Slashdot Mirror

← Back to Stories (view on slashdot.org)

Xbox Security Keys Changed

Posted by ryuzaki0 on from the this-loop-will-keep-playing dept.

anth writes: "A couple a months ago we discussed some reverse engineering of the Xbox which discovered the security code. The last paragraph of this letter from Nvidia says MS changed the code, and that they had to write off chips with old code as a result."

18 of 245 comments (clear)

  1. Cat and mouse by ObviousGuy · · Score: 2, Insightful

    At some point the technology is just going to progress to the point that these silly hacks are not worth the time nor the money.

    --
    I have been pwned because my /. password was too easy to guess.
    1. Re:Cat and mouse by God!+Awful · · Score: 2, Insightful


      Hacks will always exist, and you can save more money by giving up after being hacked the first time -- the people buying your tech to pirate your programming, or in this case games, are just not the customers you need to take care of.

      Yeah, that's basically what they told me in prison: "I'm going to anally rape you whether you like it or not, so you might as well sell your body for some cigarettes."

      -a

      --
      How to rationalize theft.
  2. I doubt the key has changed by Anonymous Coward · · Score: 5, Insightful

    I doubt they changed the key as it would be hacked just as easily as the last one. What they've probably done is changed the encryption method to make it harder to do so.. I mean if you're going to scrap a whole lot of chips, you better do it right.

    1. Re:I doubt the key has changed by martissimo · · Score: 5, Insightful

      that would be pointless, the MIT guy didn't even attempt to break MS's 128 bit RC4 encryption in the first place.

      their weakness was that the data actually travels un-encrypted along a high speed bus on the mainboard for a very short run, and is checked after that run for a 32 bit "magic number" at the end of their plaintext stream... that is the spot he watched, he made a lil device that plugged into that bus and read the data as it streamed unencrypted.

      unless they encrypted traffic on that bus it would be totally pointless, and the MIT guy who did the research also points out all the complications that doing so would cause (latency, power consumption, reliability)

      his research (pdf warning) really is a good read if you havent gone through it yet.

  3. Re:Do they learn their lesson by Badanov · · Score: 3, Insightful

    Maybe Microsoft is getting ready to get into the video card/chip manaufacturing business and their logical first step would be to hose Nvidia.

    --
    Dawn of the Dead
  4. Just goes to show by Anonymous Coward · · Score: 1, Insightful

    Doesn't this just prove that anyone who banks millions or billions on having encryption that won't be hacked is a fool? And that's not even to speak of one who believes that their product cannot be reverse-engineered. I swear, the DMCA is setting up an unreasonable belief in companies that their products will never, ever be hacked. Regardless of the morality of the situation, anything more technologically complex than an abacus WILL be hacked by someone, and I have no sympathy at all for people who proceed believing that's not the case.

  5. When will they start blaming Microsoft? by Restil · · Score: 5, Insightful

    The next time they have to write off inventory because of a needed security change. Sure, hackers might not be the best friends to that contractual agreemnt NVidia has going, but at some point, they're going to get tired of writing off inventory and flushing money down the toilet just because Microsoft doesn't want people using the Xbox for ANYTHING but an XBox.

    -Restil

    --
    Play with my webcams and lights here
  6. Actually, they blame AMD. by brianlmoon · · Score: 2, Insightful

    excess in nForce chipsets that we built in anticipation of higher demand of Athlon-based PCs..

    Never mind that the nForce was hype that never really beat out older motherboards.

  7. Re:My heart weeps by kubla2000 · · Score: 3, Insightful

    Well, entire branches of the Linux kernal, and various other software projects, like Apache, are changed as a result of security exploits.

    The ever-so-subtle distinction between your observation and that of the original posting is that when security holes force rethinkings and reworkings of applications and protocols in the Open Source world, there isn't an entire great big monopoly suffering, just some geeks losing sleep reworking code... as opposed to thousands and thousands of stock holders all of whom are wringing their teeth and gnashing their hands in hopeless, helpess despair as one whipper-snapper post-grad at MIT all but destroys their hopes and dreams of infinite wealth and world peace and dogs and cats loving each other... and god dammit I just can't go on for the shame...

  8. It works for them. by Martigan80 · · Score: 3, Insightful

    This is a great tax write off for them, just think of what they can claim per chip, and the R&D cost.

    --
    This SIG pulled due to lack of funding. (This damn war is costing too much!)
  9. Re:News for Felons. Stuff that's illegal. by Anonymous Coward · · Score: 5, Insightful

    There is a huge threat of terrorism in America, the land of the free, right now and you folks are not helping by spreading this illegal material around.

    First off, Lets get a "few" things straight.

    1. I go out and work my ass off everyday to get money to buy things like CDs, Video Game Consoles, DVDs, DVD Players, etc....

    2. I now OWN these items that I have purchased. I am told I can't copy my CDs, rip my DVD's to make a "backup" copy and burn it to a CDR media. Also, I am not allowed to modify any hardware that I own.. (Which by the way it sounds like to me.. That since I bought a computer that runs at a clock speed of 1.4GHz I am not able to overclock it to 1.6Ghz if I want to because it was sold to me as running at 1.4GHz, I dont like that.)

    3. Soon if all of this DRM crap goes through I will not beable to install anything that is not approved by certain companies (i.e. Microsoft). Meaning I can't install Linux on a computer that I purchased with Microsoft Windows on it. Even though I OWN the damn thing. I won't beable to add new hardware as I want to, I will have to call Microsoft to let them know I changed my hardware configuration (Windows XP does this now).

