Language Selection

English French German Italian Portuguese Spanish

M$ Battles Halo 2 Holes

Filed under
Microsoft
Security
Gaming

Microsoft is once again locked in a battle of wills with hackers determined to find and exploit security holes in the company's software. But this time the buggy code isn't endangering users' PCs -- just their otherworldly alien fortresses.

The vulnerabilities are in Microsoft's enormously popular Xbox game Halo 2. Last month, the company's Bungie Studios games division pushed out a 2-MB software patch for the sci-fi shooter in response to months of complaints from Xbox Live gamers about "glitchers" who'd learned to exploit programming errors in the game to their advantage in competitive play. The phenomenon launched cheaters to high positions in the Halo 2 global leader board, where players are ranked like chess masters according to their online wins and losses.

The most severe of the holes was a meta-bug triggered when black hats interfered with their cable modem links, buying them up to eight seconds of invisible movement while the game server struggled to reconnect -- just the ticket to sneak into the enemy's fort and steal their colors in a hotly contested capture-the-flag game. Other glitches were errors in the game's physics engine that gave practiced players Neo-like mastery of the Halo 2 multiverse: the power to fly through the air, grab objects through solid walls or create a tactically useful double of their avatar.

"You have a huge number of people intentionally trying to find stuff to essentially break, or mess around with, the game," said Halo expert Jeremy Hunt. "Trying to make a game work with that kind of crowd is pretty tough."

The bugs have been a chink in the armor of the otherwise bulletproof Halo franchise. The original Halo was the flagship title for the Xbox, and Halo 2, released last November, sold 6.4 million copies in its first three months on the market. The game's vigorous online component helped boost Xbox Live's user base to 1.4 million players in January. A Halo movie is now reportedly in the works, and rumors abound that a next-generation Halo update is planned as a launch title for the upcoming Xbox 360 console.

Microsoft responded to the glitches quickly and characteristically: In mid-January, the company launched a ruthless wave of anti-hacking enforcement that's seen, by Microsoft's count, thousands of players banned from online play for allegedly exploiting the vulnerabilities. Some gamers are complaining in message forums that they were targeted unjustly, but they have no recourse under Xbox Live's terms-of-service agreement, which lets the company exile anyone for any reason.

Full Story.

More in Tux Machines

Leftovers: OSS

  • Codesmith Students Garner National Praise for Open-Source Contributions
    Reactide is an Integrated Development Environment built for React, which intends to make React development easier for Software Engineers. The project has been widely praised, amassing over 6,000 stars on GitHub.
  • Airbnb’s new open source library lets you design with React and render to Sketch
    Today, Airbnb’s design team open sourced its internal library for writing React components that easily render directly to Sketch. Instead of trying to get Sketch to export to code, the Airbnb team spent its time on the opposite — putting the paintbrush in the hands of the engineer.
  • [Older] Telecoms copying cloud providers make beeline for open source, say analysts
    The supersonic growth of Amazon Web Services and other cloud providers in the past few years owes much to open-source communities that fed them cutting-edge tech free-of-charge. Now telecom is mimicking this strategy through involvement with the Linux Foundation, according to Scott Raynovich (@rayno) (pictured, right), guest host of theCUBE, SiliconANGLE Media’s mobile live streaming studio.
  • Get a Preview of Apache IoT Projects at Upcoming ApacheCon
    The countdown until ApacheCon North America has begun. The blockbuster event will be in Miami this year and runs May 16-18. The Apache community is made up of many niche communities and ApacheCon offers something for all of them. Here, Roman Shaposhnik, Director of Open Source, Pivotal Inc., who is heading the Apache IoT track at the ApacheCon conference, gave us a sneak peek of what the Apache Internet of Things community can look forward to at the event.
  • Free Webinar on Starting a Collaborative Open Source Project
  • Oracle draws curtains on OmniOS
    With its openly stated operational remit of ‘aggressive acquisitions’ (albeit positively aggressive), Oracle is (very) arguably a firm known for buying, swallowing, acquiring those companies it decides to consume.
  • Partners Healthcare, Persistent Systems to develop open-source platform
  • Libreboot Applies to Rejoin GNU
    Last week we reported that after reorganization, Libreboot was considering rejoining GNU and was seeking input from its community to determine the amount of support it had for such a move. From reading the comments posted both on our article on FOSS Force and on Libreboot’s website, it comes as no surprise that the project’s core members feel they have the necessary consesus to proceed. Last night, FOSS Force received an email — sent jointly to us and Phoronix — letting us know of the decision. Rather than repeat what’s already been written and said on the subject (for that, follow the first link above), we’re publishing a slightly edited version of the email, which will pretty much bring everyone up to date on the situation.

Security updates and no more patches from grsecurity (without a fee)

  • Security updates for Wednesday
  • GrSecurity Kernel Patches Will No Longer Be Free To The Public
    The GrSecurity initiative that hosts various out-of-tree patches to the mainline Linux kernel in order to enhance the security will no longer be available to non-paying users. GrSecurity has been around for the better part of two decades and going back to the 2.4 kernel days. In 2015 the stable GrSecurity patches became available to only commercial customers while the testing patches had still been public. That's now changing with all GrSecurity users needing to be customers.
  • Passing the Baton: FAQ
    This change is effective today, April 26th 2017. Public test patches have been removed from the download area. 4.9 was specifically chosen as the last public release as being the latest upstream LTS kernel will help ease the community transition.
  • grsecurity - Passing the Baton
    Anyone here use grsecurity and have any thoughts about this?

Microsoft-Connected Forrester and Black Duck Continue to Smear FOSS

More Coverage of Kali Linux 2017.1 Release

  • Kali Linux 2017.1 Security OS Brings Wireless Injection Attacks to 802.11 AC
    Offensive Security, the developers of the BackTrack-derived Kali Linux open-source, security-oriented operating system announced the availability of the Kali Linux 2017.1 rolling release. Since Kali Linux become a rolling distro, the importance of such updated images was never the same, but Kali Linux 2017.1 appears to be a major release of the ethical hacking distro, adding a bunch of exciting new features and improvements to the Debian-based operating system.
  • Kali Linux 2017.1 Released With New Features | Download ISO Files And Torrents Here
    Offensive Security has updated the Kali Linux images with new features and changes. Termed Kali Linux 2017.1, this release comes with support for wireless injection attacks to 802.11ac and Nvidia CUDA GPU. You can simply update your existing installation by running few commands if you don’t wish to download the updated images from Kali repos.