Slashdot Mirror
X-Box Private Key Challenge Ended
powerlord writes "The Neo Project (mentioned in a recent slashdot article) recently stopped its bid to recover the X-Box private key citing legal reasons: "Due to legal reasons, we will no longer be hosting or participating in the xbox challenge." DCers.com, a site devoted to distributed computing sheds some light on Neo's sudden flip-flop with a blurb claiming that: "... many legitiment DC'ers that have been working this project since it started that have decided to quit because of the new Neo client that also tries to crack the X-Box encryption." and that they believed this might ultimately kill The Neo Project."
It's sad that the reason it shut down is for "legal reasons" instead of "the realization that it was utterly futile".
I mean, they HAD been working for a few days. Perhaps they got the key! :-P
"Yeah. We, um. Well. We're going to stop now. And cite an obvious legal reason, though we ignored that same reason when we first started. Because we wanted the key. But... now we don't. Or something. Look, I don't care, explain it to yourself. Just know that we've stopped, and are happy. Ok? Ok. Good. Now, onto other news..."
Informatus Technologicus
I guess the XBox commercial slogan "Life is short" applies to everything xbox related, and not just the console itself
Anybody else automatically assume that it had ended because they found the key?
I wish I could read slashdot.org's Apache access_log to see how many times a day Microsoft visits
Karma: The shiznight, mostly because I am the Drizzle.
A posting by Mike Curry (who's on The NEO Development Team) states: "We will not be answering questions or commenting anymore on this subject." See XBOX Challenge - Back to 576!
hmmm see if anyone else can connect the dots:
Neo Project
Futuristic technology
Hacking
Crack the X-box encryption(i.e. the matrix)
Microsoft IS the matrix....
I'm going to hang up my controllers now.... be afraid, be very afraid.... (Cool Music here)
Does anyone, perhaps close to the Neo Project, have any idea why the stopped trying to crack the XBox key? They state legal reasons, but I don't see any specifics. As far as I knew, this was legal. After all, isn't this what The Neo Project does all the time? Why is the key being on the XBox any different?
Question
http://www.ironfroggy.com/
I guess the XBox commercial slogan "Life is short" applies to everything xbox related, and not just the console itself
"Life is Short" applies to anything Micro$haft dislike in the slightest. With the backing of the lobbyism and a rightist government, life is easy.
Netscape, Java, freedom anyone?
and that they believed this might ultimately kill The Neo Project.
So, if you remove the main purpose of the Neo Project, it may kill the project? Obviously.
Well it was a good idea guys, time to shutdown...
recently stopped its bid to recover the X-Box private key citing legal reasons
Well duh . You don't think Microsoft (or any company, for that matter) would just sit back and let you crack a private key they use for actual business? It's one thing to crack a key in a challenge specifically presented for that purpose, but it's another thing to try to, in effect, come up with a way of forging Bill Gates' signature.
NO CARRIER
Ah, I get it now. I kept thinking why the Neo project would stop working after producing a client they themselves created? Make sense now, I had to keep reading, and re-reading, and re-reading...
"This isn't a study in computer science, its a study in human behavior"
more info
I'm sure plenty of people would still like to crack this key. I propose modifying the Neo Client into a decentralized system so anyone still interested can still donate those CPU cycles.
Question
http://www.ironfroggy.com/
If you didn't see this coming, you have some serious reality issues. This is the first thing that popped into my head when I saw the initial annoucement of the cracking attempt.
All Your Memory Are Belong To Java
"Awhile back, it was stated that XBox game discs spun backwards, thus making emulation and even making legitimate backups as close to impossible as anyone could ever imagine."
This isn't, indeed cannot be the case. Grab a legitimate XBox game disc off your shelf, any one whatsoever. Stick it in your nearest DVD player. See how it plays? If its capable of streaming that animation off the disc in full 5.1 surround, then there must be at least some info on there in a normal fashion.
"I Know You Are But What Am I?"
"fucking"
Oh, man. Does this mean no more Linux on the X-Box? This news wouldn't be so devastating if there were perhaps some other device capable of running Linux.
*cough*
Neither XBOX, PS2 nor GameCube spin backwards. This is a moronic rumor that goes back to the PSX (I remember people telling me that they spun backwards). It resurfaced with dreamcast, and now with the latest gen of consoles. Mostly people say GCN spins backwards because it isn't being pirated yet. The panasonic GameCube-Q reverses directions when you put in a DVD or CD? Bah.
