backtop

Print 21 comment(s) - last by peternelson.. on Mar 27 at 3:33 PM
XBOX 360's latest hack is leaked to the public, but its usefulness to would-be pirates and warez community is questionable

Early today XBOXIC.com posted an interview with Robinsod, Microsoft's latest problem. Earlier this week we reported that a group of 6 hackers found a vulnerability in Microsoft's newest gaming console, the XBOX 360. This allowed them to boot a copied version of Project Gotham Racing 3.

The man who calls himself Robinsod is part of a group of 6 hackers who have tried to break the copy protection of the XBOX 360. However, according to Robinsod, they are not planning on releasing any specifics on how they went about loading a copied game disc on their consoles for very humble reasons. They did not want to hack the new XBOX to assist in or even encourage any type of piracy but to prove to themselves that they could.

Robinsod also provides some warnings for those who do try to replicate their findings. They will most likely turn their consoles into unusable "bricks" like a sort of "don't try this at home, kids" warning. However, Team Xecuter has planned to release a firmware patching utility for PCs to update the XBOX 360's DVD drive firmware and circumvent the copy protection. There is no word yet on how they are coming along but it should be interesting.

This is not the first time anyone has ever tinkered with the XBOX 360 and succeeded in finding what they shouldn't have been able to. Soon after the gaming system began shipping there was already a way to access the contents of the XBOX 360 hard drive to retreive save games. Soon after that the file system was decoded to allow one to access the structure of a game disc by a coding group that calls themselves "Pi". Though these cracks aren't very useful to the typical gamer they could be starting points to hacking the console and running all sorts of code on it which we have seen with the original XBOX system.

Sony's PlayStation 3 console is set to launch later this year in all major markets. According to recent announcements, Sony will be preloading the Linux OS onto the PS3 which should be very interesting to hackers all around the world. The question will then be "which gaming console will be the most difficult to hack?"

Comments     Threshold


This article is over a month old, voting and posting comments is disabled
A good achievement, but....
By peternelson on 3/22/2006 10:49:05 AM , Rating: 2
This "hack" has been done by one group and now replicated. Not so hard once you know the general attack plan.

Unless the above hypothesis about piracy fuelling a market which helps consoles gain market share, and indirectly increase revenues from paid-for games, I believe this is BAD NEWS for MICROSOFT.

It makes it very easy to pirate MSX360 titles.

However, I do not believe MS are so stupid.

All they have to do is use "LIVE" service to upgrade/modify the EEROM or other firmware to READ and VERIFY the firmware of the DVD rom drive to make sure it has not been patched by hackers. In fact I claim copyright on this idea and may apply for a patent retrospectively. In another enactment of my invention, the console would verify the firmware of the DVD drive by prior to or upon each disk insertion. The firmware verification my be by means of a CRC or similar checksum, and a multiplicity of authorised dvd-rom checksums stored for comparison with the derived checksum. The console may refuse to execute any code being read from a drive where the firmware has been modified to an unauthorised firmware version. Optionally the console may report this to for example Microsoft via a computer network. Optionally the console may temporarily or permanently disable itself. Alternatively the console may flash its rom back to an acceptable version of the firmware. In another embodiment of my invention, the drive may be Blueray or HD-DVD or another current or future optical media drive technology.

By publishing here microsoft cannot obtain a patent on the above because it is now PRIOR ART. I may choose to license the patentable aspects of my invention to Microsoft or others but probably at exhorbitant fees. I may choose to support some open source or other developments using part or all of such derived funds.

ACTUALLY I AM NOT INTERESTED IN PIRACY. If I want the games I will buy them. I might be interested in backup to avoid wasting money by scratching or damaging originals.

This could be avoided by something like Valve steam where you buy a license and authenticate it, but with the addition of the ability to transfer ownership by individual game without a big admin fee.

WHAT I WANT FROM AN XBOX360 MOD IS THE ABILITY TO RUN LINUX.

Give me a way to USE that discounted multiprocessor power for something other than gaming. I want to run linux on the X360, or a farm of them.

Unfortunately this hack only helps pirates (or backup users), not people who want to use linux. I want a code-sign of the linux for an X360 so we can use that power.

I believe PS3 will be capable to run linux when it arrives.





RE: A good achievement, but....
By sp1nfer on 3/22/2006 12:02:04 PM , Rating: 1
In the words if a person from [H], this article has got comedy gold potential. Random persons with no knowledge about what they are talking about getting in a place to spread their 'enlightment'

I dare you to patent your so called 'invention'. It will be the same day your patent is rejected. Firstly, it's your 'Microsoft are stupid, they should do things this way..' attitude that will get you nowhere. I really like when people call other things stupid or lame or irrational or whatever when they don't understand them at all.

