Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Hardware

New "Secure" Xbox Cracked In Under A Week 337

Posted by timothy
from the salmon-swimming-upstream dept.
ilsie writes "Numbnut says it all in his post at xboxhacker.net. To quote his post, 'On behalf of the Xbox Linux Team, I am proud to announce that at 10:45BST the 'v1.1' secure version of the Xbox was proven to be running arbitrary BIOS code in a normal 256KByte modchip - with no additional hardware required. In short, in under a week we were able to normalize the new box to enable it to interoperate with Linux properly.'"
This discussion has been archived. No new comments can be posted.

New "Secure" Xbox Cracked In Under A Week

Comments Filter:
  • EULA changes? (Score:5, Insightful)

    by KernelHappy (517524) on Saturday October 12, 2002 @01:35PM (#4437637) Homepage
    By any chance, has anyone checked to see if Microsoft modified the EULA when they released the new version of the Xbox? It would be interesting if they stuck anything in there that would strengthen their ability to prosecute and/or seek damages for circumvention of the protection scheme.
    • Re:EULA changes? (Score:2, Informative)

      by Anonymous Coward
      Stop being anal with EULAs. If you violate an EULA, you're just voiding the warranty.
    • Re:EULA changes? (Score:5, Interesting)

      by afidel (530433) on Saturday October 12, 2002 @01:43PM (#4437676)
      Sorry but reverse engineering is pretty well established, if it wasn't then modern pc's wouldn't exist as Compaq would not have been able to reverse engineer the IBM bios and AMD would not have been able to reverse engineer the Intel CPU. Now they could try to come after them with the DMCA, but AFAIK these mod chips do not allow access to any protected content, but rather allow you to run arbitrary software on the hardware
      • Re:EULA changes? (Score:4, Informative)

        by Anonymous Coward on Saturday October 12, 2002 @01:46PM (#4437693)
        AMD didn't reverse engineer Intel's CPUs. They used to work together on processors.
        • Re:EULA changes? (Score:5, Informative)

          by Jeremiah Cornelius (137) on Saturday October 12, 2002 @02:25PM (#4437862) Homepage Journal
          AMD didn't reverse engineer Intel's CPUs. They used to work together on processors
          Well, I wouldn't say "work together"... :-P

          AMD had some fantastic processes for -- at the time -- incredibly fine micron CMOS fabrication. Intel had dink to show in the fab department. In order to build a 386 faster than 16 MHz, that wouldn't require raised-floor equipment to keep cool, they needed a license on AMD's fabrication technology.

          AMD exchanged this license, in exchange for a license on 286 and future technologies. The grounds for what these future technologies were comprised of were the grounds for the Intel/AMD legal battles of the '90's. The courts agreed this was inclusive of the i386 microcode, and the rest... is history

      • Re:EULA changes? (Score:5, Interesting)

        by alienw (585907) <alienw.slashdot@nOSpaM.gmail.com> on Saturday October 12, 2002 @01:57PM (#4437740)
        The reason modchips don't fall under the DMCA is because they don't bypass access controls. The dmca defines protection devices as something that "effectively controls access to a work". Since you can't access data on a game CD any better with a modchip, it doesn't bypass anything. IANAL, though, so I might be wrong.
      • Re:EULA changes? (Score:5, Interesting)

        by dattaway (3088) on Saturday October 12, 2002 @02:08PM (#4437800) Homepage Journal
        If I remember right, Mr. Gates himself related the story of reverse engineering MSDOS by dumpster diving for source code. There was also the incident of disk compression technology that was lifted from another company. To say that common people can not raise the hood of their own car to see how it works or put in a new engine might be called hypocritical.
        • Mr. Gates himself related the story of reverse engineering MSDOS by dumpster diving for source code

          That's theft of trade secrets, if true. "Reverse engineering" is treating the object in question (program or device) as a black box with inputs and outputs and reproducing its behavior exactly, without access to source documents.

        • Re:EULA changes? (Score:5, Informative)

          by starling (26204) <strayling20@gmail.com> on Saturday October 12, 2002 @05:55PM (#4438509)
          That was the BASIC, which was based on a listing of Dartmouth BASIC which they found in the trash. All MS did was port it to a different processor. They bought MSDOS from another company.

          That's right, MS's original flagship products weren't written by MS. They started as they meant to continue.

