'Tis the season for console game platforms, and everybody's gearing up for the new X-Box 360. I actually played some World War 2 fighting game (Call of Duty, maybe?) on the demo unit at Target, and the realism was a bit too much for yours truly. It promises to be one hell of a gaming platform. Sales are expected to be off the charts - according to CNN, Microsoft is expecting 3 million units sold in the first 90 days. Ouch, that's a lot of units. And one really cool feature of the XBox is the integreated network connectivity - via RJ45 or via Wireless - both are built in and completely seamless.
So, the plan is: in six months, we'll have tens of millions (or more) of these machines deployed. They'll all have identical hardware and firmware. They're all capable of running arbitrary software. And the majority of them will be permanently affixed to the Internet. Hmmm... Is it me, or is this setting off alarm bells for anybody else out there?
How long is it going to be before a malware author figures out that this homogenous XBox world is a "heaven" for their nefarious activities? We've already had malware that targets the PSP, why not the even more powerful XBox 360? Wouldn't every XBox in the country make one hell of a botnet? Not to be negative, but all the signs are there - the media attention that would be focused on an XBox worm would be tremendous, such a worm would have almost unprecedented virulence, and we've already seen this type of thing on other platforms. I wonder if the folks over at MSFT have thought about this, and if so what they've built in to XBox for security (or at least anti-malware) features? Hopefully they at least have an automatic firmware update capability...
Posted by Ed at November 22, 2005 09:20 AM