It's believed because know-nothing geek wannabe's think spinning backwards would be some kind of impenetrable protection scheme - believe me, if that's all there was to it, it'd be hacked just as long as it takes to reverse polarity to the motors. GCN isn't hacked (yet) because all of it's custom circuitry is smushed into two ICs and people still havent fully deciphered what does what, like where the GPU ends and CPU begins and where the BIOS/bootblock is, etc..
As if Nintendo, Sony, or Microsoft would needlessly spend the billions in building new production facilities for what would be an absolutely idiotic and worthless protection scheme - what piglatin is to the world of ciphers, essentially.
I have all 3, and I can guarantee that they all do, in fact, spin in the same 'normal' direction.
Cutitout with this spins backwards nonsense. Just becuase you read it on the 'net doesn't make it true.
I don't need no instructions to know how to rock!!!!
Dude, how can a prime number bigger than 2 be EVEN? If you can divide it by two then its not prime.
One thing that indicate the level of professionalism of these people is that the Neo client is written in VisualBasic (check their forums for reference, last night it was _so slow_ that I don't bother linking the thread here). VisualBasic has uses but not here I'm afraid. Yeah, why not lock out all the *nix clusters with cool admins that are the biggest contributors to distributed cracking projects by letting their clusters crack stuff when they otherwise would be idle. I guess they were developing a new portable client from the scratch with C... But still, no sympathy from me.
It doesn't seem to me just as simple as 'signing' some code and burning it to a disc. I don't have the full info with me, but I've seen the dev kit and there is a completely custom layout to an xDVD, with big blocks of sectors reserved for security features. It's reminiscent of the PSX's scheme - 'bad' sectors on the disc that cant be replicated with a burner (they all automatically recalculate ECC info).
Short of having your own pressing facility, the key would do virtually no good. So who would benefit? Asian pirates on a commercial level - they could start pressing counterfeit XBOX titles en masse, just like they did with Dreamcast. They arent going to be selling silvers of debian linux for 5$ a pop on the streets of hong kong, believe me.
Modchips enable those who want the ability to backup their software and run homebrew applications, and I'm wholly in favor of that. If this project succeded, it'd just put mass commercial counterfeiting in the hands of bad guys, which I'm absolutely not in favor of.
(Now, in theory, one could use a no-solder type mod (pogo pins on the lPC header), install some sort of dashboard replacement to install the new linux BIOS and run it. That'd be about it, since you cant modify the original xbox' bios in RAM, you'd never be able to run unsigned native code from a CD/DVD-R. Since you'd have to temporarily mod the console to get linux on there anyways, you might as well flash the TSOP while yer at it)
I don't need no instructions to know how to rock!!!!
For those of you that know nothing about RSA. The private key is not necessarily a prime number.
Here's how the key is generated:
1. Generate two large random primes, p and q, of approximately equal size such that their product n = pq is of the required bit length, e.g. 1024 bits.
2. Compute n = pq and phi = (p-1)(q-1).
3. Choose an integer e, 1 e phi, such that gcd(e, phi) = 1.
4. Compute the secret exponent d, 1 d phi, such that ed ß 1 (mod phi).
5. The public key is (n, e) and the private key is (n, d). The values of p, q, and phi should also be kept secret.
- n is known as the modulus.
- e is known as the public exponent or encryption exponent.
- d is known as the secret exponent or decryption exponent.
So, factoring n into it's parts (p and q... which are prime) and the public key would give you all the information you need to determine the private key.
--
"What do you want me to do? Whack a guy? Off a guy? Whack off a guy? Cause I'm married."
Lets see. I buy the product. I own the product. It is not even a service. So it would be hard to compare it to a Direct TV device. This would be similar to me buying a chair from a company and turning it into a couch. I am sure that any waranty that I would have would be void, but I have the right to do it. I am NOT going in to their ROM and taking all their code to create a competitor to XBOX.
Enjoy your laugh now. I have a strong feeling that the code will be broken soon, and the customers will be laughing last...
Granted I don't want to see anyone buy an Xbox for any reason. I don't care if Microsoft looses money on every one sold! It still helps their marketshare; so in a weird way I kinda like that it has been taken down.
The more I learn about science, the more my faith in God increases.
I think to most people that was pretty clear :-)
Was that after discarding the "How about a Beowulf cluster of ..." idea?
Great... Im gonna be connected to an microsoft product, I can see the blue walls whit error codes already.
Which is of zero relevance to most of the world, especially the vast majority of the human population who don't happen live in the USA.
