Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Hidden Boot Code of the Xbox

Posted by CmdrTaco on from the stuff-to-read dept.

Device666 writes "In order to lock out both copied games as well as homebrew software, including the GNU/Linux operating system, Microsoft built a chain of trust on the Xbox reaching from the hardware to the execution of game code, in order to avoid the infiltration of code that has not been authorized by Microsoft. The link between hardware and software in this chain of trust is the hidden "MCPX" boot ROM. The principles, the implementations and the security vulnerabilities of this 512 bytes ROM will be discussed in this wikipedia article entitled How to fit three bugs in 512 bytes of security code."

7 of 284 comments (clear)

  1. Re:Not Wikipedia by Zeinfeld · · Score: 4, Insightful
    The article is completely wrong when it says that the article is on Wikipedia, it is in a Wiki. Which is probably why a lot of people will do what I did and visit the site thinking 'massive NPVO violation'.

    Of course what is really going on here is a massive competence violation on the part of Commander Buritto

    --
    Looking for an Information Security student project suggestion?
    Try http://dotcrimeManifesto.com/
  2. Re:Why?! by Agret · · Score: 4, Insightful

    Spoken like a true person who hasn't seen a modded xbox.

    --
    Have you metaroderated recently?
  3. Re:Why?! by brokenarmsgordon · · Score: 5, Insightful

    What is morally wrong about doing whatever you want with something you paid for and own?

    What's morally wrong is anyone arbitrarily dictating what you can and cannot do with your personal property.

  4. Sensationalist trash. by AceJohnny · · Score: 4, Insightful

    Wow. Was it something in the coffee this morning?

    First of all, it a dupe with another article in the games section.

    Then it's wrong. The article isn't from wikipedia.

    Finally, nice sensationalist terms:
    - Oh noes, this code locked out GNU/Linux! Bad Microsoft!
    - Hah, Microsoft can't even write 512 bytes of code without bugs!

    Oh, and that last part was only the subtitle of the article, not the real title. But no thanks for pointing it out.

    Read the interesting linked article, or the comments on the original post on games.slashdot, but this article here is exactly what I don't like seeing on Slashdot.

    --
    Misleading titles? Inflammatory blurbs? Keep in mind that Slashdot is a tabloid.
  5. Re:Why?! by LWATCDR · · Score: 4, Insightful

    "But damn can't we at least brand the people who are breaking the EULA's and such for these "hacks." "
    What EULA? When I bought my XBox I did not sign anything?

    "At least I am not the unscrupulous individual who is taking the time and effort into doing something that is morally wrong."

    Okay why is it unscrupulous to hack a product I own to do what I want to do with it? If I guy a house is it immoral to add on a room or to tile the floor? If I buy a book is it wrong for me to make notes in the margin? If I buy a CD is it wrong to skip the tracks I really do not like? If I buy a model kit and us those parts to make a different model is that evil? If I buy a car and then put in a new stereo system and better shocks am I dammed to hell? Just how is any of this unscrupulous or immoral?
    If their is a bug in that boot code that has security issues then how bringing it to light any more immoral than reporting that flaw in a car publicly?

    Your concept of what is moral and what is not is odd at best. If you just want to play games on your XBox then to play some games.

    --
    See my blog http://ilovecookes.blogspot.com/ for light hearted technical information.
  6. I wonder by bornyesterday · · Score: 3, Insightful

    how many times slashdotters can say both "dupe" and "just because it's wiki doesn't mean it's wikipedia" for the same article.

  7. Re:An actual on-topic comment by Geoffreyerffoeg · · Score: 3, Insightful

    Just a theory...IIRC, the Xbox processor is slightly customized, right? It's not the generic off-the-shelf Celeron? So I suppose that when MS was asking Intel to make Xbox processors, Intel asked the MS guys, "Do you need it to throw an exception when the instructioon pointer overflows? We can make the chip slightly cheaper by removing that feature." MS thought for a second and said, "We're putting security on all the code that goes in, so we can watch for that feature. Besides, the users can't do anything if the CPU halts in a commercial game; it may as well overflow and crash that way. So no, we don't need that feature." And they forgot to ask their security team itself, who was relying on that feature, which was present in the development systems only.

    From the article:
    Apparently the i386 CPU family throws no exception in this case, Microsoft's engineers only assumed it or misread the documentation and never tested it.

    Does anyone know which CPUs actually throw exceptions? I have a feeling the security team tested their code on one that did.