      • by m11533 (263900) on Saturday October 12, 2002 @02:20PM (#4437839)
        I would recommend you read up on the legal issue of reverse engineering because it is under attack and it is not at all obvious that it will survive. I believe the latest issue of ACM Communications has an excellent article on the topic. Recent US Government laws are very disconcerting.
        • ACM Communications (Score:3, Informative)

          by BlueboyX (322884)
          It is in the latest issue. It says 'reverse engineering under siege,' It doesn't attempt to predict who will win the legal matters, but explains what the threat is and how it will cause extreme harm to the tech industry if reverse engineering is taken away. Most slashdotters probably know most of that, but it is an interesting read.
      • Re:EULA changes? (Score:5, Insightful)

        by mbogosian (537034) <matt AT arenaunlimited DOT com> on Saturday October 12, 2002 @02:32PM (#4437883) Homepage
        Sorry but reverse engineering is pretty well established....

        Here, here! (Of course it's not legal anymore, but that's splitting hairs....)

        Whatever happened to legitimate forms of deterrance? If I crack open my TiVo, I void the warranty. I can dick around all I want, but if I screw something up, I have to pay to have it fixed. This is enough to deter most of the technology-ignorant public from screwing with their hardware, and it's a method which has been around for years. Has everyone forgotten about this?
      • Pretty much every mod chip out has always made the systems skip their "authentic CD/DVD" check, so a backup (or illegal copy...) of a game will work. Now, with XBox Linux, there are definitely legitimate and legal uses for a modded XBox, which in a reasonable legal system would mean that DMCA wouldn't have an effect here. But we all know that DMCA and reasonable don't belong in a sentence together...
    • Re:EULA changes? (Score:5, Interesting)

      by Shelled (81123) on Saturday October 12, 2002 @01:45PM (#4437689)
      It never occurred to me until reading the last sentence of your post, doesn't this in essence give Microsoft (and others) the power to create law? By standing behind EULAs it could be argued that governments give corporations a blank cheque to create legislation. "Put it in your EULA and we'll enforce it." (My EULA: IANAL)
      • Re:EULA changes? (Score:5, Interesting)

        by interiot (50685) on Saturday October 12, 2002 @01:53PM (#4437723) Homepage
        Yes, that's definitely a desired attribute of contract law. Since laws that are on the book won't ever be able to cover everything or be able to keep up with the variety of private interactions that can occur that would need legal coverage, private parties can both agree to specific terms that go beyond what's explictely on the books. There is a limit to how extreme contracts can get (eg. you can't say that if you don't hold up your end of the agreement, that the other person gets to kill you), but there's a wide area there for "creating law".
        • Re:EULA changes? (Score:5, Insightful)

          by Galvatron (115029) on Saturday October 12, 2002 @03:10PM (#4438021)
          I think the reason Shelled is trying to draw a distinction is that arguably, EULA's are not contracts. There is no meeting between the two parties, no chance for negotiation, no signature, the EULA is perpetual, and a price is paid for a physical good (making it look very much like a sale, covered by first sale doctrine rather than contract law). Of course, IANAL, but from the articles that get on Slashdot every now and again, it sounds like the courts haven't quite settled on an answer as to whether EULA's are legitimate contracts or not.
          • Re:EULA changes? (Score:2, Interesting)

            by danheskett (178529)
            If an EULA is ruled to not be valid because it looks too much like a sale, then everything will suddenly start looking mroe and more like a contract purchase.

            Go to Best Buy to buy an Xbox? Okay. No marked prices, no "grab a ticket and go to the check out counter". Instead you'll have a bare minimum sit down with a sales negoiator. You and he will talka bout the contract you will be shortly signing. And then you will sign it, and he will give you a mint.

            And after all that mess, you'll still you have the same EULA that you have now.
            • Re:EULA changes? (Score:4, Interesting)

              by shepd (155729) <slashdot@org.gmail@com> on Saturday October 12, 2002 @03:53PM (#4438160) Homepage Journal
              >Instead you'll have a bare minimum sit down with a sales negoiator. You and he will talka bout the contract you will be shortly signing.

              That's the idea. If it becomes a major PITA (and this is) to buy products that require a EULA, then people won't. They will prefer to buy products covered by basic copyright law (like GPLd products) and will be happy that they didn't waste their time buying products that take _forever_ to buy.
              • Not to mention how stores would love to spend 30 mins negotiating to sell a $300 dollar item... especially in the Christmas shopping insanity!

                It may become a new form of anti-MS (for example) activism:
                when you have a few hours going into into a shop and going through all the contract details until you decide that they are too onerous and decline to accept the terms offered.

              • Re:EULA changes? (Score:4, Insightful)

                by danheskett (178529) <danheskett@NoSpAm.gmail.com> on Saturday October 12, 2002 @08:55PM (#4438973)
                You think that the end of EULAs won't affect GPL software?

                Really?

                Really?

