The Hidden Boot Code of the Xbox

Device666 writes "In order to lock out both copied games as well as homebrew software, including the GNU/Linux operating system, Microsoft built a chain of trust on the Xbox reaching from the hardware to the execution of game code, in order to avoid the infiltration of code that has not been authorized by Microsoft. The link between hardware and software in this chain of trust is the hidden "MCPX" boot ROM. The principles, the implementations and the security vulnerabilities of this 512 bytes ROM will be discussed in this wikipedia article entitled How to fit three bugs in 512 bytes of security code."

dupe

dupe

Re:dupe

[moonbender]

Not only that, it's also certainly not a Wikipedia article. Not every Wiki is Wikipedia, for crying out loud.

Re:dupe

And not everyone wants to read the same whining over and over and over

Re:dupe

[Poromenos1]

Not every Wiki is Wikipedia, for crying out loud.

Correction: Not every wiki that looks like Wikipedia is Wikipedia. It does look the same, but when the URL starts with http://www.xbox-linux.org/, that's kind of a giveaway.

Re:Dupe

[nitio]

Posted by CmdrTaco on Friday August 12, @10:32AM
from the stuff-to-read dept.

Oh the irony...

Re:dupe

[kfg]

Haven't I read this post before?

KFG

Re:Dupe

[Evro]

You don't even have to read Slashdot to check these dupes anymore. Just run the titles through Google.

site:slashdot.org xbox boot

With Slashdot not having had major features added in a while I have to wonder what everybody over there is doing that's keeping them from reading their own site. I heard about a CSS implementation of the site in the works, but there have been sample rewrites in CSS for almost 2 years now, so I don't know what the deal is.

Maybe the site should be renamed Slashslashdotdot to reflect its duplicative nature.

Re:Dupe

[ari_j]

I suspect that they spend most of their time finding all the non-duplicate, insightful articles that have been submitted so that they can reject them.

Re:Dupe

[dr_dank]

These stories aren't the same you see: one is a crazy modern teenager while the one is the sophisticated identical cousin from England.

What a crazy pair, two of a kind!

We'll call it the Patty Dupe Show!

Re:Dupe

[oringo]

Perhaps this is all part of a elegant scheme to bring down xbox-linux's website. Way to go Cmdr Taco!

Re:Dupe

[caulfield]

Everything was moving along swimmingly at /. until some monkey decided to allow CmdrTaco to start posting stories.

Re:Dupe

Or reading the submission...

In order to lock out both copied games as well as homebrew software,

Linux is much more than "homebrew software" ... but ok. Try "pirated" or "counterfeit" games.

including the GNU/Linux operating system,

slows down the lede. do you know for sure that they targeted Linux? how? don't state speculation as fact.

Microsoft built a chain of trust on the Xbox reaching from the hardware to the execution of game code,

try: Microsoft built a chain of trust on the Xbox between the hardware and game code execution.

in order to avoid the infiltration of code that has not been authorized by Microsoft.

this was said already in the first clause. If you are absolutely attached to the word "authorized", eliminate the first clause and move its ideas here. That way you're explaining what happened, and then why it happened, which is a much more natural and readable progression of ideas.

Re:Dupe

[Momoru]

I've noticed a decent amount of code changes that appear to be implemented, and then rolled back. (Testing in production i suppose?) One I noticed a month or two ago that was gone a day or two later was an "Alter Relationship" link instead of seeing the friend/foe bubbles. Another change they rollout and rollback seems to be allowing Anonymous cowards posting from proxies...sometimes i can post as anonymous at work, sometimes not (mostly not...with the "Slowdown cowboy, Its been 15 minutes since you last posted" error.

Re:Dupe

[Skye16]

http://www.google.com/search?hl=en&lr=&q=site%3Asl ashdot.org+dupe&filter=0

Re:Dupe

[b1t+r0t]

That's the fourth bug in 512 bytes of code.

Re:dupe

[Jaruzel]

Uhuh, Wikipedia uses MediaWiki. Xbox-Linux uses MediaWiki. Hence the similarity.

-Jar.

Re:Dupe

[Metasquares]

"Alter Relationship" is the alt text for those buttons. The image might not have loaded :)

Re:Dupe

[Deagol]

Shouldn't that be "site:slashdot.org intitle:xbox intitle:boot"?

Re:Dupe

[Luke-Jr]

1. "copied games" is quite correct; they are generally locked out regardless of legality
2. "A, including B" means that B falls into category A. Nothing else. It doesn't have any effect on the prior part dealing with the verb.
3. Last I checked, things can reach from something to another...

