductor as a hat tip to Second Life.

The JavaScript first adds a UFO from You’re The Boss 2 to the supplied div along with an SVG canvas containing a hidden translucent tractor beam path before binding to the see and tick events. The tick handler implements a state machine which either moves the UFO towards a random spot, a target creature that the UFO has seen or drags the target off screen for diabolical experimentation.

The most interesting part of the code on line 155 which replaces the target’s position method with one which returns the target’s position, but doesn’t update. This allows the UFO to move the target while the position updates made by the target’s own code call the new read only position method. Tom Parslow‘s boids look especially mournful flapping around and turning towards the flock while being captured.

While the alien abductions in Second Life and the JavaScript jungle are meant to be fun and mostly harmless, the same mechanisms that enable them can be used for griefing in virtual environments and malware in software at large. The ability for scripted objects in Second Life to self replicate caused dozens of problems with grey goo attacks for every amazing virtual ecosystem and many malicious cage attacks for every playful alien abductor.

The message passing concurrency model adopted by LSL actually made direct attacks on other scripts of the kind used by the JavaScript Jungle UFO very hard, but things are much harder in JavaScript’s browser environment even when separating scripts in iFrames.

Luckily projects like Caja and Belay (which is being worked on by another ex-Linden, Mark Lentczner ) are working on the problem of making multiple scripts work safely in the same browser.

The challenge for sandboxes like Second Life and the JavaScript jungle is to allow interesting and meaningful interactions with emergent properties and unanticipated consequences without allowing malicious scripts to destroy that environment. Building the JavaScript Jungle was a lot of fun and made for another great Brighton Digital Festival project. Many congratulations to @premasagar, @ac94, @purge and everyone else for making it a success. Maybe next time we can try to build a secure JavaScript Jungle that is both secure and expressive.