Slashdot Mirror
X-Box Hackers Trying to Blackmail Microsoft?
wumarkus420 writes "According to this article from CNet News, an anonymous X-Box security research team is threatening Microsoft: either release a digitally-signed official Linux bootloader or face the release of a new exploit that supposedly works without a modchip. While I doubt Microsoft 'negotiates with terrorists,' this should still turn out to be a good I-told-you-so if the exploit is verified." Sounds like a good way to end up in jail.
I know I'm probably guilty of feeding a +2 troll, and honestly I'm ashamed for even having responded to such a retarded statement.
"Ask not what your country can do for you." --John F. Kennedy
Um... the XBox Runs on an Intel (read, x86) Pentium III chip. So these guys are running Linux on x86 too.
True believers seek redemption from the sin of death.
(emphasis is mine)
I really don't think Microsoft releases their money on every XBox sold. More likely, they fail to retain money on each XBox. I don't know whether to pity you for confusing "loose" and "lose" not once but twice, or to praise you for being consistent with your misspelling. Of course, making the same mistake twice means you really do seem to think that "lose" is spelled "loose", which is really sad.
Where's LoseNotLooseGuy when you need him?
RTFA, please. The "hackers" would prefer a legally signed bootloader, since it would not have the side effect of allowing pirated games to run on the Xbox. That's why they aren't releasing their mods right away - they're giving M$ the chance to do the right thing. And actually, you can already boot linux without a modchip; see here for details.
agreed except for the point of it NOT being quite as powerful in the media department (tv-out, etc).
I have been quite happy w/Linux on my E-machine 1.8Ghz. It's fast, it's stable, and it was cheap as hell.
Are you an idiot? All they have to do is sign a binary to run on the hardware. There is no source code or anything involved in that, no giving away of trade secrets. Hint: aquire clue before posting.
It probably is a violation of the DMCA -- since the "exploit" certainly involves getting around some built-in protection, which could easily be argued to be useful in copy protection.
I support standard copyright, but it's things like this that explain why the DMCA is a bad law.
How can we continue to believe in a just universe and freedom to eat crackers if we have no ale?
Would this apply here? IANAL, but I don't think it would take a lot of imagination on the part of a prosecutor.
18 USCA 1951 - The Hobbs Act
* (a) Whoever in any way or degree obstructs, delays, or affects
commerce or the movement of any article or commodity in commerce,
by ROBBERY or EXTORTION or attempts or CONSPIRES so to do, or
commits or threatens physical violence to any person or property
in furtherance of a plan or purpose to do anything in violation of
this section shall be fined under this title or imprisoned not
more than twenty years, or both.
* (b) As used in this section -
+ (1) The term ''robbery'' means the unlawful taking or OBTAINING
of personal property from the person or in the presence of
another, AGAINST HIS WILL, by means of actual or threatened
force, or violence, or FEAR OF INJURY, immediate or future,
to his PERSON or property, or property in his custody or
possession,
or the person or property of a relative or member of his family
or of anyone in his company at the time of the taking or OBTAINING.
+ (2) The term ''extortion'' means the obtaining of PROPERTY from
another, WITH HIS CONSENT, induced by wrongful use of actual or
threatened force, violence, or FEAR, or under color of official
right.
You're missing the point. If Microsoft releases a signed bootloader, there is no need to set a jumper, because the XBox security subsystem will recognize it as a valid program.
-j
Extortion of money or something else of value from a person by the threat of exposing a criminal act or discreditable information.
"I assumed blithely that there were no elves out there in the darkness"
The DMCA is the RESULT of a WIPO Treaty - Canada, EU, USA, Australia et al are all signators of that Treaty. Do some research - every nation *will* be enacting some form of DMCA to be in compliance w/ said Treaty.
This is *not* a USA only issue, it is just that the Plutocrats in Washington were the most eager (and probably were the drivers (well, not the government, but their gold-buddy RIAA/MPAA/BSA pals...).
I took a look at some XBox security documents a few months back, and there were a few things that struck me about the bootloading process.
First of all, they're using a 2048-bit public key, but a 160-bit hash. Using the GNFS, factoring the key would take about 2^405 operations. Finding a document with the same hash as a previously signed piece of code would only take about 2^160 (well, actually, 2^152 if we assume that there are approximately 260 titles available for the XBox). Still not really doable, but the mismatch indicates that MS probably hasn't thoroughly researched their work.
Second of all, the method used to pad the hash prior to signing seems pretty bad. Most your public-key cryptography standards recommend using a non-repeating pattern to prevent certain types of algebraic attacks. Microsoft's method amounts to little more than adding a (large) constant value to the message to be signed. CiteSeer has references for some related attacks-- might be worth checking out.