Re:Dupe

[ptarjan]

For anyone (like me) who missed the original:

http://games.slashdot.org/article.pl?sid=05/08/08/ 2013251&tid=211&tid=156

Re:dupe

[RealityMogul]

Challenge to Perl geeks -

Write a dupe checker in 512 characters.

Re:Dupe

[quanticle]

Maybe the site should be renamed Slashslashdotdot to reflect its duplicative nature.

And the acronym works too: SSDD (same shit, different day).

Re:Dupe

The point has been lost if you don't understand that editors are supposed to improve functionally correct text by adding clarity and making it more concise.

Re:Dupe

[Mercury2k]

Well, I must admit that dupes are worth reading over again just for the funny comments! Maybe Mr. Taco was just trying to make us laugh? :)

Re:dupe

[mikiN]

$ while true; do (echo "not every site running MediaWiki is WIkipedia!" | post-to-slashdot sid=15882); done

How many more of those can Slashdot take?
Maybe we should try all permutations of words in that sentence? Write a polymorphic engine for it? DOS attack Wikipedia asking it for its own definition?
Oh well...

Re:Dupe

[It'sYerMam]

Your point was lost when you had delusions about being an editor, rather than an incorrect, petty pedant.

Re:dupe

(echo "not every site running MediaWiki is WIkipedia!" | post-to-slashdot sid=15882)

Why did you feel the need to spawn a subshell, hence the parentheses?

Re:dupe

Because I pipe the text into post-to-slashdot, to make it clear what is input to what. Not using parens would break the while loop.

I generally don't like "here-documents" that much, especially if they contain shell commands, messes up string highlighting to make the input stand out.

Dupe of previous story

This has already been posted in the Games section. Dupe-a-thon, and posting a Wiki too? Jesus christ.

Re:Dupe of previous story

Please do not use the name of "Jesus Christ" in vain. He died for your sins.

Re:Dupe of previous story

No, he got nailed to a cross because he said what he wanted to say. Ironic you're telling someone not to say something, isn't it?

Re:Dupe of previous story

He was a little eairly, I didnt start sinning until about 14 years ago. It's good he got a jump on it though.

Re:Dupe of previous story

[ajs318]

Yeah, and Hansel and Grethel found a house made of gingerbread. What's your point?

Re:Dupe of previous story

[kurzweilfreak]

As offtopic as it is, parent really deserves an Insightful mod.

Dupe

[dkf]

Thanks for not reading your own site, CmdrTaco

dupe ...

[domipheus]

http://games.slashdot.org/article.pl?sid=05/08/08/ 2013251&tid=211&tid=156 and, i tried to email the on duty editor, but it was only 'from the future' for 5 mins

D-word'd!

[aNonniMouse]

Hmm... this sounds strangely familier... http://games.slashdot.org/article.pl?sid=05/08/08/ 2013251

Outside this chain of trust...

[zarthrag]

...is a duped slashdot article.

Re:Outside this chain of trust...

[databyss]

Oh come on mods!

It's not redundant... it's duplicate!

Sounds like....

[wgray8231]

The title of a seminar held on the Redmond, WA campus.

Thanks!

[Loonacy]

I didn't get enough out of this article the first time around. Thanks for posting it again!

Dupe

[BlackCobra43]

http://games.slashdot.org/article.pl?sid=05/08/08/ 2013251&tid=211&tid=156 Probably pointed out already, but at least I'm helpful and give the reference link.

lol

[cptbarkey]

sorry, not newsworthy

Hey now...

[Knight+Thrasher]

In all fairness, the previous posting of this had NOTHING about Wikipedia in it. Perhaps that was the intended news to spread?

Re:Hey now...

[FireFlie]

It would seem that this article has nothing to do with wikipedia either (except mentioning the name). Correct me if I'm wrong, but wiki != wikipedia.

Re:Hey now...

[1u3hr]

In all fairness, the previous posting of this had NOTHING about Wikipedia in it. Perhaps that was the intended news to spread?

Duplicate story, duplicate link.

The previous article linked to the same page on xbox-linux.org, which is a wiki; not part of "The" wikipedia. Taco is asleep at the switch again.

Re:Hey now...

[Knight+Thrasher]

(I was going for a joke on the sly about the already-identified Wikipedia/Wiki misinformation. Ah well, next time Spiderman, next time...)

Re:Hey now...

[1u3hr]

(I was going for a joke on the sly..

It's generally and depressingly true that most dumb statements here, not least those by the editors, are actually dumb statements. Conversely, seemingly redundant posts are often explained as the authors looking at earlier versions of the page while they composed a post, only to see a dozen similar ones after they submit and refreshed -- I've been modded down redundant for that.

