Slashdot Mirror
Keeping Secrets in Hardware: Xbox Case Study
BS405397 writes "Here is the just released MIT whitepaper on the security holes in the MS X-Box, and for those who are interested, opens up the X-Box pretty nicely." Update: 06/04 17:13 GMT by M : The server appears to be down at the moment. There is a copy of the paper mirrored here. Reuters and other news outlets have now picked up the story, two days after Slashdot.
Doesn't this violate the DMCA?
Doesn't everything?
There are some people that if they don't know, you can't tell 'em.
Here is the guys website (bunnie), with a ton of other hacking information not in the whitepaper.
He also has an alternative link to the paper.
the byproduct of years of oppression by the white man
Inconceivable!
I quote from a posting to XBOXHACKER that quotes "I did the work in february, but it took about three months to get it positioned and cleared with both MIT and Microsoft."
I guess that means the DMCA was not violated although the posting mentions that Microsoft intend on addressing these 'holes' in future revisions of XBOX hardware.
[)amien
Reverse engineering is legal under most circumstances. Prohibiting it would create a new form of intellectual property, which, unlike patents, would not have to be disclosed. Trade secrets are limited in scope; trade secret law is mostly about disclosure by people authorized to know the trade secret.
He frequents the Xbox hacker msesage boards. Heres what else he had to say about Microsoft in this post...
... hmm...patent search turns up nil on the Xbox...guess we'll just have to reverse engineer it. (FTR, Nintendo has patented what looks to be the entirety of the N64 console, thus perchance making reverse engineering an N64 illegal--not yet court tested.)"
"To answer some specific questions:
no, I will not publish the encryption key or the boot block. That's Microsoft copyright material, and I respect their copyright.
Microsoft is not particularly happy about the paper, but they seemed to concede that well, reverse engineering is protected by law, so there's nothing they can do about it. Let's hope they don't change their opinion...they've been known to go back on their word before. "
also, from his website...
"You are actually allowed by law to reverse engineer copyrighted code so long as it is necessary to discover the ideas or functional elements behind the code (still, I'm not allowed to post copyrighted code for free distribution). Hey, microsoft...what are the ideas and functional elements behind your BIOS ROM?
the byproduct of years of oppression by the white man
This post will enter the public domain 70 years after my death, unless Disney buys another extension.
Then why wouldn't DeCSS fall into that category? I'd say that was a pretty good research project.
-- Thou hast strayed far from the path of the Avatar.
What'd they do, remove IE?
Yeah, who would want a $200 general purpose computer wiuth built in ethernet and DVD capability? I mean, what are you going to do, get a keyboard working and have a $200 Linux machine that's comprable to most $800 boxen? Or get it to run DivX movies? Or network 5 of them into a $1000 Beowulf cluster?
It's not a gaming system. It's a computer that's been artificially limited to gaming. People want to break into it to remove those limitations, so they can have a very cheap, fairly powerful and flexible computer system.
The article -- the whole console hacking phenomenon -- is not about people breaking into your Xbox of ther internet. If you had read the article, you would have seen that it's about hacking the box to be able to boot custom code. There's no question of "reinstalling a few games" unless someone breaks into your house, reprograms the flash ROM in your Xbox, and turns it into a Linux machine.
-b
OK, I've skimmed the PDF, and while the words "security holes in the XBox" in the article may lead you to think about traditional software buffer-overflow-I've-r00ted-your-box types of security holes... this article is about HARDWARE!! The PDF talks about hacking the hardware and getting around the encryption on the bootloader to be able to load your OS of choice, for example.
Meanwhile I'm reading posts from people who are nearly soiling themselves afraid to plug their XBox into a network for fear of being r00ted. What a joke. I bet when michael saw the words "XBox" and 'security hole' in the same sentence, he became so excited and nervous that he could hardly move his finger to click the button on the mouse. Sheesh.
I got a grudging thumbs up, so to speak, from Microsoft on my Xbox reverse engineering work
I think I'd much rather he post what must've been a very entertaining conversation with a Microsoft spokesperson than the bios to the XBox.