                There are EULA's for the major Linux distros (RH, Mandrake, etc). They are more complex than "just the GPL, please". Actually read one. It won't be that much fun probably.

                In fact, the end of EULAs would help MS more than it help NON-MS software vendors. MS's goal is for everyone to license software directly from them or a select few partners. They want all businesses to be buying software through a contracted licensing program, like Open or Select or Enterprise agreements. This will help, since for the Select/Enterprise their is a contract, signed and sealed, before entering the program.

                RedHat on the other hand may have trouble selling even a $40 copy of RH because of the required hassle of signing a contract, blah blah blah. That means everyone will just download the free copy, and that will be the end of it.
      • Re:EULA changes? (Score:2, Informative)

        by grahamkg (5290)

        IANAL...

        The EULA in essence is a contractual agreement. It is legal and supported in a court of law as long as it meets certain criteria: competent parties; subject matter; consideration; mutuality of agreement; mutuality of obligation.

        You read a EULA from MS. My guess is you're a competent party, as is MS. The EULA sets forth rules, establishing what you both will or won't do. You give them money, they give you rights. You agree to it or not. You are both obliged to follow the terms of the EULA.

        The EULA can potentially be invalidated if its obligations are against the law. Likewise, if consideration is unduly biased towards one party, that too could invalidat it.

        Check out law a little bit. You might find it interesting.

        • Re:EULA changes? (Score:5, Insightful)

          by DragonMagic (170846) on Saturday October 12, 2002 @03:45PM (#4438128) Homepage
          Problems I find with your argument:

          1) You assume a person reads an EULA. Even though a contract can still hold up if you don't read it, you're still required to sign it. If you never read an EULA or agree to it through a click, then how are you agreeing to it? Simply because they say "By using this product, you agree to our terms"?

          2) Another problem with EULAs are many of the corporate ones are too one-sided. They're not responsible for anything, but you're fully responsible to follow all their rules. Some even say you can't even talk about the product or take pictures of it or anything without permission, but that they can use your information for their company's marketing research without your permission to do so. (that is, they can use it to market you magazines whether or not you asked for them)

          3) You don't need to be 18 to buy many EULA products, and to have a contract valid, either a person 18 or older must agree to it, or the parent or guardian of that under-18 person must agree to have that person agree. When a 17 year old purchases an Xbox and takes it home, goes through the licensing agreements on his own, then starts playing, how can Microsoft say the EULA can still affect him?

          4) There are many people who play video games who cannot read, or cannot read English. So EULAs written in English are still valid even though the other party cannot understand them? I do believe that contracts have to be signed by parties that understand them, and if it's in another language, the translator must sign off on them. I could be wrong, of course.

          But again, EULAs are hardly contracts in the sense of contracts, but more of agreements that you won't do bad things to the company issuing the product. I can't wait until EULAs are struck down and normal copyright laws apply to the products (or patents to hardware).
          • Re:EULA changes? (Score:3, Insightful)

            by dreamword (197858)
            You raise good issues. However, things are not precisely as you state (or, perhaps, as they should be).

            1) You assume a person reads an EULA. Even though a contract can still hold up if you don't read it, you're still required to sign it. If you never read an EULA or agree to it through a click, then how are you agreeing to it? Simply because they say "By using this product, you agree to our terms"?

            It doesn't matter if the person reads the EULA, mostly because there's really no way to prove whether or not the person read the EULA. In this context, clicking "accept" is as good as a signature. If you're curious, see ProCD v. Zeidenberg, one of the first clickwrap cases. It's a very good opinion reasoning why clickwraps should be binding.


            2) Another problem with EULAs are many of the corporate ones are too one-sided. They're not responsible for anything, but you're fully responsible to follow all their rules. Some even say you can't even talk about the product or take pictures of it or anything without permission, but that they can use your information for their company's marketing research without your permission to do so. (that is, they can use it to market you magazines whether or not you asked for them)

            They are definitely "one-sided" in that one side has more responsibilities to the other side. However, it's not true that you're just signing away your rights for nothing; if you were, there would be no binding contract. You're signing away your rights to do certain things in exchange for them letting you use their software. The right to use their software does not cost just what you pay for the box at the store; it costs what you pay for the box at the store PLUS your agreement to follow the license terms.
            3) You don't need to be 18 to buy many EULA products, and to have a contract valid, either a person 18 or older must agree to it, or the parent or guardian of that under-18 person must agree to have that person agree. When a 17 year old purchases an Xbox and takes it home, goes through the licensing agreements on his own, then starts playing, how can Microsoft say the EULA can still affect him?