Not Wikipedia

[c0l0]

Just because some text is available on a Wiki, it's not automatically so on Wikipedia, y'know?

Re:Not Wikipedia

[Zeinfeld]

The article is completely wrong when it says that the article is on Wikipedia, it is in a Wiki. Which is probably why a lot of people will do what I did and visit the site thinking 'massive NPVO violation'.

Of course what is really going on here is a massive competence violation on the part of Commander Buritto

Re:Not Wikipedia

My guess is that Device666, while in a drug-induced hallucination, assumed that wiki is a contraction of wikipedia, when wikipedia is actually a portmanteau word from wiki and encyclopedia. Wiki in turn is from the Hawaiian word wikiwiki.

Re:Not Wikipedia

[maxwell+demon]

I guess he just got confused because the Wiki is a MediaWiki, which is the Wiki developed and used for Wikipedia (and all other Wikimedia Wikis), and it's obviously also using the default stylesheets (or an only slightly modified version of them), and therefore has the same look and feel as Wikipedia (which is clearly different from the look and feel of most other Wikis).

Re:Not Wikipedia

[ari_j]

Not to mention that the article itself sucks. It's informative, yes, but I really can't imagine anyone but Mort or Neil Goldman (from Family Guy) writing it.

Re:Not Wikipedia

[orasio]

It's spelled "burrito", muchas gracias (ándale ándale ándale, arriba!).

Deja Vu is just...

[SynapseLapse]

the slashdotrix adjusting itself... Pay no attention to that cat.

Re:Deja Vu is just...

[Dr.Opveter]

Well at least your post in this topic helped me remember the title of a game i used to play on the Apple, Deja vu! Thanks :-)

Re:Deja Vu is just...

[sethos666]

... and it got slashdoted already, wonder who was the chosen one this time?!?

Wikipedia

[mnemonic_]

The principles, the implementations and the security vulnerabilities of this 512 bytes ROM will be discussed in this wikipedia article entitled How to fit three bugs in 512 bytes of security code.

So it seems someone doesn't know the difference between a page with wiki technology and Wikipedia.

This is not a wikipedia article...

[afabbro]

...otherwise, the domain would be wikipedia.org. Not every site that runs MediaWiki is the Wikipedia.

You'd expect "editing" to catch something like that...

Re:This is not a wikipedia article...

[Philmeeh]

Ahh yes but I wouldn't expect editing to occur on Slashdot

Re:This is not a wikipedia article...

[doublem]

"editing" on slashdot????

Are we reading the same site?

What is this "editing" of which you speak. I see it elsewhere, but I thought it was banned here or something.

Shouldn't the editors at least RTFA?

[hunterx11]

Not only is this a dupe, but the summary claims that the link is a Wikipedia article. Guess what--not every site running MediaWiki is WIkipedia. In fact, I'm pretty sure that only Wikipedia is Wikipedia.

Re:Shouldn't the editors at least RTFA?

After the recent uprising against Zonk, it's quite likely that he's giving Taco some of his pay to post the dupes for him.

Re:Shouldn't the editors at least RTFA?

[someonewhois]

You know the irony? Browsing at +3 threshold right now shows two posts in a row:

1. http://hardware.slashdot.org/comments.pl?sid=15882 1&cid=13303204
2. http://hardware.slashdot.org/comments.pl?sid=15882 1&cid=13303209

I love how they have the EXACT same sentence of "not every site running mediawki is wikipedia".

Re:Shouldn't the editors at least RTFA?

i hope heaven is a place where
a) everyone knows the difference between "your" and "you're"
b) everyone knows the difference between "there" and "they're"
c) nobody says "begs the question" when what they really mean is "prompts for the question to be asked"
and finally
d) where the word "irony" and all the derivatives of "irony" are used correctly

that would make me sooooooooooooooo happy.

Re:Shouldn't the editors at least RTFA?

[Thnikkaman]

Well the poster you're replying to did use irony correctly. He's pointing out how ironic it is that the parent is complaining about dupes when he has an exact duplicate of a sentence found in the post directly above his. Good luck with you're heaven. ;)

Re:Shouldn't the editors at least RTFA?

[TheoMurpse]

Ah, but they are not the same sentence. One has "the" inserted before "Wikipedia":

Not every site that runs MediaWiki is the Wikipedia.

not every site running MediaWiki is WIkipedia.

Re:Shouldn't the editors at least RTFA?

It's up to eight upmodded posts (god knows how many there are if one browses at 1 or below) saying exactly the same thing by now. And people complain about the articles being dupes...

