[nhellman]

Thanks, I was initially surprised that they were encrypted but I can speculate on a few potential reasons:

- The Xbox was designed to be able to play online via Xbox Live (e.g. with Halo 2 that came out later in 2004), and they might have simply reused the network stack for System Link over LAN. I looked a little bit at Halo 2 system link, it uses the same system calls from the kernel but the protocol seems to be more complicated (e.g. the IV is never sent in plaintext, the two consoles derive it somehow). I haven't looked at Xbox Live, but Halo 2 could potentially use the same for System Link and Xbox Live.

- The Xbox also really tried to lock down its security in order to prevent game piracy and homebrew games. This might have been another attempt to reduce the attack surface.

- They also might have just wanted to keep their game protocols secret for trade secrets or simply avoiding scrutiny. In this case, we were able to create a kind of cheat, which they might have also wanted to avoid. Even though it is rarely an issue at LAN parties, it might have simply looked bad for the brand.

[monocasa]

From what I've heard from microsofties over beers, it was really the second one. They didn't expect developers to write network code in ~2001 that didn't have memory safety vulnerabilities and wanted a barrier there between simple overflows and system security.

[willis936]

The child in me from 20 years ago dreams of a software tool downloaded from a questionable website that jailbroke an xbox just by putting in the IP address.

[k8svet]

I mean, minus the USB->controller wire "hardware mod", it has been perfected to "download a memory card gamesave", "have a non-GOTY edition of a game" and you were a few minutes away from being soft-modded, ready to hack your cached Halo maps to swap the needler texture in for the wall textures, and change character textures to brighter versions (gummibear hack, maybe?).

Makes me want to wipe the XBMC xbox in my parents basement and break out my Splinter Cell and memory card just to do it all again.

[monocasa]

I hear that; I wish I was cool enough back in the day to release a tool on xbins. I'll have to settle for retro computing.

[CYR1X]

Thanks for the answer. Like 5 years ago I tried snooping around halo system link packets because I just assumed there was no encryption and was disappointed. Wasn't this multiplayer rushed out in a month? Why on earth is a LAN protocol secure in 2001?! lol

[mywittyname]

Makes total sense, especially recalling the zeitgeist of the era. IIRC, this was during the height of worms which propagated via vulnerabilities in code that handles network traffic.