Slashdot Mirror
Security Concerns When Consoles Go Online?
VonGuard writes "I've written an article for Security Focus about the security concerns that having an Xbox or Playstation 2 on your network might raise. The article, entitled Welcome to the Jungle was an interesting experience to write. I really think that Sony will end up having some trouble from their stance on third party security design, while Microsoft might end up smelling like roses. Too bad MS shipped the Nimda virus with their Korean version of .Net Visual Studio."
People on this site always have to get in their Microsoft bashing. It is pretty shameful. Why can't you just make do with what is out there? That article had nothing to do with the Nimbda virus, but the poster had to throw it in there cause Microsoft didn't look bad in that article. Awful.
Come on. This really looks childish. That's an irrelevant story. Just let the facts speak for themselves or you lose credibility.
I used to bulls-eye womp-rats in my pants
Its interesting to note that in this case the closed network MS have been building for X box might be the best thing in the circumstances as it should prevent DDOS usage of the things.
but is this really going to be a major issue ? in reality how much time will these boxen spend on line when not playing games ?
have MS written in code to the os to identify what is and is not and X Box for example? and what about servers - can they be run ?
Thought provoking.
I refuse to argue with Anonymous Cowards - if you want a discussion get an account....
Yeah right, try shrugging it off when somebody deletes your Phantasy Star Online characters after 50 hours of gameplay (this actually happened to many many people playing Sega's first online RPG).
Too bad MS shipped the Nimda virus with their Korean version of .Net Visual Studio.
.NET team does something poorly, they deserve to get slammed. But the Xbox team does not need to hear about the mistakes of the .NET team. You wouldn't say that the Playstation 2 sucks because Sony supports copy protection on its CDs, would you? That was un-called-for.
Now, wait a second. These are two completely unrelated parts of the company. If the Xbox team does something well, they deserve praise, and if the
Lack of eloquence does not denote lack of intelligence, though they often coincide.
X-box will have better security you say? Right... man, I can't WAIT till consoles are on line... I love laughing at security holes in all the crap I don't use, or know how to use properly.
X-Box was already cracked. It didn't get much press covereage... Eweek did a story, here's the reg's:
Well, x-box's have been online for quite some time now, many people who own one have been using gamespy software to play Halo online for a fair bit in fact.
and as for x-box's having been cracked, the cracking you refer to is no more than the same mod-chips that allow the console to run unsigned code that dreamcasts, PS1's, and PS2-s have been running for quite a while.
the simple fact is that, MS's controlled servers may be more secure than public servers sony will promote, in fact i would expect it to be.
you can knock em all you like, but the model they are promoting might just be better than Sony's, why not wait till they are actually functioning, and have a bit of substance behind your complaints before you dismiss them offhandedly?
They say it's not such a big problem, because a hacker could only either cheat in an online game, or perform a DoS attack on the user. "If someone hacks you, shrug shoulder's, hit reset. You've only lost time."
But the real problem is that eventually these consoles will also serve functions other than just gaming. Both Micros~1 and Sony want your living room for more than games, they want to provide other services such as movie/music downloads, general web surfing and online commerce.
That means that the HDD (standard in Xbox, optional in PS2) will contain potentially valuable information, such as content you've downloaded, or maybe your CC number you used to buy the extra content in the first place. So if hackers could get at that data, they're potentially ripping you off.
While this problem exists on PC too, consoles are an easier target because each one has exactly the same OS (non-upgradeable/non-patchable). If game Foo comes out with some vulnerability that allows hackers to access the contents of the HDD, then the game developer won't be able to send out a patch for Foo...
Yeah, I'd be worried.
Everyone seems to forget that XBoxLive is a subscription service. How about I hack your box and steal your password? Now I can play as you.
Even worse when MS truly implements passport as a "single sign-on" service.. then I'll be able to become you wherever there is passport. Perhaps I'll log in and place a few bids on ebay for you.. you did want a gamecube and PS2 didn't you? Well guess what lucky bidder, you just paid $800 for them!
First of all, Xbox is based on a Windows 2000 kernel. Windows 2000 has been around for a while and has had quite a few patches and security fixes before the Xbox was even released. Windows 2000 is about as stable and secure as you can get in terms of an MS OS.
I don't worry at all about it being hacked by script kiddies. Even if it is hacked, MS has included a method to update the kernel. Also, if it is hacked so bad that it actually ruins something, I'll just take it back to EB and get a new one under my 2 year warranty.
Secondly, the Xbox team is quick to point out that the Xbox is not meant to be a 'multimedia hub' or whatever you want to call it. The Xbox is meant for games only (although it is definately capable of much more). Someone doing even preliminary research would have discovered this fact. The guys over at MS have other devices in the works for a full entertainment system - which get posted on newsgroups as 'Xbox 2???' - no it is a completely different system.
Please do some research people before popping off at the keyboard about shit you think you heard or by putting together 5 rumours and calling it a fact.