Maybe you have never heard of GameplayKit, plus one of hundreds of APIs available from Apple, is responsible for making Mac (and iOS) games respond to the commands and rules set by developers and run more efficiently. That's good: it means the API just works, and you (if you're not a developer, of course) don't need to know about its existence. Interesting what the security researcher Patrick Wardle created from it.
The developer revealed at the last RSA security conference a utility called Gameplan, which uses GameplayKit routines for a purpose that does not necessarily have anything to do with games: instead, the software uses the API to analyze suspicious activity occurring on the system that may indicate the presence of malware and other threats.
Wardle explained the concept behind the utility:
GameplayKit takes care of managing events and performing actions. In PacMan, by default, ghosts are hunting PacMan, so that's a rule. If PacMan eats a tablet, the ghosts run away. That other rule. Then we realized that Apple had done all the hard work for us. Game logic can be used very efficiently to process events in a system and send alerts.
That is, the user can, with GamePlan, create rules that trigger or not alerts in the system all according to their usage patterns and behaviors that, in their case, may pose threats. Someone can, for example, set the utility to alert every time files are sent via the internet to a laptop in the company's human resources area, but not when sent to a laptop in the development area, for example.
According to Wardle, the options for customizing the software are almost endless, and the user can, from GameplayKit, manage aspects such as file transfer, peripheral connection, webcam / microphone activation, program installation and more.
There is not yet a prediction of the release of GamePlan for the general public, but we will be following the news about it.