    When I BUY something, I like to know that I own it and can do anything to it I want. If I want to take it out back and beat it to a pile of junk (Office space senario with copy machine). I should be able to, If I want to change a few settings in the hardware, I should be able to. It is MINE. I PAID for it. I am NOT renting it. If I want to rent something I will go to Blockbuster, or go look for an apartment.

    You dont rent your car do you? Atleast with a lease you have an option to BUY it after the lease is up. This is like "insert favorate car manufacturer here" saying you CAN'T change your exhaust on your car that you bought from us, even though you own it now, Oh yea BTW that factory radio you have, you are NOT allowed to put that in either. When you get a flat tire, YOU will put on said brand of tires or we will sue the crap out of you. Do you like being told that crap? I know I do not like it.

    So please explain to me how this is "illegal", or any part of "terrorism"? Please also feel free to explain how this is "the land of the free", if I am not able to do any of the above.

    - br0ken

  10. does not make sense...? by Anonymous Coward · · Score: 1, Insightful

    I'm curious how they could have done this for the Xbox. They can't change the security keys as they already have a widely established installed base that uses the old hardware and keys.

    AFAIK, the security codes were a mechanism of authenticating the Xbox software to be genuine - to stop pirate / unauthorised games from being played on the Xbox. There are already a significant number of titles (and machines) out that will use the "old" security codes, presumably the ones that have been cracked.

    If they change the codes - suddenly they're going to have new machines out that won't play the old games. Likewise, if they bring out new games - they must be capable of running on the old machines.

    Like I said - it doesn't make 100% sense.

  11. Isn't it obvious? by BandwidthHog · · Score: 5, Insightful

    Everybody's commenting about how all the parts of this story don't add up, that these megacorps wouldn't make such obvious blunders, or handle them so crudely. Hmm. While the old "follow the money" trick may not directly apply in this case, it's close enough.

    What is the upshot of this incident, once you filter out all the distractions?

    1) Hacker bypasses DRM-type security
    2) Company "forced" to retool/change security
    3) Direct, demonstrable monetary losses

    They need to set precedents that exposing obvious security gaffes (unencrypted signal on the bus in this case) leads directly to major financial losses. Makes future prosecutions much easier.

    --

    Quantum materiae materietur marmota monax si marmota monax materiam possit materiari?
  12. Re:News for Felons. Stuff that's illegal. by shepd · · Score: 3, Insightful

    Illegal doesn't equate to immoral. However, you seem to have those confused in your mind.
    It is immoral to do physical harm to others. Many of us consider guns (most especially handguns) to be nothing more than a device intended to cause physical harm to others. This is immoral.
    A device like a modchip is not intended to do physical harm to others. When I use a modchip, does Bill Gates bleed? Nope.
    If you can't see the difference between a device that causes physical harm to someone, and a device that causes absolutely no physical harm to someone, you have a morality problem, and are part of the problem, not the solution.
    You aren't one of those people who go around telling people that "Guns don't kill people. Death kills people." Are you? Because if you do, you're the nutcase.

    --
    If you could be told what you can see or read, then it follows that you could be told what to say or think - BoC
  13. that doesn't make sense by RelliK · · Score: 3, Insightful
    Remember, it costs Microsoft $300 to make an XBox, but they sell it for $200. That's why:

    The problem is that Microsoft already spent $300 to make an xbox. They lose that money no matter what. If you buy an xbox they will get $200 and partially recover their losses.

    In short, Microsoft loses $100 on an xbox if you buy it. They lose $300 if you don't buy it.

    --
    ___
    If you think big enough, you'll never have to do it.
  14. Re:This is a nice move from Microsoft by ivan256 · · Score: 3, Insightful

    Yeah, more likely it'll provoke contract disputes or legal actions from nvidia, who doesn't want to have to throw out chips it's already made. If microsoft keeps this up, they'll never get nvidia to lower the price.

    Is there really a big xbox game pirating scene?

    This is all silly anyway. I remember when I was younger (under 16) I used to "pirate" video games. Of course back then that meant a 1-300k download. Probably took just as long though. As soon as I was old enough to have a job, and money I stopped doing it, and started actually paying for the games I wanted. It seems to me that beyond basic anti-piracy efforts, companies are wasting money on copy protection. The people that they stop can't afford the games anyway, and the "software pirates" that can afford the games tend to be the people who will use the money to break the new protection rather then purchase the game. It would be interesting to see a study that looked for a correlating revenue increase when a new copy protection scheme comes out. More importantly, how much cheaper would my games be if I wasn't shelling out a SafeDisc 2 royalty for every one of them?

  15. Re:News for Felons. Stuff that's illegal. by Fttynick · · Score: 2, Insightful

    "There is a huge amount of terrorism going on in America"

    More like America "Bush @ Co." are terrorising the rest of the world with this new found "Agenda"...

    You poor troubled American..

    Regards

    More and more concerned world citizen (Sydney, Australia)

  16. Re:Hrmmm... by geirhe · · Score: 2, Insightful
    really. duh. hard coded means you can't change it. so why didn't the engineers notice they would have to throw out any fabricated chips if Microsoft told them we ain't accepting that particular hard code any longer?
    This is not what I answered. I answered a question about why one would put things in hardware.

    Pointing out errors like this is not hard after something has been broken. Doing it up front is way harder. I suggest you try doing a 10Mgate+ design sometime, and try maintaining control over the possible tradeoffs of speed (whatever) against a possible specification change in the future. This time around, Nvidia lost the gamble. Shit happens.