You make a very good point, and post some good links. However, you are wrong on the above, there are valid reasons to do this. Check out sourceforge for some X-Box projects, such as media players. Currently, you need to install a mod chip to make use of these. This project would have allowed people to run code of their choosing on a piece of hardware that they legally bought. Quite frankly, I can do what I want with it. (if I owned one). I can open it up, urinate on it, use it as a footstool, run my own code on it, and so on.
However, there is a flip side to this; the most interesting project is the XBox media player. Ironically, most of the content that will be played on it is probably pirated!
http://www.astaserials.com/?search=xbox%20priva
came up with a keygen !
There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
So, translated, their philosophy was: "Hey you nasty people out there, don't challenge us in any way on this, or we'll just back down! So there!"
Ummm... Something's wrong with their approach. Advertising the fact that you'll fold under the slightest pressure isn't the way to keep an effort going.
Can't say as I blame them though.
"So on one hand, honey is an amazingly sophisticated and efficient food source. On the other hand it's bee backwash."
--this is an interesting case. I am reluctant to use the old cars and computers analogy, but it's appropriate here. For decades and generations car companies have come up with innovations and released a product that they own, then sell. It has shape, size, presence, features, etc all unique to that comapny, and covered by various laws of ownership and some laws on use, but still a lot of leeway. And for the same amount of time guys have decided that these products needed "souping up" and customiizing and modifying, and it's all been mostly legal. You can take a car, moidify it heavily and still drive on the public road following a set of road use laws, but you can still drive completely different if you want to on your own property or someone elses property-say a race track-in any manner you wish to. They did it for their own reasons which aren't revelant, make it go faster, make it travel on roads not envisioned as the primary road the designers were aiming for (think heavy off road mods), make it look nicer or whatever.
Seems like more than ample past case law to make hardware modding "legal". In the cars cases it might have required the hotrodder to completely disassemble the entire car, see how every single part worked and how it was designed, then decide how they wanted to do it better or different to suit their needs. It's more than legal, it's commonplace and no one thinks twice about it, it's a huge business and millions of people do it as a hobby.
Microsoft is seeking to become a huge exception to the past rules, as are a slew of other computer hardware and software companies. They can't have it both ways, if they actually are selling a product, then said product must be covered by a consumer warranty, and last I looked microsoft insists their products are as-is, no warranty unless they deem to do allow it at their leisure, ie, the "designed software" and "hard coded into the hardware" part. It's one or the other, if they want all the rights of a sellable consumer product, then they must accept normal useability warranties that are applied to every other "product" out there, and they most definetly DON'T accept that, so the courts should tell them (and ALL those other companies that insist on propietary excuslivity "rights" to their warez) to get stuffed until they do. As to modding the hardware itself, it's the same, either you get to OWN a piece of stuff or you don't, you can't half own something. Case precedence should have been set a long time ago, but it wasn't, now it's a big ole mess because it's become entrenched into computer-dom that they can have their cake and eat it too, something no other product has, and only one private business in the US currently enjoys (outside utilities and that gets into what is a utility), and that's major league baseball, which is goofy enough but exists.
Tired of FB/Google censorship? Visit UNCENSORED!
GTRacer
- Almost as silly as encrypting the key ON the disk!
Defending IP by destroying access to it? That makes sense, RIAA/MPAA. Go to the corner until you can play nice!
- Its 2048bit encryption. Thats 2 megabits.
ahem..*cough*.. Kilobits!! *cough*
Excuse me.
A point worth noting when making such comparisons is that public key cryptography requires more bits than symetric cryptography for equivalent security levels. A 1024 bit public key is considered by most scholars to be roughly equivalent to a 128 bit symetric cipher key. In a symetric cipher, every possible bit combination is a valid key. In PKI, you've got a smaller starting set, since certain components must be prime. Not all bit combinations would make a valid key.
I think that the audience interested in getting cheaper Xbox games, and the audience who dabbles in high strength math and complex technology may have a decidedly lesser coincedent subset than many here assume. An MIT student has already gone to all the trouble of recovering the key and explaining how to use it. He published a REALLY complete document on how he recovered the key and how it could be used and included the fact that if the key is changed, the architecture is such that it could be recovered again. While he doesnt actually give the key (he was discouraged from doing so after discussing his paper with M$), it would seem the measures needed would cost MUCH less than 100K for someone motivated. You can find your holy grail here: http://web.mit.edu/bunnie/www/proj/anatak/AIM-2002 -008.pdf
Sounds a bit ULish to me... Are America's criminals so dumb as to not try unscrewing them the other way? And is the cost of such an exercise covered by any decrease in theft?
