Last updated: 21 March 2014
There are several aspects of a game that present security challenges for the gaming experience. Developers address most of these challenges themselves because the exposures represent first order issues to be tackled during the software development phase of game production. Another reason developers have a vested interest in this layer is the fact that these are product quality issues instead of customer experience issues. Securing the game itself also affects a studio’s ability to monetize and protect its intellectual property, and if a company doesn’t care about its income statement, regardless of industry, it won’t be a company for very long.
Securing the game content has been a back and forth battle between developers and free riders for as long as I’ve been playing games. Console game developers haven’t had to fight this battle for as long as their PC game brethren have, but with the extinction of cartridge-based systems and the proliferation of connected consoles I foresee an escalating arms race in the world of DRM. The shift to cloud-based content delivery systems for games and other media will only focus more attention on this topic.
The second aspect of securing the game is preserving the sanctity of the game’s intended mechanics. Cliff Bleszinski (@therealcliffyb), design director over at Epic Games, tweeted about the concept of game torque a few months ago. I believe he was referring to game design, but this concept also applies to the behavior and interaction of the community that supports a game. If antagonists are able to exploit the game environment (aimbots, wallhacks, encounter glitches) or diminish the value of accomplishments (item cloning, gold farming, boosting), a game can lose its replay value and appeal. Developers have responded to these threats over time in a variety of ways. Some games encrypt the channel from client to server while others release applications or mods to police the system tampering that is required for certain exploits, such as Blizzard’s Warden.
It is important to note that I have always felt game developers must find ways to secure the environment because it is crucial to institute fairness into a system that thrives on competition. Some gamers will shout from the mountains if they feel a game’s security measures violate their expectation of privacy. But more on personal information in my next post Securing Gamer Identities – coming soon.
The third and final aspect of security is the impact that game software has on a gamer’s personal network and system. To be honest I hadn’t considered this topic in much detail before I read a post by Martin McKeay (@mckeay) on his children’s fascination with Minecraft. After reading the post, I realized the headaches I probably caused for my network administrator (sorry Dad). I remember logging into our home router and opening up blocks of ports to try and get Ventrilo or TeamSpeak (voice communication applications) to work before Unreal Tournament matches, a practice that I assure you would not be tolerated by your company’s network security ninjas. The pervasive nature of the internet and new gaming platforms will force developers to spend significant design and development hours on locking down their content. I was ignorant to the ramifications of my actions at the time, but the increasing volume of attacks proves that ignorance is not an option now. Casual and hardcore gamers alike expect a secure gaming platform, demand a secure gaming platform, and will be marvelously unhappy if it comes to light that their personal system has been compromised as a result of a game flaw.