Slashdot Mirror
Lindows CEO Funds XBox Hacking Contest
Kai writes "PCWorld.com recently posted an article on how Lindows CEO Michael Robertson is funding the 'Linux on XBox Hacking Challenge'. He was previously annonymous donor who donated $200,000 to the project. His donation will be split in to two prizes, one to who completes part A of the challenge, and the other to the who completes part B. Part A, running Linux on the XBox, has already been completed, but Part B, running Linux on XBox with no hardware modifications has yet to be completed. Part A of the challenge can be downloaded from Sourceforge." Without a bios change, it seems like part B might be a bit tricky. T. adds: Tricky, but not hopeless. Eric C. writes "The Neo Project recently updated its client so users can use free processor cycles to try and crack the private key that Microsoft uses to sign Xbox software."
The guy funding the Linux XBOX project is a direct competitor of MS. Kinda cheapens the whole thing, duddn't it? At least that's how I felt.
I mean, if it works it works. But his motivations place him at MS's level.
"The Neo Project recently updated its client so users can use free processor cycles to try and crack the private key that Microsoft uses to sign Xbox software."
Isn't that illegal in the US of A ???
I like the project... but is this feasible? Wouldn't cracking the X-Box encryption key violate the DMCA and put a lot of people in trouble? Microsoft could afford the lawyers, you know.
Anyways, good luck to them.
The Neo Project recently updated its client so users can use free processor cycles to try and crack the private key that Microsoft uses to sign Xbox software.
Unfortunately the server apears to be slashdotted. Let's hope that just means a lot of people want to help with that task. This of course makes me want to ask about the legality of doing this. Does people risk getting sued by downloading the client?
Do you care about the security of your wireless mouse?
For $200,000 couldn't he have done something more useful like funded the design of an opensourced Linux-based console? I mean really if they could make some deals and get some good video and maybe wireless networking intergrated into a mini-ITX motherboard and put together a Dreamcast/GameCube sized case with a dvd-rom drive and room for a hdd they'd have something sweet. Really the current crop of mini-itx motherboards/cases are already nice for affordable music/video playback and work rather well for playing games a couple years old.. a lil boost to the video and you'd have things set.
At what price learning? At what cost wisdom? The price is a man's peace of mind, and the cost is his life.
- How many bits are in the x-box "trusted software" permission-to-run keys? What about in Palladium? For these N-bit keys, what is the approximate difficulty of brute-forcing it as compared to, say, brute-forcing RSA?
- Distributed clients like this one, as far as i am aware, just get parcelled out random blocks of the "possible key" space, and send back which numbers they checked, right? Is there any way to PROVE those numbers were, in fact, correctly checked, besides asking multiple clients to check each individual block and hoping that at least one of the clients tells the truth? Like, is there anything to prevent Microsoft from just randomly calling up the project with a bunch of dummy clients that submit the REAL x-box key a couple times to the "i've checked this and it's not the key" list? ((Well.. okay.. I can think of a way to do that.. but it would require actually USING Palladium, to ensure everyone submitting blocks to the crack-Palladium project is using an unaltered, approved, digitally-signed Palladium-cracking client. So, uh, that's right out.) I know previous distributed projects have had issues with clients lying about their results in order to boost statistics, but this is the first time i'm aware of there has been a massively distributed computational work in which there is a specific party with a vested, active interest in the project being actually sabotaged.
- Were the Palladium keys to be cracked, is there anything MS could do at that point? Is there any way they could just Windows Update all the Palladium installs out there to suddenly use some new backup key, and invalidate the old one? It would seem the answer is no, becuase it seems that would automatically mean all of the existing palladium software in the entire world would suddenly become "untrusted" and have to be re-compiled at the vendor with the new keys, or something, but maybe there's something i'm missing. Is there something i'm missing? And anyway, aren't the palladium keys going to be stored in hardware, in some special Intel chip? Or something? How is a Palladium app marked as "Trusted By The MS Signing Authority", exactly, anyway? I haven't been following this as closely as i should have been.
I'm confused and ignorant. Please explain things to me.Irritable, left-wing and possibly humorous bumper stickers and t-shirts
The article states: "Also, last June a Massachusetts Institute of Technology student claimed to crack the Xbox's security system, potentially allowing users to run any software on the system." Following the link... "Using a custom circuit board, made in spare time in a three-week period for a total cost of about $50, Massachusetts Institute of Technology student Andrew Huang was able to tap traffic between Xbox components and uncover the keys that unlock the device's protection," So does that mean the security keys have already been found? Why can't someone working for the NeoProject do the same thing that this guy did? It seems it would be more feasible to rebuild something that has worked in the past than it would be to try and brute force the key.
Agreeded, but a private groups cracking effort is a nice way for someone at Microsoft to leak the key and get the cash.
$100K must be pretty tempting.
On the other hand, you could probably blackmail MS for more than $100K to keep the key a secret.
Absent Palladium, just generating a collision pwould probably be enough to get a bootloader through. A neat trick would be to add to some existing software which has already run the checksum . Of course, distributing such a disk would be a gross violation of Microsoft's copyright , and thus defeat the point of the exercise.
... just think of a server with an unknown root pasword sitting on your desk.
However a patch might be a different matter, especially in countries that do not agree with the DCMA.
There are LOTS of ways to get around protection when the hardware can be tampered with, even if you don't modify its structure
This is not a signature.
This is true, however, the problem lies in what data must be signed by the private key. Code signing works by making a hash of the code (in this case, the OS loader or the like, which in our case would be the Linux loader) and signing that hash with the private key. The bootrom then uses the Microsoft public key to verify that the OS was signed by the Microsoft private key. Thus, the only ways that this could reasonably be done is by:
1) Getting the microsoft private key
2) Making the hash of the OS the same as the has of the MS OS (nigh unto impossible)
3) Changing the public key in the bootrom (which isn't allowed for this stage of the competition, at least hardware wise)
4) Somehow switching the OS after the initial code signing check is completed
Here's a reference if you want to read more Code signing
You aren't "proving" it. Miller-Rabin is a probabilistic algorithm. It doesn't guarantee anything (unless it indicates that the number is composite - non prime).
The rest of your post seems correct though.
Why would any sane person spend hundreds of thousands of his own dollars just to run Linux on an Xbox? I mean, why not just buy a $199 Lindows box from Walmart, instead?
The plan at its heart is very simple:
(1) If you want to run Xbox games buy an Xbox
(2) If you want to run Linux on similar hardware buy a Lindows machine
The guy is acting as if you can't run Linux on anything *except* an Xbox, and Microsoft is standing in the way!....What rubbish! You can run Linux on practically *anything*--hence there is no need or justification for this at all.
Microsoft does not market, imply, or pretend in any fashion that the xBox is a general-purpose computer. It is manufactured and marketed as a game console. If people buy it under any other delusion--well, that's their problem as I see it. The won't be the first to try and turn a sou's ear into a silk purse.
I have to believe, honestly, that the poor fellow is suffering mentally somehow, since there are far better ways to gain publicity about your products for the same amount of money. Interesting that you don't see Microsoft pulling boneheaded stunts like this--maybe that's why they've been successful (hint.)
Put together a boot loader and ask MS to sign it. If they do not turn around and sue them under the terms of the approved judgement and or a anti-trust suit.
Got Code?
the xbox knows the key itself right? why cant they key be extracted from the xbox?