            Good one. I'm not sure. There are some kinds of contracts that minors can make, but I don't think this is one of them. If there's no contract, it's possible that the minor might not be held to the license terms, and we'll have to rely on under-18ers to do our dirty work. On the other hand, it's possible that the minor can't assert the right to USE the program at the same time as they assert the right NOT TO BE BOUND to the terms of the license agreement. Anybody have a better grasp on this area? I don't know if there have been any minor-clickwrap cases. Same goes for English-illiterate clickwrap cases; I just don't know if anyone's litigated it yet.

            But again, EULAs are hardly contracts in the sense of contracts, but more of agreements that you won't do bad things to the company issuing the product. I can't wait until EULAs are struck down and normal copyright laws apply to the products (or patents to hardware).


            They're definitely contracts, in any legal sense of the word. It sucks (I think first sale doctrine should apply, and there should be some consumer-software default rules set legislatively that are hard for software companies to EULA around), but that's how it is.
            • It doesn't matter if the person reads the EULA, mostly because there's really no way to prove whether or not the person read the EULA. In this context, clicking "accept" is as good as a signature. If you're curious, see ProCD v. Zeidenberg, one of the first clickwrap cases. It's a very good opinion reasoning why clickwraps should be binding.

              Okay. Now show me (and the judge) the proof that:
              A. The agreement said what they say it said.
              B. I clicked accept.

              Remember that programs including installs can be buggy, and sometimes even the bugs seem temporary.

              "Honest, your honour, there was this blank screen that popped up with two blank buttons on it. I didn't know what to do so I clicked one and everything seemed to work out okay. No, I don't know how it could have happened, I'm no programmer. I do remember having to swap out my memory chips shortly after though 'cause they seemed to be doing funny things at the time."
              • OK! No problem. IANAL.

                A. You still have that CD you installed from, right? Let's just pop it in and see what it does. My guess is it'll display a EULA saying what I say the EULA says, and an accept button that needs to be pressed before you can go on.

                Oh, you don't have the CD you installed from? OK, here's a CD that was pressed from the same master as the one that was sold to you. Same goes.

                B.
                Me: "Did you use the program?"
                You: "Yes."

                Then I show that you need to click Accept in the software to use the program.

                You: "But there was a bug. I never saw the agreement or any 'Accept' button."

                Me: "But you used the program anyway, even though you knew it was under license? And you didn't make any efforts to find out what the license terms were?"

                You: "Yeah."

                You can see where this is going. You'll never be able to prove that the EULA you saw said something different than I say, since you and I both know it said the same thing.

                Now, what happens if there was actually a bug and you actually never saw or accepted the EULA? I'd say it's a tossup. This is just a guess; there's no case law on point that I know of. If there was any material along with the software indicating that it was subject to license, you'd probably lose; it would probably then be your responsibility to find out what the license terms were, and not use the software until you were successful. If nothing ever said it was subject to license, you'll probably win, since you had nothing telling you it was subject to license.

                If you say there was a bug, it'll be on you to prove that there was. If you can reproduce it, you're probably home free on that point.
        • You read a EULA from MS. My guess is you're a competent party, as is MS. The EULA sets forth rules, establishing what you both will or won't do. You give them money, they give you rights. You agree to it or not. You are both obliged to follow the terms of the EULA.

          Well, only one party is really bound since MS EULAs always give them the right to modify the terms whenever they feel like it.

    • the EULA is not the problem, Its the fact they have to disable the copy protection (illegal in the USA) in order for it to even load linux,mame or whatever.

      I find it silly that people are risking large fines or maybe even jail time just so they can run linux on it, come on its a low end pc. I know what your thinking "MS losses money on every sale" that has to be the biggest urban legend wile its true when the thing was first released they lost a few dollars, but like all consoles once they pay for the initial production costs they break even on the sale, hell if you have 200$ to spend on a linux system walmart.com has lindows equipped thing that's far more useful then a xbox and it counts as an actual linux sale
    • by Inoshiro (71693) on Saturday October 12, 2002 @03:02PM (#4437994) Homepage
      I don't recall the EB guys hounding me to sign some sort of contract when I bought my Xbox. In fact, I don't recall any sort of contract in the box with it that I signed.

      The closest thing I could find was the ABOUT XBOX in the dashboard, which talks about how the softvare on the Xbox is protected by copyright law. Since I have no intention of pirating the Xbox dashboard, I think I'm legal.

