Thanks, I was initially surprised that they were encrypted but I can speculate on a few potential reasons:
- The Xbox was designed to be able to play online via Xbox Live (e.g. with Halo 2 that came out later in 2004), and they might have simply reused the network stack for System Link over LAN. I looked a little bit at Halo 2 system link, it uses the same system calls from the kernel but the protocol seems to be more complicated (e.g. the IV is never sent in plaintext, the two consoles derive it somehow). I haven't looked at Xbox Live, but Halo 2 could potentially use the same for System Link and Xbox Live.
- The Xbox also really tried to lock down its security in order to prevent game piracy and homebrew games. This might have been another attempt to reduce the attack surface.
- They also might have just wanted to keep their game protocols secret for trade secrets or simply avoiding scrutiny. In this case, we were able to create a kind of cheat, which they might have also wanted to avoid. Even though it is rarely an issue at LAN parties, it might have simply looked bad for the brand.
From what I've heard from microsofties over beers, it was really the second one. They didn't expect developers to write network code in ~2001 that didn't have memory safety vulnerabilities and wanted a barrier there between simple overflows and system security.
The child in me from 20 years ago dreams of a software tool downloaded from a questionable website that jailbroke an xbox just by putting in the IP address.
I mean, minus the USB->controller wire "hardware mod", it has been perfected to "download a memory card gamesave", "have a non-GOTY edition of a game" and you were a few minutes away from being soft-modded, ready to hack your cached Halo maps to swap the needler texture in for the wall textures, and change character textures to brighter versions (gummibear hack, maybe?).
Makes me want to wipe the XBMC xbox in my parents basement and break out my Splinter Cell and memory card just to do it all again.
Thanks for the answer. Like 5 years ago I tried snooping around halo system link packets because I just assumed there was no encryption and was disappointed. Wasn't this multiplayer rushed out in a month? Why on earth is a LAN protocol secure in 2001?! lol
Makes total sense, especially recalling the zeitgeist of the era. IIRC, this was during the height of worms which propagated via vulnerabilities in code that handles network traffic.
Probably for the reason the author speculates about in the article:
> For example, would it not be cool if there was a game with a stack buffer overflow bug that allowed us to run arbitrary code remotely? That could potentially enable us to softmod an Xbox over the network, without the need of any special hardware.
As someone who's written replacement backend Xbox Live server infra, I can confirm that system link is very nearly the same base protocol set as is used by Live. They must have had that nailed down pretty close to launch, and were mainly working on support services that live needs but system link doesn't up until Live actually launched.
The game was actually close to ship without multiplayer, it was an afterthought. Some devs have talked about this (iirc, Marty O’Donnell was one of them).
Goldeneye is one of the best case studies for why companies should give their engineers room to experiment. If I remember correctly, the multiplayer mode was originally a side project of one of the engineers and was added near the end of development.
This isn't to say the campaign mode isn't good, but the ability for boys to play a shooter game against each other on the same console is what made that game.
- The Xbox was designed to be able to play online via Xbox Live (e.g. with Halo 2 that came out later in 2004), and they might have simply reused the network stack for System Link over LAN. I looked a little bit at Halo 2 system link, it uses the same system calls from the kernel but the protocol seems to be more complicated (e.g. the IV is never sent in plaintext, the two consoles derive it somehow). I haven't looked at Xbox Live, but Halo 2 could potentially use the same for System Link and Xbox Live.
- The Xbox also really tried to lock down its security in order to prevent game piracy and homebrew games. This might have been another attempt to reduce the attack surface.
- They also might have just wanted to keep their game protocols secret for trade secrets or simply avoiding scrutiny. In this case, we were able to create a kind of cheat, which they might have also wanted to avoid. Even though it is rarely an issue at LAN parties, it might have simply looked bad for the brand.