From what I could find on the 'net it seems that some of the bulbs are threaded backwards, but it's because they're 230V.
- Play Microsoft licensed XBox game titles.
- Play DVDs (with the DVD remote)
- Play audio CDs.
That's it. That's all it does (without hacking it). You want to run Linux ion it? You really should have bought a PC and saved the money you just wasted.XBoxes are NOT PCs (and I know it uses an Intel CPU, a nVidia GPU, an IDE HDD and DVD, that doesn't make it a PC, get over it). They come with very limited licesnses. You don't like the license, don't but the damned thing! Jebus!
Boobies never hurt anyone. - Sherry Glaser.
I'm sure cracking their key violates their acceptable use policy as well as any other license you implicitly agree to when you use the product.
But what if you do not own an X-Box? Surely they cannot bind you to their contract if you have nothing to do with them; at least not morally. I'm not entirely sure what the laws state in America.
LRC, the best-read libertarian site on the web
...the key was just something obvious along the lines of "All work and no play makes Bill a dull boy" repeated until the bit count was reached.
Whatever, is anyone really surprised over the outcome of this? That/B would really surprise me...
+++ath0
But, if you spin the disc backwards, doesn't it say something satanic? "Hello there, this is a message from Bill Gates....WORSHIP ME...WORSHIP ME.....Thank you, and have a nice day...." :-)
Light travels faster than sound. This is why some people appear bright until you hear them speak.........
No. If you play it backwards, you'll hear the opposite of what you'd normally expect from Microsoft. So you'll hear God speaking.
:-),
Schwab
Editor, A1-AAA AmeriCaptions
Now, they can say they would have broken it if if wasn't so scary to try.
Otherwise, they would have to admit it would have taken them forty-leven trillion centons just to try out the easy combinations like "haxorz begone", before moving on to the non-alphabetic "hard" ones.
Statatistics[sic] aside, people still win the lottery.
Say we're talking about a state lottery, picking six numbers out of forty-four for the jackpot. That's about seven million possibilities, call that k. Thus, the probability of any one randomly-selected ticket being the winning one is 1/k, which we'll call p.
The probability of at least one ticket hitting the jackpot, with n tickets sold, is 1-(1-p)^n.
One million tickets sold: 13.2% chance of a winner.
Five million: 50.7% chance of a winner.
Ten million: 75.7% chance of a winner.
Twenty million: 94.1% chance of a winner.
These numbers are pretty plausible for a state lottery. To sum up: The chance of you winning the lottery is microscopic. The chance of someone winning the lottery is plausible, and even likely.
(Note that if, for instance, the jackpot is above about seven and a half million dollars, and usually only a million tickets are sold at $1 each, it makes sense to buy all seven million possible combinations. (The expected return value on the investment is greater than zero.) I'm told the Mafia used to do this in New Jersey.)
--grendel drago
Laws do not persuade just because they threaten. --Seneca
Or maybe someone with a clue pointed out to them that it would take greater than the lifetime of the Universe and require more disk space than currently exists?
-----
PGP Key ID 0xCB8FF658
I would have thought that they would have been targeted by the lawyers in a matter of minutes after announcing something as blatent as this..
This is just the beginning people, hold on to your hats.
---- Booth was a patriot ----
Mod the parent up. It's interesting. Sure, it may also be flamebait, but it's worth reading/discussing.
Creating a consistent and unhypocritical outlook on copyright, ownership, property, etc., is going to be important to the success of Linux.
Amazing magic tricks
I have all 3, and I can guarantee that they all do, in fact, spin in the same 'normal' direction.
Yep. But XBox DVDs are written with track 1 on the outside so that the more important data can be read faster. Nintendo made their DVDs small, so a normal DVD+RW wouldn't fit inside the machines. Both had a thought of copy protection in the making.
Remember "Bring 'em on"? *sigh
Can't someone just analyze an X-Box disc that already has the code on it? Or copy the first however many bits on the DVD and program new games from there?
Remember "Bring 'em on"? *sigh
Reminds me of a great classic AOL joke:
"Did you hear what happens if you play an AOL CD backwards? It has satanic messages. But it's even worse if you play it fowards:
it installs AOL"
Endless arguments over trivial contradictions in books written by ignorant savages to explain thunder in the dark.
kind of thinkers that think marking the outside rim with a black marker will make music sound better on a CD.
no, I'm not talking about the copy protection stuff.