      Plus, once I own something, it's mine. As I've said before, I could rip off the top of my Xbox, put all my night soil in there, and grow flowers from the rich loam. Microsoft can't say anything to me about the use of it, because I own it.
  • by LowAmmoWarning (539099) on Saturday October 12, 2002 @01:35PM (#4437638)
    and crack it.
  • any chance? (Score:4, Funny)

    by rizawbone (577492) <.gro.pedpeels. .ta. .todhsals.> on Saturday October 12, 2002 @01:37PM (#4437643) Homepage
    could these xbox hackers come over and get my ms office from asking for my cd every time i do a 'find' in explorer?

    that would REALLY impress me.
    • Hey, I'm not the only one that had that problem.

      Too bad I can't remember exactly what I did to fix it.

      Some things I tried though were a re-install Office and uninstall the Windows Installer and re-installing the latest version of it.

      I think one or both of those things fixed it. If I remember correctly though, the problem was caused by my deleting of the Office folder without uninstalling it.
  • by TrueKonrads (580974) on Saturday October 12, 2002 @01:38PM (#4437651)
    It brings me to this following tought: You can't protect anything that user has physical access to. Same situation is observable amongst CD 'copy (mis)protection' . Smart lads crack it in one week session. Maybe people should stop wasting money on copy proections and focus instead on actual product?
    • by Bishop (4500) on Saturday October 12, 2002 @02:00PM (#4437752)
      You can't protect anything that user has physical access to

      I think that the designers of the IBM 4758 [ibm.com] cryptographic coprocessors might disagree. The IBM4732 is supposed to be tampre proof [rutgers.edu].

      Ofcourse if you were to say that you can't protect anything that users have access to at a reasonable price. Then you would be correct. You would also be correct to say that security is hard and must be integrated into the system from the first design stages and not hacked on later.
      • by lars_stefan_axelsson (236283) on Saturday October 12, 2002 @02:33PM (#4437886) Homepage
        I think that the designers of the IBM 4758 [ibm.com] cryptographic coprocessors might disagree. The IBM4732 is supposed to be tampre proof [rutgers.edu].

        And yet, an application on the IBM4732 was hacked [slashdot.org]a little under a year ago. Granted it wasn't the processor as such, but a very important application that is delivered with the processor. Getting the whole system right is hard.

        If you want more material on why tamper proofing is difficult; Ross Anderson's [cam.ac.uk] team [cam.ac.uk]at Cambridge is a good resource. (And they have performed a number of nice hacks Markus Kuhn's optical eavesdropping [cam.ac.uk] for example).

      • by Henry V .009 (518000) on Saturday October 12, 2002 @02:44PM (#4437931) Journal
        It is not tamper proof. The vulnerability is the enivronment sensors, which can be neutralized. The worst design flaw is that the IBM4732 doesn't have a block of thermite sitting on top that destroys the hardware in case of tampering. That wouldn't be fool-proof, but would mean that your lab would destroy a number of them in the initial 'figuring out how it works' stage. (Even better than thermite is a larger bomb that kills your scientists along with destroying the device. But scientists are replacable, so all you are really doing is raising costs.) Without the thermite, your lab only needs to procure one extra, take it apart, find all the tamper sensors and figure out a method to neutralize them. After that, you can take apart all the IC's with impunity. And really at this point your work is done. You duplicate the RAM contents, figure out the private keys (they have to be stored somewhere), and you have all the information. Very expensive process, but doable.

        A very interesting historical parallel is the British bomb defusers, who worked on defusing failed German bombs. At first it was dangerous, but still relatively easy. Afterwards the Germans starting figuring out ways to booby-trap the bombs just in case they didn't go off right away. This was defeated. And finally they engineered bombs specifically to kill bomb defuse teams. Even this was defeated. A very interesting history that includes many of the greatest acts of bravery during the war.
        • by Bishop (4500) on Saturday October 12, 2002 @03:39PM (#4438110)
          Very expensive process, but doable.

          Cost is always part of the doability [sic]. When designing a secure system part of the equation is how hard it would be to crack the system. It is possible to brute force RSA, but that does not make RSA any less secure. The same concept applies here. If it would cost more to crack the system then it would to buy an insider, then the system is, for most purposes, secure.
          • No, it doesn't mean that the system is secure. It just means it is secure as practicable. Quite a difference. But it's also kind of meaningless, as the cost of buying an insider is hard to estimate. Depends on what you'll willing to do. Torture is very cheap.

            By the way, doable is a real word. Doability seems like a valid extension. Its meaning is obvious and it serves a useful purpose. Feasible and feasiblility are possible synonyms, but they don't have the connotations. 'That is feasible' means 'that is possible.' But 'that is doable' connotes 'I can do that' or some such attitude.