Do you really think that? Don't you have the slightest clue that thousands of people before us have tried (and failed) to recreate the wheel, which is, trough your deep and vast knowledge of security. I won't even waste my time pointing the flaws in your 'patented invention'.

quote:
WHAT I WANT FROM AN XBOX360 MOD IS THE ABILITY TO RUN LINUX.

Yeah, because Microsoft wants competitor's products to run on their consoles..

quote:
It makes it very easy to pirate MSX360 titles.

I don't see you do it. I don't even see you attempting to do it. Neither see you even comprehend what the hell you're talking about.

quote:
I believe PS3 will be capable to run linux when it arrives.

Yeah, because from a business viewpoint that seems perfect. Way to go man.

quote:
Unfortunately this hack only helps pirates (or backup users), not people who want to use linux. I want a code-sign of the linux for an X360 so we can use that power.


Stick to your PC's with Linux running on them. Let the XBOX360 alone. Stick to your PC's with Linux and to your dreams of having the perfect security and marketing ideas aswell. Really, why should someone spoil a gaming console because the random Linux user has his 'BETTER, FASTER, MORE LINUX!' spree, which usually happens with everyone liking a piece of open-source technology, and wants to turn that perfectly suitable piece of technology for what it does, into a slave of computational work for his needs.

quote:
However, I do not believe MS are so stupid.

You don't think they are *that* stupid. Recalling from that sentence you seem to think that they ARE stupid, but not to your degree of thinking. Thanks for the laugh, daddy. I think I don't need to comment on this; I've stated the wrong points with your comment already, so really, why bother?

Don't get offended. I'm just trying to fend off stupidity ;)


RE: A good achievement, but....
By TheGee on 3/22/2006 12:24:34 PM , Rating: 2
Peter, may I call you Peter? Or is it Nelson - I hope I recognise irony and pathos in you post. If I am mistaken, I'm fooling myself and you are serious keep looking over your shoulder for some chaps in white coats and a nice jacket with built in arm rests!!

As for hacking the Xbox I'll quote Mallory (I think) who when asked why do you want to climb everest "'cos it's there" was his reply. And that explains everything about everything! Besides Everest had the last laugh on Mallory.

Anyway --- like the antipathy!!


RE: A good achievement, but....
By peternelson on 3/22/2006 1:03:16 PM , Rating: 2
Let me clarify my earlier post.

You may indeed call me Peter, it is a name I like, and I assure you I am quite sane.

Microsoft are a company who have invested a lot of money into their new console system. They suffered piracy and modchips with xbox so will try to discourage it with x360.

In the gaming model, consoles are subsidised because the game titles are expensive.

This means that people could use powerful hardware at heavily discounted price for non-gaming tasks which would be attractive as a linux machine. Yes linux runs great on a pc, but pc is not as affordable as xbox (particularly in bang for buck terms). But Microsoft do not want people buying x360 to run linux on because they will not obtain any gaming sales, thus make a net loss per console. Also promoting or helping linux adoption will not help their desktop windows monopoly.

For those who do not know, the "hack" does not allow execution of arbitrary 3rd party binaries (eg like linux) but only MS signed ones. The x360 talks to the media drive and obtain a media type code. The x360 will not execute files from dvd writable media because they are pirate copies. The "hack" just changes the drive firmware so that it report that it has not a dvd-r or dvd-rw but instead claims it is official microsoft media type (when in fact it is not). Modifying such drive firmware is actually not revolutionary, it is done on many pc dvd drives to enable multiregion playback for example. You seem to suggest it is beyond my skills. What makes it easy is the bus interface between drive and rest of x360 can be hooked up to a protocol analyser to sniff the bus. Why I have NOT done this myself is I am not interested in piracy.

Microsoft are NOT stupid. I said they are NOT so stupid as to spend millions on a custom cpu, and leave open a silly security hole like the drive firmware. As I pointed out and provided a simple means by which they can overcome this "hack". I was half joking about the patent because I am somewhat familiar with patent law and would therefore have needed to disclose less detail to maximise my chances of having such patent awarded. Nonetheless, I believe I have demonstrated prior art, which will stop anyone else extracting patent license fees from any console maker for this idea. (Unless they can prove they had the anti-hack technique before I did).

I would like either a means to sign a linux binary with a key which will authenticate it.
OR I would like a means to modify an xbox360 so that it will run arbitrary executables without checking for a key.

