Security often makes for a convenient excuse for hidden agendas. An article from Gaming Today looks at the possibility of officially sanctioned modifications to the gaming console XBox 360 and concludes on a pessimistic note. Quoting a group manager from the XNA initiative:
“I’m a little disturbed when I think about other systems and people using what we call native code – code that goes right down to the metal – and then allowing people to run script mods on top of that without the right security measures. It could be really dangerous.”
This is no doubt a thinly-veiled reference to the Sony Playstation 3, which makes it very easy to install a different operating system: it’s there on the UI. Is that a dangerous security vulnerability? To answer that question, a different question must be posed: security of what? Dangerous to which persons?
It is well-known that one of the reasons for trying to lock down the hardware is that the consoles are sold at a loss. The revenue from games and additional services is expected to recoup that loss and move into the black on the balance sheet. If users could install Linux on the console, then they would have simply acquired a very capable general purpose computer on the cheap and opted out of the gaming ecosystem. This is a security problem all right, but it is the security of the revenue stream. It is not about user data.
Once that is acknowledged, the discussion quickly turns to the other bogey-man: cheating at online games. This is about to become the fifth horseman of the digital apocalypse, riding the coat-tails of rampant P2P content piracy horse. Stopping piracy was one of the arguments for closing down the open PC architecture and replacing it with the Trusted Computing Group vision where remote attestation capabilities would force users to run the “approved” software. Preventing cheating at online games falls into the same category and has also been used as an example for the benefits of attestation. If all the users in a multi-player game can prove they are running the official game software– instead of one tweaked and perhaps modified with cheating aids– the playing field is leveled. The same argument could be made in favor of locking down gaming consoles. Unofficial software can give the player an unfair edge; by design, each player’s computer receives a lot of information that the game keeps hidden, such as the location of other players. A modified client would not respect the rules of the game and could “see through walls” so to speak. Gary McGraw has done a lot of work on exploiting online games such as on Second Life. This is an example of what happens when game modifications are easy (because the software runs on PC) and the designers failed to appreciate the fact that user’s machine is outside the trust boundary.
This becomes the last refuge for arguing that modifications to a console pose a security threat. But even this is qualified: a user modifying their console at home is not a threat to the gamer ego of anyone else until they connect to a multi-player game. In that case the problem could have been framed as detecting modded consoles as opposed to preventing modifications in the first place, which also happens to be an easier problem.