So no need to worry about DDoS or lost savegames. This is about playing unauthorized games, making a DiVX player etc.
I read that article and found it very interesting. It seems there's always a weakness in any security system, and a clever person with time on their hands can find it.
But then it hits me: this "security" is to keep THE OWNER, the PAYING CUSTOMER, out of the product he bought. This "security" doesn't protect my family, me, or my possessions from absolutely anything. It serves no purpose except to make work for somebody at Microsoft and then somebody at MIT. If they left it out, they'd save both parties a lot of effort. I'm sure someone will build on this article and figure out how to easily run arbitrary code on the Xbox, and so the security will be a total waste. So why is it there?
Does this mean I can hack into .. and upload a patch to display ... characters as completely nude, full-figured women?
No, but it does mean you can fabricate a little circuit board and solder it to tiny wires on the xbox, connect that to a FPGA and custom-program the FPGA to implement data collecting hardware (including a lot of hand-layout effort to make the FPGA able to collect at 200 MHz). It means you can implement a little state machine also in the FPGA to begin collecting at the right time, ignore a false reset pulse, and tag all collected data with sequence numbers of how many clock cycles elapsed between each data transfer and the CPU reset.
It also means you can spend a lot of time to do statistical analysis on the data and compare to patterns from the flash rom (which you presumably already extracted and read with your EPROM programmer). It means that once you've at least figured out which wires were which bits, you can begin wading through millions of data transfers and try to reconstruct an image of the code the CPU executed.
It means you can disassemble that code (remember, found from analyzing millions of bus transfers) and recognize that it implements RC-4 decryption. It means you can write a "brute force" attack to guess all possible 16-byte patters from the image you extracted and see if any of them decrypts the flash rom data to something other than white noise.
It means that, after all that, you have the algorithm and key used to decrypt the bootloader in the flash rom... and then you can write your own bootloader (by extracting the flash rom chip and changing its contents with an EPROM programmer) and make the xbox run your own code.
The author did mention that Microsoft put test points on the board to access the flash rom, so instead of physically removing the flash rom, you could build a "bed-of-nails" test fixture that you'd just place the xbox circuit board into to reprogram the flash rom (don't forget to design your own EPROM programmer in this process).
But as others have pointed out, the author has been in contact with Microsoft and they are aware of the problem, and they intend to fix it in future revisions to the xbox hardware.
So if you wanna pop up nudie pictures in the middle of someone's game, you'd better get started soldering now. Even after you do all this, you'd barely have your foot in the door. You'll need to do a massive reverse engineering job on the bootloader, and then the rest of the flash rom (which is presumably part of the win2k closed-source kernel). Somewhere along the way, you'll learn about the xbox hardware and MAYBE find a game-independent way to overlay some graphics on the screen. Maybe you'll even find some exploits in the kernel itself, maybe?
But to start, you MUST pull the flash rom chip and reprogram it with your own code. Better hurry before Microsoft changes the secret bootloader or even the hardware itself, now that they know of the weakness.
PJRC: Electronic Projects, 8051 Microcontroller Tools
"secret" boat loader
This was obviously a typo. I think he meant to say: secret bloat loader.
I'll see your senator, and I'll raise you two judges.
He now understands the boot process, and can mess with it via hardware mods. But he has only the decryption key, which is the public key of the pair. To make a bootable disc, you need the encrypting (private) key, which is nowhere in the XBox. That key probably exists only in a vault in Redmond.
I don't really care all that much about the XBox, but if the RIAA and MPAA have their way, all audio and video equipment will be protected like this.
Sure - but one could easily argue that its main purpose is to keep pirates from running unauthorized (copied) programs on it
and to keep developers from building their own executables without real dev kits (and depriving ms of royalties)
and it keeps game hack systems out - like the gameshark and the codebreaker like devices from running.
And before you bitch and moan about MS being a bunch of bastards - almost every game system that ever came along has had some system to keep developers, hackers, and users from explointing the technology inside. Even Atari was that way - mostly through Atari not releasing all the specs for programming it so their games could look better in comparision - and they sued the first company who dared defy them (I think it was sierra).