Both of these are much more difficult. eg because of drm built into the xbox360 cpu and reprogrammable fuses.

As for Sony, they made a kit to sell linux specifically for their PS2. As well as this official one, there is easy way to run linux on PS2.

Sony leaders have specifically talked about linux on PS3 eg hard drive preloaded and optimised for different tasks like a pvr but running linux as the OS. I am therefore hopeful that if I bought PS3 I may one day be able to run linux on it.

There is already very good linux support for Cell processor used in PS3. eg from IBM research labs.

I hope my opinions are now clearer to those who flamed me.

Kind regards to all.


RE: A good achievement, but....
By sp1nfer on 3/22/2006 3:48:01 PM , Rating: 2
ah, I did not intend to flame you, I hope you didn't take it personal. I can re-read myself now, and see that I acted as I had a stick in the you-know-what, hence why I didn't notice the joke/sarcasm :P

quote:
Why I have NOT done this myself is I am not interested in piracy.


By-passing a security system doesn't make you a thief by any means. Some of the greatest hackers in the world activate for the sake of pure challenge.


RE: A good achievement, but....
By peternelson on 3/22/2006 8:23:10 PM , Rating: 2
"Some of the greatest hackers in the world activate for the sake of pure challenge."

Absolutely but they choose their challenges. Would they rather try to climb Mount Everest or climb a ladder?

My post is headed "good achievement". I respect that work as they will have had to modify handcoded assembly instructions for the drive microcontroller.

But as a challenge THAT is only on the level of making a drive multiregion.

And before doing it we can see that it does not achieve the "holy grail" we seek (of using the hardware we bought to run any programs we write or want to use).

Now that is not to devalue the work. It is useful to climb a ladder if it enables you to reach a window to clean it, or to lead the first steps to some higher aim.

So, in terms of the BIG CHALLENGE, this is the first few steps (the ladder).

We would all like to climb everest, but to do so requires an understanding of the enormity of it, taking the right equipment, being prepared and practice on smaller peaks first.

This first step might ultimately facilitate someone else to climb higher (if they can beat the microsoft code signing) but to duplicate the work already done would not be a challenge to me because it doesn't get me any higher than the top of the ladder someone else already climbed.

I realise the enormity of the challenge: for example to analyse the xbox360 cpu using an electron microscope to produce die plots of the different layers, and derive the operations of the DRM technologies. Or to break a very (impossibly) big encryption keylength by brute force or advanced factorisation methods like number field sieve.

Now that IS a challenge I would like to try! But I realise that challenge is beyond my capability and resources for now, and hope it will be done by some more advanced hacker than myself (who has no problem writing off many xboxes through their research).

I agree that we can wish to climb it because its there, but if we could climb it that would have benefits (such as enabling anyone to run what they wanted on x360) far beyond merely facilitating piracy which I do not condone. I agree that the motivation of the teams who have done this work so far is almost certainly not piracy, but it may be an unfortunate side effect. If it could facilitate backups and further research into "higher" xbox360 hacks but prevent piracy that would be most desirable but probably cannot be one without the other.


RE: A good achievement, but....
By Scabies on 3/23/2006 1:36:34 PM , Rating: 2
I'm glad I read through all of your postings, originally I was going to write you off as someone that was just reading some hardware wiki and spouting babble. I do have to wonder though, I dont have any experience in Linux, but wouldnt the OS have to have custom accomodations to task three processors that interface with one another in a completely non-standard way? Cause if not then shoot I would love a top-of-the-line console/pc at only $400, most top of the line video cards cost that much right now


RE: A good achievement, but....
By INeedCache on 3/23/2006 6:11:36 AM , Rating: 2
"By-passing a security system doesn't make you a thief by any means."

Maybe not, but it doesn't mean that what you did was right, either. Because what you did wasn't right.

"Some of the greatest hackers in the world activate for the sake of pure challenge."

Yes, and some people murder others just to see if they can get away with it, just for the sake of challenge. Great, this makes it all OK. Nice to know that if you do something wrong, it's really alright as long as you did it just for the challenge.

I'm really tired of hackers and pirates being romanticized. They shouldn't be.


RE: A good achievement, but....
By sp1nfer on 3/23/2006 8:50:00 AM , Rating: 2
quote:
Maybe not, but it doesn't mean that what you did was right, either. Because what you did wasn't right.


really, how is pointing out a flaw in someone's sytem/judgement a bad thing. You need to show me proof before saying things like that.

quote:
Because what you did wasn't right.