            So I'd suggest leaving the [sic] out next time.
        • I'm curious as to how much product liability insurance premiums will increase if thermite is involved. And what of the individuals who would seek to incorporate these anti-tampering devices into pipe bombs?
  • Makes sense (Score:2, Funny)

    by dcstimm (556797)
    Proves that there is nothing microsoft can do to secure the xbox. Oh well, thank god for xbox hackers!
  • by zulux (112259) on Saturday October 12, 2002 @01:45PM (#4437684) Homepage Journal

    The good, hard working, people at Microsoft(tm) have worked long and hard to give you a Video-Game systmem that plays the games you want.

    Instead of happily purchasing the system and all twelve games, and three extra HandHurt(tm) controllers - you go and make the poor people at Microsoft(tm) cry.

    I think it's time you helped a good American(tm) company like Microsoft, instead of promoting the Communist-Finnish Linux.

    Please, don't take food out of a fellow American(tm) - buy your Xbox today!

    (MS: Please credit MSDN account #2341 for this post)

  • by Anonymous Coward on Saturday October 12, 2002 @01:46PM (#4437691)
    What about waiting for the first Palladium machines, and hacking those ?

    Hacking the X-Box is great, I'm sure. But how much greater to wait for the companies most keen to restrict all our rights to invest a whole lot of money in Palladium - just to see it cracked and made completely useless ? It might even make them completely give up on the whole idea for a long, long time to come.
  • by jdkane (588293) on Saturday October 12, 2002 @01:47PM (#4437697)
    Once the complete XBox product is in the customer's hands, all the security in the world is simply a set of preventitive measures.
    Because the product is an autonomous unit, obviously anybody is free to hit it from any angle until the security is broken.

    I'm sure Microsoft doesn't really expect that the XBox product will be totally secure. So it's probably not such a big deal whenever the product is cracked.

    However Microsoft's sporatic changes to the XBox security may easily cause confusion to consumers who try to purchase mod chips (because different version exist), which in and of itself it a good tactic. Frustrated consumers are probably less likely to spend money on modifications after they find some mods don't work (because they are meant for a different version of the XBox).

    • However Microsoft's sporatic changes to the XBox security may easily cause confusion to consumers who try to purchase mod chips (because different version exist), which in and of itself it a good tactic. Frustrated consumers are probably less likely to spend money on modifications after they find some mods don't work (because they are meant for a different version of the XBox).

      I disagree. I tend to think that if anyone is going to be buying a mod chip to run Linux on their Xbox they'll most likely have the ability to figure our which chip they need. At the very least, I bet the mod chip people will have good instructions on how to figure out which chip you need, as they most likely want to avoid return issues. At least I would.

    • "Frustrated consumers are probably less likely to spend money on modifications after they find some mods don't work (because they are meant for a different version of the XBox)."

      Granted save that you are forgetting one point there. Different types of mod chip exist for the various versions on the Playstation and the PSOne. Different mod chips exist for the various releases of the PS2. There are even different mod chips in existance for PS2's in the same class (wired, USB with one wire to connect, USB no wire, IC card type).

      So far all the choices stop are the type of person who wants a mod chip but is afraid to mod the unit. It doesn't really affect the hard core techies who love the challange of the modded and hacked toy.

  • by falzbro (468756) on Saturday October 12, 2002 @01:48PM (#4437702) Homepage
    It seems that everyone is considering this new xbox revision to be a security upgrade, which it really doesnt seem to be. A few things on the PCB have changed, such as the USB header now being integrated on the main mobo, and few other things.

    It seems to me (and others) that MS did a slight revision to cut costs. While they were at it, they did a few (very minor) changes to the BIOS to deter hackers. It's kind of gotten out of hand how people are calling this the 'new version that MS created just to not be hackable'.

    --falz
  • by fishlet (93611) on Saturday October 12, 2002 @01:49PM (#4437707)

    It doesn't matter if you hire the smartest people you can find... theres always someone out there smarter. Microsoft may have put it's best people behind it's security initiative, but there are always going to be people out there that are more intelligent- not to mention more motivated. Or to make this a bit simpler... I think there are more people who want to hack the Xbox then there who don't want it hacked- it's pretty obvious who's gonna win. All MS will do is going to do is make it more challenging and guess what... theres plenty of people who like challenges. The more challenging it is, the more it's "just gotta" be hacked.

    • by epine (68316) on Saturday October 12, 2002 @03:28PM (#4438075)
      This is a hierarchy of smarterness. It's a battle of Smaug against riddling hobbits and the arrow of destiny. Be careful where you stand when DRM falls, it will make a big ugly splash.