Oh damn you all

[BlackCobra43]

Now you've gone ahead and made my dupe post a dupe. The irony is excruciating.

Howto fit 2 stories in the same

[bigdady92]

512b of space. NExT ON SLASHDOT!

Re:Howto fit 2 stories in the same

512 bytes should be enough for everyone.

Ah, slashdot

[EvilMonkeySlayer]

The thing everyone needs to remember is that slashdot is akin to Norman Bates, a lot of them are confused, a lot of them crossdress and are very often psychotic.

So, the next time you see a dupe.. remember, be quiet.. or you could be murdered by a crossdressing psychopath.

Re:Ah, slashdot

[lisaparratt]

Come off it - crossdressers have the potential to be sexy.

I'd doubt any of the editors being sexy.

Re:Ah, slashdot

[doublem]

You say that like it's unusual in IT. Do you mean to say you never interviewed a job candidate named Phred, whose gender could not be determined, and was a source of debate office for weeks afterwards?

(Note, despite the fact that I wanted to hire him/her, the company owner tossed the resume when he saw that he/she had listed web sites for Gay and Lesbian groups among those she/he had designed, and was giving as resume examples.)

Re:Ah, slashdot

[ajs318]

One thing I have learned in 34 years is that if you want to pull a bird, one of the surefirest ways is to go out wearing a dress.

Unfortunately, the bird you pull will invariably be a taff.

Re:Ah, slashdot

[bemenaker]

Did you check the site to see if your boss has an ad there? Maybe he/she was afraid of being found out. :D

Re:Ah, slashdot

[yamla]

I'm curious, is that legal in the U.S.? That is, tossing out a resume because the applicant designed sites for gay and lesbian groups? It certainly isn't in Canada.

Re:Ah, slashdot

[mmkkbb]

A taff? Google says: The plain of Karbilá in which vicinity Imám Husayn was martyred.

Re:Ah, slashdot

[Gordonjcp]

I can't see why it *would* be illegal. You're not under any obligation to hire someone.

Re:Ah, slashdot

[mr_jrt]

..."Taff" aka. "Taffy" is also a British colloquialisim for a Welshman.

Re:Ah, slashdot

[yamla]

You are under an obligation not to discriminate against certain protected groups. Having a policy of never hiring black people would be illegal, for example.

Re:Ah, slashdot

[Gordonjcp]

And? You're discriminating because you don't like the work someone has done. What's the problem?

Re:Ah, slashdot

[Cerv]

Equal oppertunity laws perhaps.

Re:Ah, slashdot

[Simon+Brooke]

I can't see why it [not hiring someone because of their age, gender, race or sexual orientation] *would* be illegal. You're not under any obligation to hire someone.

In Europe, while you're under no obligation to hire someone, you cannot legally use considerations of e.g. race or sexual orientation in deciding not to hire them, and if they can prove you did decide not to hire them on such grounds you're in serious shit. This seems to me, on the whole, fairly reasonable.

Re:Ah, slashdot

[MysteriousPreacher]

Even if it is illegal in the US, the difficult thing though would be proving it unless the recruiter were stupid enough to say something like "We don't really want any of your people here."

Re:Ah, slashdot

[doublem]

You know, I hadn't thought of that. That guy was so over the top homophobic, that it wouldn't surprise me if he was repressing a burning need for some man love.

BTW: This was at a previous job. The company that routinely discarded resumes because of "foreign sounding names" or implied sexual orientation has since been bought out by a larger firm. The owner who tossed the applicant's resume got a few million in the buyout, and most of the rest of the staff got pink slips.

I changed jobs before getting a pink slip, so I came out fairly well.

Re:Ah, slashdot

[doublem]

It depends on the state. It's discrimination of the first order, but sexual orientation isn't consistently protected across the board. The company's habit of tossing resumes based on "foreign sounding names" was highly illegal, but doing so because the applicant was gay, bisexual or androgynous may not have been.

Re:Ah, slashdot

[yamla]

Oh, I'm sorry, I misunderstood. I thought your boss was discriminating against them not because of their work but because the work was done for gay and lesbian groups. In any case, we are pretty far off-topic here, so I'll drop it.

Re:Ah, slashdot

[DavidTC]

What's your point?

Do you like dating plains?

Re:Ah, slashdot

[jericho4.0]

Sexual orientation is not protected in the US, and it's quite a recent addition here in Canada, also.

On a side note, I did some work years ago with a web design firm that had a lot of lefty gigs. Greenpeace, David Suzuki Foundation, etc. This fact undeniably lost me (and the company) other work.

Re:Ah, slashdot

[Gordonjcp]

Well for one thing, it's not *my* boss. For another, you are (as I already said) under no obligation to hire someone. If I don't hire you because I just plain don't like you, tough shit.

