MIT student hacks into Xbox

[rgtg]

Cool!!

MIT student hacks into Xbox




update A computer sciences graduate student is claiming to have cracked the security systems that prevent Microsoft's Xbox game console from running unauthorized software.
In a research paper published a few days ago, Massachusetts Institute of Technology student Andrew Huang detailed the procedure by which he retrieved the software "keys" that a game disc must contain for the Xbox to recognize its contents as legitimate code. Using the key, hackers presumably could write Web browsers, MP3 players and other sought-after applications for the console.

Hackers who want to benefit from Huang's work are out of luck, however.



"I'm not going to share the secret code at all, or the key--those are Microsoft copyrighted items," Huang said in a telephone interview. "I've been in touch with Microsoft about my work, and we've been really clear about what they think is legal research activity. I would love to say to everybody, 'Here's how to do it,' but I can't."

To crack the Xbox code, Huang developed a custom circuit board that he soldered between two key Xbox components. The board intercepted traffic between the components, from which Huang was able to extract the critical security keys.

Huang estimated it cost him $50 and three weeks of effort to break the code.

The primary security flaw in the Xbox, Huang said, was that the keys and other key security codes shared by Xbox components weren't encrypted. Instead, Microsoft relied on high-speed HyperTransport connections, dummy chips and other hardware measures intended to make it impossible for hackers to intercept data.

"Some security experts will say that if you run it really fast, it's secure," Huang said. "My argument is that you really need to use cryptography. I think the fundamental flaw is not so much that Microsoft didn't know what they were doing--they did a really good job of covering their tracks in the software. But they contracted out the hardware design to someone who didn't care as much."

Microsoft said the incident posed no threat to its customers or partners.

"We completely support pursuits worthy of both Ph.D. candidacy and academic publication," the company said in a statement. "And while reverse engineering of game consoles is not a new phenomenon, neither is the fact that we will vigorously prosecute to the fullest extent of the law anyone who tries to modify their system for the purpose of violating our partners' intellectual property or that of Microsoft's."

Hackers have been struggling since the day the Xbox went on the market to break through the console's security features so they can run their own software. The recent release of black-market "mod chips" for the console promises to make that task easier.

Huang said he's working on a way to break down the Xbox security system in a way that will allow him to legally share the results of his work. He anticipates an explosion of open-source software using the Xbox as a high-performance, low-cost PC replacement.

"I'm trying to find a legal way to create a boot ROM," he said. "Hopefully, in a couple of months we'll have a canned, easy-to-use solution that will allow people to write their own code."

[rgtg]

before someone asks...the source of the news

http://news.com.com/2100-1040-931296.html?tag=fd_top

[404NotFound]

that's really cool. Also i like that he is doing it the honest hacker way, and not the lamer way.

[anal=probe]

I like the fact that this was research for something he was doing in school, not just something he did in his spare time.

[arrowhead]

I like the fact that chee-tos are made of orange cheese flavor.

[404NotFound]

I like the fact that chee-tos are made of orange cheese flavor.

wtf? stupid newb..

[JellyWarrior]

Cant wait to start playing legal software on the xbox in the coming months!

Just proves that no matter how smart these companies think they are there is always somebody smarter, and 90% of the time they're still at school in some form or another.

[404NotFound]

Cant wait to start playing legal software on the xbox in the coming months!

Just proves that no matter how smart these companies think they are there is always somebody smarter, and 90% of the time they're still at school in some form or another.

MS thought that if they sent the data at high speeds you couldn't extract it... stupid them.. they needed to encrypt too.

[reaper2k2]

legal software?? using what a hacked program since xbox dvds cant be read by a normal cd player i cant see how that helps ........


the ip bin for dream cast is not legal ether

[ZacMc]

the ip bin for dream cast is not legal ether

Lets not have that discussion again.

[mrinsulto]

ha, at leaste he is being smart about finding a legal way to distribut the information. i would just come out and say how to do it, but, we all know how microsoft is, they have enough money to buy you 20 years in prison for simply looking at bill gates crossed eyed, let alone screw him over on his own system.

ha, but at leaste it is possible to obtain the key codes, and i am sure someone else will find a way to do it, only they will do the exact opposite and hope microsoft does not hunt them down.