Digg this story   Add to del.icio.us  
Game Consoles -- the Next Hacker Target?
Alex Handy, SecurityFocus 2002-06-19

Xbox and Playstation 2 decks are coming to the Internet in droves this fall. How will they stand up against the legions of hackers waiting for them there?

Don Kellogg is cheating. Over the last hour he's pumped round after round into camouflage-clad terrorists, and only a few of them have been able to return the favor. "I don't always cheat. I'm pretty good playing straight," he insists. "Cheating makes me a god." As he says this, he pumps three rounds from his Heckler and Koch MP5 into an unsuspecting opponent, bringing his kill count up to 47; his nearest competitor has 21. Kellogg plays under the pseudonym "Nharlothep," and when he cheats, he is indeed a god.

Kellogg is playing Counter-Strike, the most popular game on the Internet. With over 10,000 independently run servers around the world, the game has set the standard for realistic online first person combat. But for those who know how, cheating can make an ordinary Navy Seal into the Six Million Dollar Man. With his illicit patches installed, Kellogg can move at faster than normal speeds, shoot with near perfect aim, and see through walls.
Microsoft insists Xbox Live will enjoy 'military grade security.'

And he's not alone. Cheating has become a front row issue in the online world of counter-terrorist combat. There are now literally hundreds of hacks for Counter-Strike, and every time a hole is closed, someone figures out a new way to exploit the system. It's a serious problem for Valve Software, makers of Counter-Strike, and the popular sci fi shoot-em-up Half-Life. Valve spokesman Doug Lombardi says that the company "takes cheating more seriously than piracy." Valve's not alone in their struggle -- other popular games have had similar problems over the years, including Everquest, Ultima Online and Diablo. Last year hackers exploited a weakness in the Diablo II servers to loot other player's equipment and bonus items -- worth real cash on eBay -- forcing developer Blizzard Entertainment to restore the game from a backup copy.

It's into this war of hacking and counter-hacking that Microsoft's Xbox and Sony's Playstation 2 will be thrust this fall, when their consoles join the Internet for the first time.

Fears of an Xbox Army
Microsoft integrated net connectivity into its Xbox right from the start. The Xbox comes with a 10/100 base Ethernet port built-in, making it the first gaming console ever to ship with a standard networking port. Sony will release an add-on for its Playstation 2 in August that will include an Ethernet port and a 56k modem. Nintendo has yet to officially announce its networking plans for the Gamecube, but there are games slated for release on the platform later this year which are designed for online play, most notably Sega's Phantasy Star Online. It's rumored that Nintendo will release a modem for its system this coming October, says Che Chou, editor at the videogaming magazine Electronic Gaming Monthly.

But while the game makers have all discussed launch titles and strategies, the topic of data security has mostly been left untouched. What happens when 10 million game console owners suddenly plug into the Internet?.

hellNbak, an IT security specialist from the white hat hacker group Nomad Mobile Research Centre worries that massive numbers of Internet-connected Xboxes might be the perfect platform for launching distributed denial of service (DDoS) attacks, if a security hole is ever discovered in the console. "With the assumption that the broadband gaming network is going to catch on like crazy -- if one was able to get DDoS zombies on the millions of Xboxen sold, there might be potential for massive damage," he says.

Console security holes are not unprecedented. When Sega released a modem and broadband adapter for their Dreamcast console in 2000 a number of remotely exploitable holes were discovered almost immediately, not the least of which was a vulnerability to a "ping of death," a small, well crafted packet that could crash the console, resulting in the loss of game progress and the destruction of saved games, if timed properly.

"A remotely exploitable hole could lead to the stealing or deleting of configuration files, ripped music, and saved games," says hellNbak, who surmises that security holes could lead to headaches for gamers, and the potential for some messy inter-gamer hacking wars in the ego-heavy trash-talking game world.

Security is one of the reasons Microsoft is building its online service as a closed, Microsoft-only system. The Xbox Live service will be a yearly-fee based network through which players will find opponents, teams, updates, and add-ons. According to a written statement from the company, "Microsoft understands how important the online gaming experience is and have adopted a managed approach with Xbox Live, ensuring that gamers don't encounter the types of things that make PC online gaming a hassle."

Closing their service to outsiders increases the security of their system overall and "prevents hackers from scaling beyond one machine," the company claims. "Xbox Live has military grade security to ensure no cheaters, no hackers, and no viruses."

Sony: Open Door Policy
"You cannot effectively secure a device that a potential attacker has complete physical access to," counters hellNbak. And even Microsoft seems to be hedging its bets, acknowledging that "no service is 100% hack-proof." That's a lesson the company knows well. The Hong Kong based console accessory company Lik Sang already sells a copy protection defeating "mod chip" for the Xbox -- which allows users handy with a soldering iron to play copied and imported games with impunity, and even permits them to use the Xbox to play movies in the DivX format popular with film pirates.

Sony declined to comment on their security plans for the Playstation 2, if any. The company's strategy for Internet play is diametrically opposed to Microsoft's closed-door system. Sony plans to allow game developers to use their own services for player matching and game hosting. Connectivity beyond the basic protocols is left up to developers.

That leaves much of the security in the hands of game developers. Chris Mahnken, producer of Sierra's Tribes Aerial Assault, is building the popular Starsiege Tribes series into a Playstation 2 online launch title. "Sierra is using our existing PC game and player matching system for the PS2 titles," says Mahnken. "The system has proven to be both stable and secure, and we don't see any reason for that trend to change." Mahnken says that the team at Sierra has had to tweak server code to deal with cheaters from time to time, but the majority of their code has remained solid and trusted.

Leaving the server interface software up to the individual designers creates risks of its own, such as the possibility that spyware or backdoors may find their way into game programs. In 1998 security researcher Mark Zielinski found that server software for the first person shooter Quake II secretly included a backdoor that potentially allowed a malefactor to gain remote control of a running game. Of course, the danger of more serious backdoors in console-based games is less threatening than on PCs -- nobody puts corporate secrets and private e-mail on their game consoles.

Meanwhile, the Xbox seems to possess an almost magical allure for hackers and tinkerers. In June, MIT Ph.D. candidate Andrew Huang published a 15-page paper describing many of the more secretive aspects of the Xbox's hardware. In his paper, Huang claims to have defeated the Xbox's copy protection system -- designed to prevent unlicensed developers from writing their own code for the machine. Coupled with the Xbox's internal hard drive, this could bring the possibility of patch-based cheating closer to console gamers than ever before.

That's good news for the likes of Kellogg. Back in cyberspace, he's begun to arouse suspicion in his Counter-Strike game. A few opponents are grumbling, messaging phrases like "Nharlothep's a cheat! Someone kick him!" Unfortunately for them, there's no server admin online, and Kellogg simply ignores them and continues to rack up the kills. "There's so many other servers out there," he says. "It's just a game, people!"

    Digg this story   Add to del.icio.us  
Comments Mode:
Kellogg is scum~! 2002-06-19
Non-Cheater (1 replies)
Kellogg is scum~! 2002-06-22
Cheaters suck. 2002-06-21
Anonymous (1 replies)
Cheaters suck. 2002-06-21
Anonymous (1 replies)
Cheaters suck. 2002-06-22
UeberShark (3 replies)
Cheaters suck. 2002-06-25
Cheaters suck. 2002-06-25
Cheaters suck. 2002-06-25
Anonymous (1 replies)
Re: Cheaters suck. 2007-12-12
XBOX online architecture 2002-06-21
cheating - online games 2002-06-24
mr elite (1 replies)
cheating - online games 2002-06-25


Privacy Statement
Copyright 2010, SecurityFocus