The Kruger Dunning explains most post on
Good point, but as mentioned it is only 2048BIT encryption. That is 2k not 2MB.
Just rememeber how long it took to crack the DVD code? Wow that was done by a 15 year old...
It won't take long.
Also, in the news today it was found legal in the U.S. for that kid to crack the DVD code for his OWN use!
The motion picture association had no comment...
Please understand that I don't believe that someone should steal software, movies or songs. That is a different discussion than modifiying something you own.
The more I learn about science, the more my faith in God increases.
--I'll give ya an Ok on that, both valid. Analogies can be flawed, it was the easiest quickest I could think of. In cars, the big companies are proud to have their corporate stickers on the modders machines. This doesn't happen with computer hardware and software very much, they throw a hissy fit and want you to "not do that" in most cases. they go way out of their way to lobby to make it illegal as much as possible. Can we agree on that as being a valid and generic point as well?
The alternative in software is mandated by law closed source, you ain't messing with it, OR, create millions of criminals, people who want to change or alter or use in a different way software that isn't under any of the various freeware licenses. Well, we can see how effective that is.
As to eulas in general, the ones from your favorite cast of characters, my point is still valid, a very lucrative market that is still allowed to be sold without any sort of useability warranty, and a lot of hassle if you plain don't like it or it doesn't work as the implied advertising indicates and you wish to return it. It's "possible" but they certainly make it hard to do and isn't usually. It's a bogus lawyerese gobbledegook get out of jail free card. It's fairly unique in consumer products as well, I honestly can't think of any other mass produced consumer products out there that are allowed to be sold with such absurd features in them.
ok, here goes, YAA a yet another anology! bigfun!
an appliance eula following closed source software eulas
"hi, welcome to your new Acme toaster! this toaster carries no guarantee it will actually toast slices of bread. Although it looks like a toaster and has two slots in the top and we got a picture of a nice plate of hot buttered toast on the box, your bread may not fit and the toaster itself might not heat up,and it might even catch fire and torch your house down, but well, caveat emptor and stuff, but our cousin leroy seemed to hint that once in awhile he got some toast out of his. By reading this agreement and clicking here and plugging it in, you agree that you may or may not get toast out of this thing, and even if you don't, you are not allowed to open the thing up and see why not, and if you want to return it, you must jump through these various hoops and most likely you'll get told "no" most of the time. If you need assistance, you have to call this expensive phone number, hang on hold for a few hours, then get told to replug your toaster back in as you are probably not using it correctly, because no way would the toaster not work, it's your fault, that'll be 2.99$ a minute thankew
p.s. also by clicking here and having this toaster in your kitchen, you agree that any of our representatives can come into your kitchen and look around whenever we feel like it, and maybe rearrange your cupboards or if we feel like it dump your milk on the floor. maybe in the future we might change your doorlocks as well, you'll find out when we tell you. buh bye, and hope you enjoy your new Acme toaster"
or some such noise.
thoroughly bogus, and please, don't tell me most eulas aren't written like that.
Oh well!
GTRacer
- Yes, I know thievery is wrong.
Defending IP by destroying access to it? That makes sense, RIAA/MPAA. Go to the corner until you can play nice!
True, but there's where the analogy breaks down. I keep seeing conflicting reports about the size of the problem space in question, but it seems to be utterly enormous. Even if the keyspace is searched in a non-overlapping way (e.g., if no two people get the same lottery ticket), it's still orders of magnitude too vast to be cracked, even on a distributed network, even with Moore's law, even with the cleverest algorithms we have.
Like I said, I'm vague about the problem's true size. But "enough participants" here would be more than the number of atoms in the planet...
--grendel drago
Laws do not persuade just because they threaten. --Seneca
That's retarded. If my car is nicked am I gonna be chuckling, "hehehe, it's immobilised, stupid thief can't use it" or am I gonna be pissed off that I don't have my car any more? ..." you have no idea and are just guessing.
"Most likely
And as for your call of "bullshit", well, they *are* 230V (DC) bulbs and they *do* have different threads. In the UK, we use 220-240V for everything, not 110-120, so why would we have two different threads? Anyway we mostly use bayonet fittings.
Which customers would those be? The customers who understand - and have understood since the Atari 2600 - that a video game console is a video game console and wants or needs no other purpose? As one of these customers, I will neither laugh nor cry...I will probably say "hey, nice job" and move on with my life...and buy some video games...you know...to play on my video game console.