I may be talking out of my ass, here, and I probably am, but - what if we were to exploit the stream of data sent *after* the executable rather than the executable itself? I would imagine that's handled differently, no? Sure, there are signature checks on the chunk of game code need to run the downloaded game. But, take Mario Kart for example - after the executable for the game is sent, there's a continuous stream of data sent after that. Racer positions, speeds, synchronization, etc. Could that be potentially tampered with?