Says who? What about the WinXP on Mac hack? Is that wrong too? I guess the *hackers* you talk about are as bad as the next murderer.

quote:
Yes, and some people murder others just to see if they can get away with it, just for the sake of challenge. Great, this makes it all OK. Nice to know that if you do something wrong, it's really alright as long as you did it just for the challenge.


Yeah, giving stupid comparisons as murdering people for the sake of getting away isn't great either. You'd have to mentally unstable to do a thing like that, while hacking a said security system requires more than a gun and some bullets.

Again, HOW the hell is it bad when someone/something is proven wrong? Oh yeah, your ego and pride is ruined. Flat-earther ;)

quote:
I'm really tired of hackers and pirates being romanticized. They shouldn't be.

Yeah, they are so deep rooted into the biggest corporations, companies that you won't even notice them.Hint hint: IT specialists, admins, I could give a list too long that you won't bother reading, so why bother?


RE: A good achievement, but....
By peternelson on 3/27/2006 3:33:17 PM , Rating: 2

Please refer to the ORIGINAL meaning of "hacker" not the common misperception.

Hackers are NOT pirates.

If I BUY AND OWN Xbox360 hardware, it is mine to do with as I wish. If I want I can smash it with a hammer. If I want to take it apart I can legally do that. If I want to just keep it and never run ANY games I can do that too. And if there was some way for me to run programs I wrote I can also do that all very legally. And further if I was able to run some collaborative written operating system called linux, which I am allowed to use by the authors, then that would ALSO be legal. Learning how MY hardware works is also not illegal (often called "reverse engineering"). Unless you live in a region where DMCA applies (which I do not) which would restrict you from decrypting encryped data but not from encrypting your own data and programs to run on the cpu.

If I make a copy of someone else's x360 game and use the copy myself without buying the game, THAT is illegal. As I don't want to do this and would prefer not to facilitate it, I'm sorry you seem to imply people like me are "criminal". I assure you my activities are entirely legal. Which is more than can be said for some large multinational organisations.


Piracy Ability Is The Sign Of A Successful Machine
By porkster on 3/22/2006 1:42:32 AM , Rating: 1
If a machine is to be a success, it needs a piracy market.

If pirates buy a unit then the numbers and advocacy increases to a level where average users also obtain the units, and these are the people that buy the off the shelf items. Else it takes a special machine that centres its market toward children or others willing to buy every title.

I wouldn't put it past Microsoft indirectly given out hints or ways to hack the XBox360 to gain the hacking cult market on the secret.




By PrinceGaz on 3/22/2006 7:36:44 AM , Rating: 4
Although MS would never publicly admit it, most industry analysts believe MS delibrately made Windows 95 and later versions (at least until XP) very easy to pirate in order to introduce as many people as possible to it and therefore increase market penetration until it is almost universal.

With XP they introduced product activation to coerce more people to buy it, but activation was easily avoided/circumvented (depending on where you obtained a copy) and it is likely that also was deliberate as they are better off if people who are unwilling to pay continue to use Windows rather than switch and build up a sizeable Linux userbase. Most recently they introduced Windows Genuine Advantage where your license key is checked in order to download certain updates from Microsoft but even the recent update of that was cracked within hours, which suggest that it is intended only to encourage people to buy Windows, not force them to. MS know it is still better to maintain a high market-penetration even if a certain proportion of users aren't paying.

As for the XB360 and whether MS are doing a similar thing this time around, I doubt they are actively encouraging the breaking of the protection but they may be willing to privately tolerate it (while publicly deploring it) to gain an overwhelming market-share before the launch of the PS3 (the Revolution is targeting a different gaming audience so is not in direct competition with it). It certainly won't be the first time a console-maker has done that. The availability of CD-burners and the ease of copying a PS1 game is widely acknowledged to have contributed to the success of the console, compared with the N64 which used difficult to copy cartridges.

Selling consoles at a loss and having people play pirated games on them may sound like a crazy strategy for either Sony or MS, but it actually works very well in the long run. Okay so a lot of people decided to buy a PS1 because they could get a modchip and play copied games from their friends. But studies have shown time and again that most people are happy to buy original music/DVDs/games that they feel are worth paying for and can afford, even if they could obtain an equally good pirated copy much cheaper or for free. So the majority of those people who bought a PS1 because of the availability of pirated games went on to buy quite a lot of full-priced originals so Sony ended up winning from piracy, and Nintendo lost out because of the lack of piracy.