Re:Ah, slashdot

For another, you are (as I already said) under no obligation to hire someone. If I don't hire you because I just plain don't like you, tough shit.

Yes. But if, during the interview in which you decided that you just plain didn't like me, you happened to comment on the color of my skin, or said I "looked a bit gay", or even just happened to remark that you liked my work but wished it hadn't been done for a church... then tough shit for you, because you are going to see me in court and you are going to lose.

Believe it or not, even in today's America, things aren't totally weighted in favor of the employer. Big business may or may not be doing all it can to destroy any concept of workers' rights, but they do still exist. Don't want to hire someone? Do want to fire someone? Great, you can do it. But you better be damn careful what they hear coming out of your mouth, because your freedom of speech might just turn into my freedom to sue your ass.

Re:Ah, slashdot

[Archangel_Azazel]

It's that whole "if you can prove it" thing that usually annoys me. I understand that you have to prove something has occured. It just annoys me that I've seen how hard that proof can be to come by.

No win situation I know...just ranting as I'm wont to do sometimes.

A.A

Re:Ah, slashdot

[Gordonjcp]

No, sorry. I can employ who I want. If I don't want to employ someone because I think they are mentally unstable, that is my right.

Re:Ah, slashdot

Especially Bugs Bunny.

So that's six bugs per kilobyte?

[mikeophile]

Is that over or under Microsoft's par?

Re:So that's six bugs per kilobyte?

[Agret]

They allow for a 110% bug ratio.

Re:So that's six bugs per kilobyte?

[dhasenan]

How many bugbytes is that?

Re:So that's six bugs per kilobyte?

[heri0n]

I think thats an albatross

Re:So that's six bugs per kilobyte?

[MrHanky]

Neither, really. 3840 bugs should be enough for everyone.

Not Wikipedia

[Nehle]

That's not a wikipedia article, that's an article from a wiki running mediawiki.

Entitled?

"...discussed in this wikipedia article entitled How to fit three..."

Articles aren't entitled to anything.

Re:Entitled?

entitle

      verb 1 give (someone) a right to do or have. 2 give a title to (a book, play, etc.).

You could probably make an argument, given the second definition, that it is the correct word to use. I personally prefer the simplicity of 'titled', just because it avoids problems like this.

chain of trust?

[Anita+Coney]

Isn't it more like a chain of mistrust?!

Re:chain of trust?

[WhatAmIDoingHere]

Maybe the chain of Anti-Trust?

Re:chain of trust?

[MCraigW]

Actually, "distrust".

3 bugs?

Wow, someone forgot to turn off the auto-MSbash function. Have you heard any complaints about bugs on the xbox? no. How many millions play games on xbox live again?

And considering the lengths you have to go just to install linux on an xbox, mod chips and the like, I'd say those 512 bytes seem to be working just fine.

Oh, sorry, if MS makes it it must be buggy. And I guess they trounced nintendo in the marketplace because they were a monopoly and used anticompetitive practices too.

Re:3 bugs?

[AwaxSlashdot]

Those bugs are not ones that prevent games from running. Those bugs are bugs that prevent the anti-BootROM-tweak system to work.

Re:3 bugs?

[chrismcdirty]

Please show me where they trounced Nintendo in the market place. And when I say market place, I consider the entire world where Nintendo and Microsoft have basically been neck and neck in hardware sales since their respective releases. Sure, Microsoft is doing surprisingly well in NA, but Japan is a different story.

Re:3 bugs?

Obviously you and they are using definitions of marketplace. You even pointed this out in your post. Yet, you are still a jackass about it. Odd.

Why?!

[Fringex]

Why can't people just play the XBox instead of hacking it? I mean seriously, you don't see me hacking my XBox. I buy a game, I play a game. It is quite simple.

Sure the arguement can be brought up that some people want to know how it works. Well? Go work for a bloody gaming company who designs how it works.

I read these articles and think to myself... You know they sure do like to brand Microsoft as bug filled. But damn can't we at least brand the people who are breaking the EULA's and such for these "hacks." Microsoft made a game system for people to enjoy games on.

If they had three freaking bugs, whoopy do. At least I am not the unscrupulous individual who is taking the time and effort into doing something that is morally wrong.

Re:Why?!

[Agret]

Spoken like a true person who hasn't seen a modded xbox.

Re:Why?!

[brokenarmsgordon]

What is morally wrong about doing whatever you want with something you paid for and own?

What's morally wrong is anyone arbitrarily dictating what you can and cannot do with your personal property.

Re:Why?!

