RE: Xbox (Was -Online Games Consoles and Security Implications)

From: Ken Pfeil (Kenat_private)
Date: Tue Jun 04 2002 - 05:54:09 PDT

  • Next message: Noonan, Wesley: "RE: wireless woes in the triangle and beyond!"

    I know the XBox thread was killed recently, but this is good reading.
    
    http://slashdot.org/article.pl?sid=02/06/01/1656228&mode=thread&tid=172
    
    http://web.mit.edu/bunnie/www/proj/anatak/AIM-2002-008.pdf
    
    June 3, 2002
    
    MIT Grad Student Hacks Into Xbox Security System
    
    By REUTERS
    
    Filed at 4:40 p.m. ET
    
    LOS ANGELES (Reuters) - A graduate student at the
    Massachusetts Institute of Technology has found a way
    to circumvent the security system for Microsoft Corp.'s
    Xbox video game console, opening the way for hackers to
    use it to run competing software, according to
    documents released over the weekend.
    
    The MIT computer expert, who posted his report on his
    university Web site, also questioned the security
    behind Microsoft's soon-to-launch online service, Xbox
    Live, saying hackers could exploit a flaw in the system
    to identify individual players from their game
    machines.
    
    Andrew Huang, who recently completed a PhD thesis on
    supercomputer architecture, wrote a memo May 26
    describing his efforts to build hardware that would
    read the Xbox's internal security system. A link to the
    15-page report was posted this weekend at technology
    news and discussion Web site Slashdot.org
    (http:/www.slashdot.org).
    
    Computer enthusiasts have been excited about the
    possibility of using the $199 Xbox, which is
    technologically similar to a PC, as a stand-alone
    computer running operating systems like Linux.
    
    Some see it as the ultimate slight against Microsoft --
    using the software giant's own hardware to run software
    that competes against its Windows operating system.
    
    In the memo, Huang said the Xbox's primary security is
    contained in what he calls a ``secret boot block'' that
    is encoded into a media processor chip built for the
    Xbox by Nvidia Corp.
    
    Representatives of Microsoft and Nvidia were not
    immediately available for comment. An MIT spokesman
    told Reuters the university has not been received any
    request to take the paper down from its sites.
    
    TAPPED SYSTEM HARDWARE
    
    Huang said he had extracted the contents of the boot
    block by tapping the data path that travels between the
    media chip and the central processor.data path, Huang
    was able to capture the data transmitted between the
    two chips and manually process it to uncover the
    secrets contained in the ``boot block.''
    
    He said it took a total of three weeks to build his
    custom board for a total cost of around $50.
    
    Given the particular encryption algorithm that was used
    and the decryption key, both of which Huang has
    identified, ``one can run original code on the Xbox,''
    he said, meaning it would be possible to run things
    like unauthorized games and other operating systems on
    the console.
    
    Huang also said he had discovered a vulnerability in
    the console's programming, that would allow the boot-up
    sequence to be interrupted so that any code can be run
    on the system.
    
    In an e-mail to Reuters, Huang said he notified
    Microsoft in advance he would be publishing the paper,
    gave them a copy to read, and has been in regular
    contact with the company. He also said he is not
    working on any of the attempts to run Linux or other
    systems on the Xbox.
    
    ``I know a lot of people are exploring the possibility
    now, but I personally am not spearheading any effort
    toward this end,'' he said.
    
    Huang also said in the paper he has discovered keys to
    the identity of the console owner that may, in theory,
    be vulnerable through an online connection.
    
    Huang said he separately discovered that the console's
    serial number is stored in its memory, and that the
    data might be readable by the central operating system.
    ``What happens to this information when the Xbox is
    plugged into the Internet?'' he said.
    



    This archive was generated by hypermail 2b30 : Tue Jun 04 2002 - 09:28:09 PDT