Skip to content

XBox 360 – Pretty Dang Secure

Microsoft has billed the XBox 360 as Hack-Proof since its inception, and for reasonable definitions of that hyperbole, they’ve succeeded. A vulnerability was discovered in the XBox 360 Hypervisor (looks more like a microkernel from the diagrams, but, um, R&D South already uses that term) which allows arbitrary code execution. Microsoft patched and deployed a fix for this problem within 6 days. This leads to many interesting lines of inquiry:
* Why can’t Microsoft patch Windows that fast? Is it because it’s too complex?
* Not enough data to discern capability vs. motivation
* Is it because the vulnerability could potentially allow copied games to play and they make a cut on each game sold?
* This seems likely.
* Is it because they care about the Whole Widget experience?
* could be. Tight control of hardware and software has some advantages.
* Maybe because it would allow Linux or BSD to run on XBox 360 hardware?
* supposedly Microsoft isn’t losing money on each unit sold anymore, but an XBox Media Center is a Windows Media Center not sold.
* you have to imagine chairs would get thrown in Redmond if Linux on the Microsoft hardware patform became popular
* Does the XBox 360 architecture represent a modern computing platform that shows off the skill of some Microsofties who are otherwise saddled by 30 years of legacy cruft that keeps them from implementing good security in Windows?
* Objection! Leading the witness.

There’s one more possibility: this is the way Microsoft wants it. Have you heard Windows Defender isn’t that good, as if Microsoft couldn’t write a good AV product for Windows? How about the usability of User Account Control in Vista (you just want to figure out how to disable it)? Did you notice Microsoft has been telling us for a year or more that Office is going Live? Did anybody notice Vista was 5 years late and under-delivered? Did you notice that Vista has features that force folks into new HDMI/HDCP displays, which ought to work fine with an XBox?

Wouldn’t it be great if we could just have a computer that’s secure, wired, and runs the Microsoft Apps we all love and need instead of dealing with this Windows on Dell mess? Have just one vendor to buy our hardware and software from, all conveniently online?

Who says Microsoft doesn’t ‘get’ the Internet?