Why is it morally wrong to hack your xbox? I paid for my xbox, I should be able to do whatever the hell I want with it. I will leave out playing pirated games in this discussion, as I could see where that could be considered morally wrong. But you are complaining about simply hacking it. That's like saying I can't put a turbo booster on my car. It's mine, I bought it, I should be allowed to modify it (or destroy it) in any way I see fit. Otherwise I might as well just rent it and not own it.

Re:Why?!

[rindeee]

Are you serious? Put down the kool-aid for a sec and consider this. If I buy something (a physical something), I own it. It's mine. If I buy and X-Box and am of the ilk that likes to know what makes things tick, it's my prerogative (and certainly within the bounds of morality) to tear it apart and put it back together. If I can make my X-Box boot Linux (which, contrary to your implication can have a very significant and useful purpose) then more power to me. I will certainly share my knowledge with others who wish to do the same. When it comes to stealing games (copyrighted works of "art"), you are dealing with an entirely different issue. That is akin to me being able to throw my buddy's X-Box into a replicator, push a few buttons and voi lah! 2 X-Boxen. Don't confuse the two concepts. Now, commence kool-aid drinking.

Re:Why?!

My memory must be shot, I'm sure I didn't sign a license agreement.

Re:Why?!

who is taking the time and effort into doing something that is morally wrong.

morally wrong ? i own a piece of black plastic.. what can i do that is morally wrong ? (try to sell it for 399$ ?)

Re:Why?!

[Eric604]

Hacking the xbox is also a game, just a different game. You play pre-made games, other people make their own games.

Re:Why?!

I shouldn't be feeding the troll, but making (lawfully purchased!) hardware doing things it was never intended to do has long been one of the cornerstones of geekdom. I've yet to see a convincing argument as to why altering something you legally own is immoral in any sense.

Re:Why?!

[webmaestro]

Sure the arguement can be brought up that some people want to know how it works. Well? Go work for a bloody gaming company who designs how it works.

Yeah, because obviously if I want to find out about anything I can just apply for a job at the company, which I will get. And fortunately the company will just ask me what I want to do and let me do it. Just like when I want to see movies before they come out I can just decide to get a job at a movie studio and they will let me watch the movies.

Re:Why?!

The more interesting point is why people love to focus on MS's products. I'm sure there are bugs in the Playstation 2 and the gamecube, but no one cares. The care about MS, because it's MS.

They hate MS so much they can't stop thinking about it and obsessing over it. Basically, they are stalkers.

I wonder, are there websites where car mechanics write about how the ignition mechanism on the Honda Accord is is poorly designed because there is a 0.5mm flange of metal wthat should have been a barb and how those engineers are stupid, and by extrapolation how they, the mechanics, are smarter than Honda? No. Because car mechanics are rarely that arrogant.

You want to know why MS is smarter than all these hackers? Because they can produce a seemingly "buggy" xbox, write seemingly "buggy" software like Halo 2 that everyone trips over themselves to buy and play, and make hundreds of millions of dollars *in a weekend* doing it.

Meanwhile, you hackers with your allegedly clever exploits and perfect code still live in you mom's basement.

Mod me for trolling, whatever.

Re:Why?!

[Intron]

That's why I always rub bacon on the shrink-wrap and let my dog open it. Then he's bound by the EULA, not me.

Re:Why?!

Wow.

That really bothers you, huh?

Re:Why?!

[SnopeG]

I hack out of necessity. The Xbox Media Center is an amazing piece of work. If these capabilities were built into the Xbox (or offered as an upgrade), then I wouldn't bother. Microsoft should learn from this and include media playing (and whatever the hacking community is doing) into the 360. I don't even use my Xbox for games...it's strickly a media player. I know there are other options out there to play my media for me, but the XBMC is the best there is!

Re:Why?!

Why is it morally wrong to hack your xbox? I paid for my xbox, I should be able to do whatever the hell I want with it. I will leave out playing pirated games in this discussion, as I could see where that could be considered morally wrong. But you are complaining about simply hacking it. That's like saying I can't put a turbo booster on my car. It's mine, I bought it, I should be allowed to modify it (or destroy it) in any way I see fit. Otherwise I might as well just rent it and not own it.

If you own it you can modify it. The company that made your car isn't obligated to insure your car will run with aftermarket parts installed, though.

Folks should vote with their wallet. If an MS product doesn't meet their needs, don't buy it - but if they're howling because it doesn't do something it wasn't designed to do it seems to me the proper thing to do would be to stfu about it ;-)

Re:Why?!

