Xbox Linux Made Possible Without a Modchip
An anonymous reader writes "Free-X have released an exploit for the Xbox that will let you get Linux on the machine without any hardware mods at all... Microsoft is already threatening them with legal action. Here's the Free-X statement. Free-X say they had been trying to contact MS for a month but were ignored, which is why they've released the exploit. Should be interesting to watch this one."
It seems we've had a lot of false and misinterpreted information about this team and their exploit. I don't have an x-box and only somewhat understand why their exploit would work (integer underflow..?), but it atleast sounds interesting. Anyone on slashdot who gets it working please post a verification.
As far as the team... I think they should have submitted their findings to a legal firm of some kind instead of this not-so-holy covert behavior. Their behavior will only lead to troubles in court.
Atleast they'll have $100,000 to help them out, I think they'll need it.
Rob
Microsoft is already threatening them with legal action.
Too late. Just ask AOL at trying to stop WASTE when it came out. Up for a day, and mirrored more times then they will ever be able to count.
Microsoft lost right at the point they decided to not talk to them beforehand. They can shut these people down, but it's out there now, game over.
SecondPageMedia - Wha
A popular opinion when they threatened to release this was "they're just blackmailing Microsoft, but they've got nothing".
Looks like a different situation now that they've laid their cards on the table.
Good work guys.
Actually, it is blackmail. Several of the things they request do have a quantifiable monetary value to them, and to others in similar situations. This includes the creation of an authorized product, refund of costs incurred, legal indemnification, and access to product designs and specs. It doesn't matter if they're willing to sign an NDA. Blackmail isn't limited to just the "give me X dollars or I will do something nasty you won't like." Any argument that Microsoft won't be harmed financially due to the release of this exploit is weak because Microsoft doesn't have to show actual financial damages from this. But that's just the civil suit. These guys will have more to worry about from the Justice Department in the criminal case.
This is not a step forward for the Linux community. It is an embarassing set back that could further strengthen arguments against using Linux and supporting the Linux community. It's just damn irresponsible of them.
If any of you Opera users find the "Free-X Statement" link akin to a Spinal Tap album cover, the site hasn't been defaced or removed. Try another browser, Opera 7.0 appears not to render their page readably. Undoubtedly the site's fault, not Opera's, of course.
(me.)
~ Whence do you come, slayer of men, or where are you going, conqueror of space?
Patchable? :: Furthermore, Microsoft cannot permanently patch this hack through an Xbox Live update. Version 1, v1.2, & v1.3 Xboxes will always execute the current vulnerable code. Should they remotely update the dash; one would simply open the Xbox, write an old image to the hard drive, and reboot. In the process it would be trivial to add bert and ernie (the modified fonts). Xbox Live BIOS updates are not possible due to M$ imposed hardware limitations. Of course, third party BIOS updates are not a problem for those willing to open the case and get crazy with a little solder.
Availability? :: Legal or not, at this point it's not an issue for the end user. The base-64 posted by Mr. Esser isn't going away. Proof? Try this...
X-Prize? :: Probably not. This cannot be executed or copied from a third party memory card ala 007. So opening the box is required. Partial payment maybe.
.. I would *strongly* recommend that the Slashdot Community who's been all over this 'Linux on the XBOX' bs start doing something interesting with it, and I mean fast. It would look plenty embarrasing for MS if they went after them for releasing the exploit and then people started making good (and legitimate) use of it. If everybody just wants to play MAME on it with questionably legal ROMs, that won't help Free-X.
Might I suggest a DivX based media server that can rip DVDs? I know that seems to fly in the face of what I just said about MAME, however, its a good use for the XBOX, plus you'd only be ripping DVDs you own and with good reason. "I just wanted to have easy access to my library." Another suggestion would be to set up an XBOX as a TV based info center. It stays on-line all the time on Input 2 (or whatever channel your XBOX is on), when a commercial pops up, flip the channels and get your messages. Heck, set up a browser so that it cycles through your favorite news sites every 30 seconds and scrolls them or something.
At least with something like that, something that the XBOX is better at than a cheap-o PC, the case can be made for wanting to make these mods to the unit. That'll weaken MS's case (they'll probably try to say that copy protection is bypassed or something), plus it'll take a few pokes at the DMCA as well.
I hope are people listening. MS has got an army of lawyers.
"Derp de derp."
It's time now to hack a *real* protection system made by a *real* console maker -> Nintendo Gamecube.
good luck everybody! (and you'll need it)
People, just buy an mini-itx system. It's much more open, hackable and flexible.
Right, you mean like these two did?
Terrible waste of time, eh?
.02
cLive ;-)
-- Trinity in high heels carrying a whip: The donimatrix - there is no spoonerism
how can such exploit be legal? If your door lock is easy to tamper with, is it implicitly legal for me to break in?
It is perfectly legal for you to "tamper" and "break in" if it's a lock on YOUR OWN DOOR. It doesn't matter if Microsoft built the lock, you bought the house.
The people using the exploit are using in on a machine THEY OWN. They can do anything they like with it. They can smash it with a sledgehammer or toss it in a blast furnace and vaporize the sucker. Of COURSE they can "pick the lock".
-
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
Actually, they update the dashboard (what the exploit plays with) when you install the Xbox Live stuff
Any attempt to update the XBOX is merely a request from an outside source for the XBOX to update itself. But once you have control of the XBOX you can program it to ignore that request to update itself.
When you connect to XBOX Live they check to see what version you are running, but all they can find out is what the XBOX tells them. If you control the XBOX you can have it tell them anything you like.
They are going to run into the exact same problem with Palladium and TCPA. Once someone digs the key out of the hardware, or finds any other vulnerability, then they own their system. They can run an undetectable virtualized system. They'll have "god mode" over it and af far as the rest of the world can tell they are running a secure and "trusted" system. Hell, the security situation could wind up being worse because they are pretty much going to force you to "trust" other people running the system. It just means you're going to get screwed over worse when a computer you were forced to "trust" isn't in fact secure.
-
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
Though I agree with some of what you say the bottom line is the purchaser of an X-Box owns the machine, not Microsoft. He can do what ever he wants with the hardware once he has the sales receipt in his hand.
Time is what keeps everything from happening all at once.
"Give us what we want that's not in your own best interests or we'll tell people how to break your machine and potentially lose more money by having people buy XBOXes for uses other than buying the games that make them money."
It's a little more like:
"You know that problem you wouldn't help us with? Well, we figured it out, but we don't think you'll like the solution. Can you help us with an alternative solution which is in your best interest? No? Ok, then we'll just do it our own way."