Also, it's important to note that the XBE bootloarder isn't the ONLY piece of software in the XBox ROM.
I've heard that various DVDs can cause the XBox to crash-- if these crashes are caused by various parts of memory being overwritten during the decoding process, it may be possible to create an MPEG2 stream that actually results in a buffer overflow, allowing some custom code to be executed (e.g., a bootloader that loads a copy of Linux from the DVD drive). If Microsoft didn't push the DVD player software through a security auditing process (and why would they? The DVD player isn't really related to the bootloader), then it's possible that some bugs that allow stack-smashing made it through to the XBox ROM.
I could go on, but let's just say that it SHOULDN'T be surprising that some motivated private researchers finally found an exploitable flaw in the XBox. Given the time that the console has been on the market, and the scrutiny it's undergone by thousands of interested parties worldwide, I'd like to tip my hat to Microsoft for having kept the XBox secure for as long as they have-- it's a pretty big achievement.
\Ex*tor"tion\, n. [F. extorsion.] 1. The act of extorting; the act or practice of wresting anything from a person by force, by threats, or by any undue exercise of power; undue exaction; overcharge.
2. (Law) The offense committed by an officer who corruptly claims and takes, as his fee, money, or other thing of value, that is not due, or more than is due, or before it is due. --Abbott.
3. That which is extorted or exacted by force.
Last time I checked, extorting things from anyone, be they a company or an individual, is illegal. What next, they'll ask for "protection money"?
Come off it people. It isn't about the DMCA. It's about a company trying to protect its profits.
To anyone who is whining now about "its my hardware, I should be able to do what I want with it!" I say to you, YOU knew the limitations placed on it when you purchased it. It was designed to play games, and that's it. Don't like it, don't buy it. MS wasn't out to make a cheap computer, just a decent game system.
Thank you, drive through.
I'm somewhat impressed the author of the article got the skinny on the 007 trick, but he missed the real point.
For non-Xbox nerds, it works like this.
The XBox has internal flash for the BIOS.
To enable flashing, all just need to jumper one point (referred to as the D0 point) to ground.
The 007 trick is an buffer exploit that allows you to boot linux, once you've got linux running, assuming you jumpered D0, you can reflash your internal BIOS with a hacked version (which ignores keys). You'll never play Xbox Live, but you can now play pirate DVDs and copy games to your hard drive.
With only the buffer exploit, it's at least a challenge, but if MS was to release a signed Linux distro, the process would be trivial. Jumper D0, boot MS-Xlinux, FTP to Xbox, upload bios burner app, pow. Hacked Xbox.
It's *extreamly* unlikely MS would ever do this. These guys can release easier solutions for buffer overflow related methods, but nothing can have as much potential for evil as a signed linux distro.
Fight Club quotes
:P
"Tyler Durden: You're not your job. You're not how much money you have in the bank. You're not the car you drive. You're not the contents of your wallet. You're not your fucking khakis. You're the all-singing, all-dancing crap of the world."
I believe the parent poster was making at least an oblique reference to that. They were not being serious. After that fact sinks in, please go hunt down a minimal sense of humor before you post again
You keep using that word... I do not think it means what you think it means...
Discreditable- Harmful to one's reputation; blameworthy
"I assumed blithely that there were no elves out there in the darkness"
Well, yes. Blackmail is illegal.
On that note, here's an interesting paper on the subject of blackmail and its illegality:
The Crime of Blackmail: A Libertarian Critique
The thing is, is it truly blackmail that's being described here? Blackmail implicitly involves secrecy between the two parties, because it is the threat of breaking that secrecy which constitutes blackmail.
In most places it is legal to reverse engineer things for compatibility and/or personal use. So they did not break any laws there.
Next, they are not using a derivitive work. They are not using MS source code and then basing code on that. They have a method to modify personal property to allow compatibility with other software, again perfectly legal in most places and there is no derivation involved.
Look at software like samba. It is widely used and was developed by reverse engineering the MS smb protocol. MS can't stop it since it is not a crime to reverse engineer for compatibility.
If Tyranny and Oppression come to this land,
it will be in the guise of fighting a foreign enemy. -James Madison
For those that think prison rape is something to laugh about, read this:
l
http://www.hrw.org/reports/2001/prison/report.htm
While irreverent humor certainly has its place, I was horrified after reading this report.
Technically, the DMCA doen't make it illegal to circumvent the CSS encoding. Telling us how you did it could land you in a federal holding pen.