[LWATCDR]

"But damn can't we at least brand the people who are breaking the EULA's and such for these "hacks." "
What EULA? When I bought my XBox I did not sign anything?

"At least I am not the unscrupulous individual who is taking the time and effort into doing something that is morally wrong."

Okay why is it unscrupulous to hack a product I own to do what I want to do with it? If I guy a house is it immoral to add on a room or to tile the floor? If I buy a book is it wrong for me to make notes in the margin? If I buy a CD is it wrong to skip the tracks I really do not like? If I buy a model kit and us those parts to make a different model is that evil? If I buy a car and then put in a new stereo system and better shocks am I dammed to hell? Just how is any of this unscrupulous or immoral?
If their is a bug in that boot code that has security issues then how bringing it to light any more immoral than reporting that flaw in a car publicly?

Your concept of what is moral and what is not is odd at best. If you just want to play games on your XBox then to play some games.

Re:Why?!

[Lumpy]

Why cant people cook over fire like ogg instead of hacking it?

I build fire, I cook over fire. But Ugg over there has to mess up fire by changing it and adding stone cover over fire and slate door in front of fire to make fire do things it was not intended to.

now Ugg is spreading this evil change to fire and giving away this really evil "bread" he cooks in his "oven" that is against the EULA of fire.

Cooking over fire is quite simple and those chaging fire are only making it more difficult for others wanting fire.

others should do as OGG does and stick head in sand to avoid change and innovation.

Hmm, sounds ALOT like what you just said. if we all had the silly attitude you did, we would not have computers now. HACKING and hackers brought you everything you have and enjoy now from your house to your car to your food to your precious Xbox.

Re:Why?!

[Have+Blue]

The Xbox lockdown was always about pirated games. MS knows that only a small fraction of the audience cares about homebrew or Linux.

Re:Why?!

[AC runs off to buy some bacon, and a dog]

Re:Why?!

[HD+Webdev]

What is morally wrong about doing whatever you want with something you paid for and own?

What's morally wrong is anyone arbitrarily dictating what you can and cannot do with your personal property.

I'm pretty sure that sheep wouldn't agree with you.

Re:Why?!

[brokenarmsgordon]

So what? Guilty until proven innocent are we?

Re:Why?!

[Oizoken]

i used to do the same thing with my homework, but for a totally different reason.

Re:Why?!

Can we revoke UIDs of people who are ignorant AND make value judgments on those that know better?

The XBOX is a PC, marketed as an entertainment system. If people want to use it like a PC - run Linux in clusters, watch movies, play games from classic systems, stream internet radio and TV, etc. - more power to them. This comment is ridiculous, and reveals the poster's ignorance of not only the box itself, but also of Microsoft's long term strategy in this market. If you think it's about games, you are living in the last century.

PS: Insightful!? WTF! A minute ago, this was a much more appropriate Flamebait.

Re:Why?!

[Fred+Or+Alive]

Well, it's morally wrong to mod your Xbox and then use the mods to cheat with Halo 2 online (although Bungie fixed their moronic mistake[1]) or other online games. (It breaks the Xbox Live EULA as well).

I personally don't mind what people do with their Xboxes, as long as it isn't to cheat.

[1] Gee, people have been able to edit files on the hard drive for two years! Lets not bother with any verification for this downloadable content!

Re:Why?!

[91degrees]

No. It's also about imported games and unlicenced games. That's why those are disallowed as well.

Re:Why?!

[dhasenan]

What about hacking hardware you got via BitTorrent?

Re:Why?!

You're one of those guys who only ever bought lego sets that came with an instruction manual arn't you?

Even if a person wants to tear their XBox apart, spray paint it pink and make it into a collage then I really see no problems, moral, ethical or otherwise.

Re:Why?!

I don't know. What's morally wrong about wantonly shooting people with a gun I paid for and own?

Of course, this is an extreme example. The point of which is, your right to do whatever you want ends when it infringes on other people's rights.

Re:Why?!

why you ask?

why not?

playing with a hardware design is morally wrong? wow. i am left speechles.

Re:Why?!

[91degrees]

No.

It's about discussion. People will comment. Read responses. Learn. It's all good, albeit frustrating for some.

Re:Why?!

[brokenarmsgordon]

That's because sheep lack the ability to speak and form coherent thought. Very keen observation, friend.

Re:Why?!

[brokenarmsgordon]

If you want to shoot people with a gun you paid for and own, you can do that. But there is a penalty. I have not said that responsibility is to be ignored.

Re:Why?!

That's why I always rub bacon on the shrink-wrap and let my dog open it.

I know there's a Rubicon joke in there somewhere, I just can't come up with it.

Re:Why?!