      Eventually the dragons *will* win if they learn hard lessons from every mistake. The only question is whether the dragon, once perfectly armoured, will still be able to fly, or whether it will be so encrusted with layer upon layer of protective armour it can't really hurt anyone who doesn't stumble into its path. Copy protection died in the late eighties when people discovered it was more onerous than advantageous. When copy protection actually works, it drives your legitimate customers crazy. That's my hope for DRM, that it becomes so good no one can stand it.


      • I'm typing on one of those stiff IBM keyboards today. Whenever I switch to a stiff keyboard, entire word fragments go missing. I think it's a trick my hands play when running up hill. I'd send them down to the minors, but they're on a one-way contract with a no-trade clause.

        "is" from the first sentence should have been "isn't"

        I'm convinced my hands are living evidence for Chomsky's theory of traces. The word fragments that go missing are the ones which don't resolve until word order is set. It's disturbing that my typing errors come out as correctly spelled words I didn't intend to use. It's like waking up one day and discovering your own mental processes work much like the MS Office grammar checker which allows you to make a complete ass out of yourself if your word forms are plausible.

    • Anyone know of a crack for Mathematica? Since you basically have to have a PhD in Math to get even a secretarial position at Wolfram, let alone a programming job, they're the real baseline for 'hiring the smartest people you can find'.
  • by Anonymous Coward
    Microsoft would avoid the embarrassment by including a Linux CD with each Xbox.
    • Microsoft would avoid the embarrassment by including a Linux CD with each Xbox.

      Yeah, but they'd call it "MS Unix" or "MS OpenSource" something. I had no idea Microsoft invented HTML until I saw the file type for .htm docs in Windows....
  • It doesnt matter (Score:2, Interesting)

    by Mindcry (596198)
    kinda funny how this security thing is a one way arms race... they make better and better security checks, meanwhile crackers (instead of trying to keep up and trick the checks) can simply hex edit the security right out ;)

    This may be a bit more invovled, but it proves DRM will never really work, because computers were never originally designed to support restriction management, and retrofitting is too hard to implement since so many people already have really fast (unrestricted) computers/parts/technical knowledge.

    Either way, if you can play music, and you have a line out, you can make copies... this is the same kinda thing.
  • by Jason Earl (1894) on Saturday October 12, 2002 @01:50PM (#4437715) Homepage Journal
    Didn't Nvidia have to write off a bunch of hardware that became obsolete when Microsoft changed the XBox?
  • Some Background (Score:5, Informative)

    by warmcat (3545) on Saturday October 12, 2002 @02:02PM (#4437768)
    Disclaimer: I am numbnut.

    The 1.1 version of the Xbox is certainly designed to be Palladium Lite. The concept is that no code is executed unless it matches a one way hash signature. The only exception is the boot ROM (512 bytes) which lives in the nVidia-designed MCPX chip; this is used to validate the next code to execute, which validates the next code to execute and so on.

    Unfortunately for MS (and perhaps nVidia), they chose a hashing algorithm which already had a known flaw. The hash, which works on QWORDS (64-bit quantities) is completely insensitive to b31 and b63 of a QWORD both being inverted.

    Doubly unfortunately for MS, the VERY FIRST DWORD of the hashed region is the entry point, and contains a long relative jump. The effect of flipping b31 and b63 on this QWORD is to retarget the jump to RAM.

    Triply unfortunately for MS, they have a small interpreter built into their ROM code, whose instruction set is capabel to to IO amd memory r/w before the bootrom is validated and executed. It was trivial to add some memory writes to the interpreted code stream to prep the memory targetted by the modified jump with a jump back into the flash.

    The end result is perversion of the hashed region in a way invisible to the hashing algorithm, and execution flow jumping to arbitrary code in the flash.

    I urge anyone interested in both the technical detail and the larger issues raised by this to read the threads on http://www.xboxhacker.net as this is a much larger issue than simply another Xbox crack.
    • Re:Some Background (Score:5, Interesting)

      by Ektanoor (9949) on Saturday October 12, 2002 @02:16PM (#4437822) Journal
      These reminds me of one program supposedly protected by a well known hardware key. The thing was roughly this:

      IF (there is key on parallel port) AND (The key is working) {FORGET THE ... KEY AND RUN PROGRAM}

      A few NOPS and some correction on jump point and the program was running without the key. For an Assembler old timer, it took nearly 15 seconds to Veni Vidi Vici (Julius Cesar phrase - I came, I saw and I won).

      Considering that these hacks are slightly similar and that the hack I described is more than ten years old, then one can take an estimation on the level of security in XBox...
    • This post is not meant as a flame or insult, I'm genuinely curious.

      There are a few possible reasons for this hack:
      It's cool.
      Because it's there.
      Because you want to piss off M$.
      You didn't have anything better to do.

