Xbox Security Defeated

Posters Name: tmmicklabs
Posters Email:
Subject: Xbox Security Defeated

A graduate student at the Massachusetts Institute of Technology claims to have found a way to circumvent the security system for Microsoft Corp.'s Xbox video game console. Given the particular encryption algorithm that was used and the decryption key, both of which Huang has identified, "one can run original code on the Xbox," he said, meaning it would be possible to run things like unauthorized games and other operating systems on the console. This is great news. The X-Box could become the ultimate tool for Console Emulation. You can view the entire artile by clicking here!!
Source: Extreme Tech (

Full Story:
An MIT graduate student takes tools left over from his just-completed Ph.D thesis on symmetric multiprocessing (SMP) systems and applies them in breaking the vaunted security of Microsoft's Xbox with some brilliant detective work and a couple of hundred dollars' worth of electronic parts. His efforts, which began just days after Xbox went on sale, can potentially open the Xbox platform to other operating systems and for support of nonstandard peripherals.
Here's the scoop: Microsoft's XBox includes built-in booby traps intended to prevent software not authorized by the manufacturer from running on the machine. These provisions have frustrated hackers who wish to run alternative operating systems--such as NetBSD or Linux--on Microsoft's heavily discounted hardware. They are also used to implement DRM (digital rights management, AKA copy protection) and to provide each XBox with a unique, trackable serial number.

Microsoft's bag of tricks includes RC-4 encryption, non-working decoy code in the system's Flash ROM, and a "secret boot block" hidden within one of the system's application-specific integrated circuits (ASICs). But none of these measures deterred the indefatigable Andrew "bunnie" Huang, who built hardware to intercept communications between the device's northbridge and southbridge chips, exposing Microsoft's decryption key and the contents of the boot code as it traveled between two two chips on the XBox motherboard.

In a detailed paper describing his research, Huang notes that any such scheme--including those used to encrypt DVDs and other media--is ultimately vulnerable to reverse engineering. "If you ship secrets in your hardware," says Huang, "it is a good assumption that the users will eventually--and perhaps quickly--know your secrets."

Huang documented his progress on his Web site, as evidenced by a voicemail left by a Microsoft official, asking that Huang remove an image of the Xbox Flash memory from his site. Fearing that Microsoft might attempt to suppress his academic paper discussing the weaknesses in the Xbox's security, Huang sought advice from the Electronic Freedom Foundation (EFF). Huang discusses the legalities of reverse engineering on the site. Microsoft has not, so far, attempted to persuade him to take down his Web page and paper, which are available at the links below.

MWGL News - Printer Friendly Version