Part III – Nineteen Eighty Four
So far, Microsoft has successfully managed to prevent Xbox Live from being tainted with cracking, cheating and general malcontent users. There are several successful methods employed at this point, and likely more on the way once software upgrades and any other glitches are discovered. To this day, many people in the Xbox modding scene refuse to touch Xbox Live, on principle that any cracks employed will be met with a swift repair from the Xbox Live development team, and swift prosecution from the legal arm of Microsoft. This is another good reason why the fee charged annually is a good idea: while a fun gaming environment can't be guaranteed, minimizing the number of crackers is best for any service.
In one of my previous articles, I mentioned that a simple upgrade can kill a brand new console. With the Xbox being a closed platform, a malicious user could attempt a buffer overflow attack or attempt to simulate an Xbox Live server distributing an upgrade. Deleting the Xbox Dashboard on a normal, unmodified console results in what's known as an "Error 21" when the console is started. If multiple users were affected by this, they'd be responsible for shipping their 'Box back to Microsoft. Since it is still widely rumored that the company takes a loss on the hardware sales, this would not be a good scenario for the users, and a public relations nightmare for Microsoft.
Specifically, though, Halo 2 will be a great target for tinkerers, modders and crackers alike. Because it is so widely anticipated, Microsoft can expect an enormous "attach rate" for users picking up the game, making it a primary target for developers of buffer overflow attacks in saved games. The Xbox-Linuxteam uses a similar method to apply the MechInstaller: MechAssault is tricked into executing a corrupted save game, which subsequently runs Linux and can specially corrupt the Dashboard, enabling the Linux kernel to be booted. Since Halo 2 will be a nearly ubiquitous title, modders will attempt to reverse-engineer its save game features and enable the rest of the Xbox console to be compromised.
One thing that Bungie and Microsoft have going for them, though, is that the save game format used for Halo: Combat Evolved has not yet been reverse engineered to any significant extent; additionally buffer overflow checking likely has been employed, reducing the risk that the console's flagship title could be used as a Trojan horse. A similar file format in Halo 2 will make the task of the hacker more difficult to perform. Additionally, since the game will likely employ Xbox Live updates, any type of vulnerability can be patched upon discovery.
The explosion of Halo modding, though, is another concern from the corporate level. As the Halo Xbox, PC and Mac .MAP files can all be edited to one extent or another, the verification of their content is a concern. The Xbox currently extracts several of the campaign and multiplayer maps to a temporary partition (X, Y or Z, all of which have 768MB total space), improving caching performance and decreasing load times for the game. Modders were able to edit these decompressed files and swap objects, insert textures and access unavailable items in levels. If the same technique of caching the online levels carries over to Halo 2, sabotaging users could undermine the fun of the game by swapping textures to become transparent.
With most problems come solutions, however. A basic, effective solution would be to overwrite the multiplayer maps in the cache on each load, delaying the launch of a game by several seconds but ensuring security. This solution is impractical; however, updated maps could fix level glitches, making repairs impossible if the cached versions were overwritten each time. The more likely option is for Microsoft to use a Cyclic Redundancy Check (CRC) or other checksum to verify a cached map as players begin a game. Additionally, depending on the method employed to update the games, PPF-style patches could be stored to a user's content download folder, and then applied as the game initializes. Entirely new maps would be completely stored on the hard drive, and checked as per MechAssault's "Verifying Downloaded Content" progress bar. Since Xbox Live downloadable content has safeguards to prevent tampering, (it is assigned to each Xbox individually, preventing "trading" of premium content) it is reasonable to assume that Halo 2 will apply the same or more advanced safeguards.
Campaign levels could follow a similar procedure of forcing re-cache if they do not "check out" properly as according to a stored checksum on the DVD. However, one of the serious Xbox modder's tricks is to install an enormous hard drive along with a modchip; enabling them to play games directly installed to the hard drive. Theoretically the checksum for each map could then be changed, allowing mods. While this procedure is slightly more complex, it would still allow users to modify Campaign maps for non-Live games. System Link games currently will "desync" if two maps differ between Xbox units; a similar checksum could be run across the local network to ensure that all players are using the same map file.
Piracy has been a problem for Halo, on one platform specifically. As mentioned recently, the developers of Halo for Mac have tracked as many copies illegally copied as have been sold. While the Xbox Live feature will entice many prospective gamers to buy Halo 2 legitimately, copies will no doubt circulate the "scene" shortly after release. To curb the spread of piracy, there are several evil things that could be implemented in the game code; we'll have to see what security measures Microsoft takes when publishing the final edition.
Initially, in order to run pirated games, a modified BIOS must be used. This is the first detection step for Xbox Live: if the active BIOS does not match the one indicated by the serial number of the console, Microsoft flags the console's serial number and bans the Xbox unit from the service. Any Gamertag stays active, though – users caught for a modified console can pick up a new unit and continue to play Live.
Halo 2 could potentially check the version and capability of the running BIOS, and fail to start if security measures are not in place. It would not be practical for Microsoft to include a "whitelist" of approved BIOSes and checksums; as new versions of the console come out, BIOS improvements are continually included on newer console models. Rather, a blacklist of the most common modified images, plus updates over Xbox Live, would be quite the punishment to dole out to pirates.
For people who have elected not to install a modchip, and instead solder the Xbox BIOS chip, this practice could be deadly if Microsoft also applied an electronic counter-measure. DirecTV, a large American satellite company, uses ECM's to disable cards that are stealing service; the possibilities are spooky when considering that Microsoft can effectively disable your Xbox remotely. A possibility to consider is the remote BIOS flash. This would entail attempting to flash the BIOS to a chip; in normal, factory-sealed Xbox units, this procedure would fail. If the procedure succeeded, Microsoft could make the console start up with "Your Xbox console has been modified" and refuse to run any games or the Dashboard.
For the time being, Microsoft as a company will likely steer away from these drastic procedures. They could be illegal in some countries, yet most often the people with a modified console will restrict their ranting to message boards: while modifying a console is technically legal, duplicating copyright protected games is piracy. The implications, however, of a totally Microsoft-owned system, are extremely nerve-wracking for anyone that refuses to toe the party line.
In reality, it is highly doubtful that Bungie would willingly implement any destructive measures aimed at players of their games. Just reading the section entitled "Worst. Bug. Ever" indicates that rather than a class action lawsuit, Bungie employees replaced bad CD's with good ones, due to a bug that effectively would exert the same type of punishment as I've described. All that users really should be concerned about now will be the impending release of Tsunami and how Halo 2 will be shaped by it.
What do you think? Comment on this article in our forums.