      But, using the XBox as a cheap Linux PC isn't one of them as PCs can be found for $199. So, my question is; what is your motivation to spend so much time hacking the XBox?
      • by Troed (102527)
        Please come to Sweden and show me where I can get a cheap PC with the characteristics of the Xbox in a store, for the same price.


        Oh, you thought the US was the whole world?

      • Because a $199 Linux PC doesn't have a kickass video card, DVD drive, or NTSC out.
      • Re:Question for you. (Score:5, Interesting)

        by handsomepete (561396) on Saturday October 12, 2002 @02:29PM (#4437872) Journal
        Please show me the $199 PC that has a DVD drive, onboard NIC, decent video and sound that I can run into my TV and, while on, is pretty much noiseless that also plays Xbox games. Provide links, if possible, and I'll go buy one instead of the Xbox I was planning on buying (refurb on sale for $159.99 at Electronics Boutique!) today. If you could, please hurry as the sale ends this weekend.

        I'm not being entirely sarcastic (if there really is a place that sells comparable $200 PCs, I would buy one), but I am tired of this whole "you can get PCs for the price of an Xbox" argument. My motherboard cost almost that much by itself. My video card cost more than that. Just because I can get a crappy Microtel or whatever at Wal-Mart for $200 bucks doesn't mean it's just as good.

        Anyways, all of this hacking stuff is over my head, but I would assume that the challenge is kind of interesting and being part of the group that is a watchdog to the predecessor to Palladium must be at least part of the intrigue. But what do I know. *shrug*
      • The local EB is blowing 'em out at $150 a box (though you probably have to buy some games as part of the bundle for you to offer that price.) Another EB bundle I saw was $195, including DVD playback...
  • by MadFarmAnimalz (460972) on Saturday October 12, 2002 @02:06PM (#4437794) Homepage
    I thought it was uncalled for to put the word "secure" in between quotes like that to emphasise it in a sarcastic manner.

    Personally, I'd say one week is a record; the boys in Redmond are getting better at this security stuff.

    Slowly.

    Next thing you know, it'll take all of 10 days to break in to an IIS box...

    Kudos really.
    • by Anonymous Coward
      I admit, MS is getting better at protecting their boxes from us, BUT what are they doing to protect our boxes from the outside world? So eventually we can't run Linux on our xBoxes, but everyone and their dog can still hack my PC.

      Eric
  • Give Microsoft a chance guys, they're still busy working out the bugs in Licensing 6.0 [microsoft.com]

    I'm sure the'll have a 200 meg patch for the X-Box anyday now. They'll call it Security 2.1a

    Have you Securified your X-Box today??
  • by Tim Ward (514198) on Saturday October 12, 2002 @02:11PM (#4437807) Homepage
    ... why anyone should want to run Linux on an Xbox? What will you be able to do with it that you can't do with Linux running on a proper computer?
    • Well, for one a GeForce 4 costs almost as much as an entire XBox. I have Linux on Playstation 2 just because I like the idea of developing for a console. I guess it's one of those things where if you have to ask you'll never get it.
    • Why the bear went over the mountain.

      The answer is to see what he could see.

      If you do not understand the zen of running Linux an whatever you want to after a little effort, then do not comment.
  • This would be really cool if Microsoft had not shut Lik Sang down, because without a mod chip this doesn't really do me much good.
  • Some damn idea (Score:5, Interesting)

    by Ektanoor (9949) on Saturday October 12, 2002 @03:04PM (#4438002) Journal
    I know this is a little bit unscientific, and rather illusory but...

    Xbox is small, nitty and costs only $200. It possesses a 3D chip, a not so bad 733MHz processor, ethernet connection and an hard drive. Frankly it is not so bad for a cheap cluster... Sincerly, I have seen a few clusters for which the cluster units were a little worse than XBox...

    Maybe the chance for M$ to reach Top 500? Imagine, an horde of penguins helping up Redmond to reach the heights of computer industry...
  • News? (Score:3, Interesting)

    by fire-eyes (522894) on Saturday October 12, 2002 @04:14PM (#4438227) Homepage
    My feelings for MS are widely know, but for once I'm not trying to troll.

    Given the facts, how is this news?

    In my eyes, it isn't.

    What WOULD be news would be "secure xbox cracked after exhaustive 6 month effort by 3 teams of 1200 people".

    Agreed?
  • by Cheese Cracker (615402) on Sunday October 13, 2002 @12:31AM (#4439645)
    Subtitle: Cracked in 60 seconds.

Some people claim that the UNIX learning curve is steep, but at least you only have to climb it once.

Working...