So are MS happy to allow XB360 games to be pirated in order to give it an unassailable lead by the time the PS3 is launched? The answer should be obvious.


By mpeny on 3/22/2006 9:49:58 AM , Rating: 2
Its a nice hypothesis but you have no supporting facts and its too convenient in support of piracy.

I mean - who is this 'most analyst'? You seem to throw this comment as if it was a given and the facts are easily accessible. You would need more than a quote or two just to prove this point - let alone your main hypothesis.

So in reality- the answer is not obvious.
The only obvious answer is that MS does not want you to hack it since it has spend tremendous amount of resources preventing you. The burden of proof is on your side. You need to bring facts to the table instead of conjectures and guesses.


.02


By littlebitstrouds on 3/22/2006 10:44:00 AM , Rating: 2
^What he said^

This is a bastardized version of "I wasn't going to buy it really so I'm not pulling any profit from you." pirating ideal. While it may be a valid point, you can't tell me a company actually "wants" this to happen.


By porkster on 3/22/2006 2:43:38 PM , Rating: 1
Microsoft has to be seen as doing its legal duty/obligation to its software developing houses/partners.

Some companies loose everything due to piracy, others gain substantially. It's all about market base and potential to sell. Pirates buying units, increases the market, maybe not so much in India.


By theprodigalrebel on 3/22/2006 10:57:57 AM , Rating: 2
I agree with what you are getting at. I know North America/Japan are what bring home the profits for Microsoft/Sony...but I have witnessed PS2's HUGELY outnumber XBOX sales in India, where I live. Reason? Almost every seller that sells PlayStations (except Sony-exclusive stores) will happily mod it for a $20 USD fee. XBOX mod-chips aren't as common out here. Once you have the mod-chip, a pirated game costs $3(Mainstream titles)-$5(AAA-titles). Otherwise, we have to pay $50 per game, just like North Americans do. Factor in the fact that the average Indian makes AT LEAST 10 times less than his American equivalent...and you'll know why almost nobody buys original games out here. It'd be like Americans paying $500 for a single game!!!

Now I'm not advocating piracy, just suggesting the cause for it. And I don't think Sony is unhappy with the thousands of PS2s that still fly off shelves today...


Bah!
By Kilim on 3/21/2006 8:28:26 PM , Rating: 2
I knew that him or one of his chump buddies would release it. They are not chumps for doing it, however, they are chumps for releasing it.




RE: Bah!
By spwrozek on 3/21/2006 8:58:05 PM , Rating: 2
I am pretty sure it isn't his team, I think it is another team that is trying to do it as well and release it. I could be wrong but I didn't think his team was team Xecuter. But I agree if they turned around and did release it after saying they wouldn't it would be crappy and they would be chumps.


RE: Bah!
By Kilim on 3/21/2006 9:05:58 PM , Rating: 2
quote:
Earlier this week we reported that a group of 6 hackers found a vulnerability in Microsoft's newest gaming console, the XBOX 360


Wait a minute, is it a different group? The article does not make that clear. They use the qoute listed above, and then it says a member of a group of 6 hackers hacked it.

But it lists a link to the original article where the "specialist" is given credit for this hack.

Which one is it? Please clarify.


RE: Bah!
By latino666 on 3/21/2006 9:18:40 PM , Rating: 2
Uhh.... read it again. It's pretty darn clear if you read it all the way through. Robinsod was part of the team that the Specialist was on.

Another team is trying to do the same and if the succeed they will release info on how they did it.


By Dfere on 3/22/2006 11:25:07 AM , Rating: 2
I agree with the above post who commented on a company "spending resources" to develop copyright protection in merely an effort to "publicly denounce" but "privately allow" piracy. I have worked for a few fortune 500 companies, some international.

There is no way a board would adopt such a policy. ALL profit initiatives for most large companies have a one to three year window- in other words, if a project can't return a reasonable investment within a few years, heads will and do roll. To say that huge amounts of resources would be spent on a strategy that could not be proven to produce money and take years to achieve is laughable.

It was also interesting to note the comment from India. Even we as Americans continually forget that while we make more- we also pay a whole lot more for most things as well. It was also interesting to note that his comment seemed to indicate he believes piracy is basically a subsidy or cost of living adjustment. I am not attacking him, I just wonder why games don't sell for US $3 or 4 over there (perhaps online sales and people would alter US computers to run them?)




"So, I think the same thing of the music industry. They can't say that they're losing money, you know what I'm saying. They just probably don't have the same surplus that they had." -- Wu-Tang Clan founder RZA











botimage
Copyright 2012 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki