Vulnerability Development mailing list archives

RE: Online Games Consoles and Security Implications

From: "Elan Hasson" <elan () daryl org>
Date: Tue, 21 May 2002 22:24:39 -0400

heh, nintendo was cool..
I own an xbox myself. I'm VERY happy with it. i should probably install
the xdk again and post some of the docs to the list. It was saying how all
the packets are encrypted and stuff and how it can take a DoS (for
example, something that could 'clog the pipe') and be able to drop the
packets and sort through the garbage-data and not affect game performace
packets or something.

Yes, it does run a Windows2000 kernel (slimmed down of course) I've even
played with dissassembling xbox images. Its nice stuff. VERY nice. MS did
an excellent job with it. the fact that all of the software runs on a
harddrive and isn't on a chip is a BIG plus. That gives the ability for
people to download updates and stuff to it...hehe XBOX-service pack 1
anyone? HEH!

-----Original Message-----
From: Stan Bubrouski [mailto:stan () ccs neu edu]
Sent: Tuesday, May 21, 2002 8:15 PM
To: Elan Hasson
Subject: Re: Online Games Consoles and Security Implications


Elan Hasson wrote:

The xbox is VERY secure, read the docs on Network Security in the SDK.

MS even has a bit in there about Denial Of Service..and how the xbox can
handle it and not affect game performance.


REDICULOUS.  They call Win2k very secure.  They call IE very secure.
The bottom line is that it is a Microsoft product with embedded Win2k
code (correct?).  This is quite the contrary to what you suggest.  If
Microsoft could secure a game console running Win2K you'd imagine Win2K
and XP would be a lot more secure then they appear to be.  What
Microsoft writes and what Microsoft does are two different things, you
can't guarentee security, you can only try to ensure it by taking the
proper steps.  I recall Bill Gates calling Windows one of the most
secure OS's, A FLAT OUT LIE.

Not trying to start a flame war, so let's not, just pointing out to kids
that might be reading this, that there is no proof the XBoX is more
secure than PS2 or anything else.  You want security, pull out your old
1986 nintendo ;-)

Best Regards,

Stan Bubrouski

Attachment: smime.p7s
Description:

Current thread:

Re: Online Games Consoles and Security Implications, (continued)
- - Re: Online Games Consoles and Security Implications Kevin Finisterre (May 21)
- RE: Online Games Consoles and Security Implications Elan Hasson (May 21)
  - Re: Online Games Consoles and Security Implications Valdis . Kletnieks (May 21)
- Re: Online Games Consoles and Security Implications hellNbak (May 21)
  - Re: Online Games Consoles and Security Implications Dave (May 21)
- RE: Online Games Consoles and Security Implications Steve Maks (May 21)
  - Re: Online Games Consoles and Security Implications kawaii (May 21)
  - RE: Online Games Consoles and Security Implications Vasisht Tadigotla (May 21)
    - Re: Online Games Consoles and Security Implications Ryan Verner (May 22)
    - Re: Online Games Consoles and Security Implications Vasisht Tadigotla (May 23)
- RE: Online Games Consoles and Security Implications Elan Hasson (May 21)
- RE: Online Games Consoles and Security Implications Evans, TJ (May 22)
  - RE: Online Games Consoles and Security Implications Elan Hasson (May 23)
- RE: Online Games Consoles and Security Implications Kayne Ian (Softlab) (May 24)