[jedrek]

I dunno... My XBox is modded to hell and back and I can't remember the last time I actually played a game on it, not to mention I own all the games I've played. All 15 titles are on my hard drive, along with a bunch of movies and TV shows. See, the main thing I used it for is viewing media. XBMC is the first position on my EVOX dashboard.

Re:Why?!

What difference does it make to you personally? Are they preventing you from masturbating over your porn? Who the hell are you to say how others should spent their time on items they have purchased?

Re:Why?!

[Not_Wiggins]

Dude... don't pick on ogg; it's having a hard enough time trying to kick mp3's ass to worry about how to improve fire.

Re:Why?!

[justforaday]

Your homework had an EULA? *confused*

Re:Why?!

[mrRay720]

Well you may have a valid point about your ability to turn the XBox into a better media player, but your describing this this as "hacking out of necessity" is completely laughable. You need a media modded XBox to live or something?

Re:Why?!

[FinestLittleSpace]

Please send me torrent links for hardware as I require a new GFX card.

K kewl thx omg!!!!!!1111ONEONE!

Re:Why?!

[SnopeG]

Well, not necessarily to live, but to live a full and rewarding life...

Re:Why?!

[xs650]

It's a long tradition. Children have been getting more enjoyment playing with the boxes their Xmas gifts came in than the gifts themselves for decades.

That's because the boxes are often more interesting and allow more use of their minds.

Re:Why?!

[interiot]

Well, EULAs are contracts, and in a country that follows the rule of law, following contracts is one of the keys to a stable society.

On the other hand, what manufacturers seem to be doing is clearly somewhat abusive, and even though they're not cooperating with each other, most EULAs will probably contain abusive language, so consumers aren't likely to have a choice about which contract they enter into.

On the other hand, quotes like this give me a little hope that more and more people are seeing the value in openness:

For instance, DiBona pointed out that if Google used Windows, or any other non-open source software program, to make changes to that system he would be required to essentially ask permission from that vendor. "Why should we hand over the control of our software support to another company?"

If people see that openness is a very valuable thing, it's possible that either manufacturers will start releasing more open products, or, eventually, judges might step in and mandate slightly less abusive contracts.

Re:Why?!

[Fringex]

Holy hell. Every moron replied to my thread. Mark me up as flamebait I fucking love it.

The moderators for slashdot need a lesson in moderation.

Re:Why?!

[Eivind+Eklund]

Why can't people just play the XBox instead of hacking it? I mean seriously, you don't see me hacking my XBox. I buy a game, I play a game. It is quite simple. [...] If they had three freaking bugs, whoopy do. At least I am not the unscrupulous individual who is taking the time and effort into doing something that is morally wrong.

That's debatable. By buying XBox games, you're giving financial support a convicted monopolist. To me, there are some moral issues with that. I resolve them by using neither the XBox nor other Microsoft products[1].

Eivind.

[1] Exception: An inherited Windows PC at work. It runs putty, Firefox, Acrobat Reader, Eudora and Open Office. I see no point in doing a reinstall for a box that works and where the license has already been paid.

Re:Why?!

[b1t+r0t]

Or you could just rub Beggin' Strips on the shrink wrap, and your dog would still open it because he can't tell it isn't bacon!

Re:Why?!

[mprinkey]

Maybe you should just boot XBMC as your dashboard instead of EVOX. It works pretty well.

Re:Why?!

[Hoplite3]

I see no philosophical problem with Microsoft locking their BIOS down, using trusted computing to prevent unauthorized code.

What I have a problem with is the law that says I can't try to break the lock on something I own. I have a problem with the law that says I can't talk about this activity.

Now, I prefer to buy robust, user-modifiable devices. I will spend my dollars on my preference. I worry about the marketplace being dominated by TCPA devices, but I don't have a philosophical objection to those things existing.

The DMCA is just beginning to effect our lives. Give it another ten years to poison "intellectual property". If people own ideas, enforcement can only come in the form of thought control.

Re:Why?!

[shuufoxie]

Maybe if they released occasional patches for fire it would'nt get hacked. ^^ Seriously, when was the last time you saw one?

Re:Why?!

You're not using the Xbox for it's designed purpose! How dare you!

It's funny how the DMCA is pretty much going to destroy the future of the tech industry in this country. The whole reason we have computers now is from people who were allowed to modify and hack previous ideas and extend them into derivative works.

That's now illegal. It's illegal to find out how something works. Talk about shooting yourself in the foot.

Re:Why?!

No, you're just a piece of shit Slashdot troll. So while you're technically an unscrupulous individual, there's nothing morally wrong about you, per se. You're just pathetic, that's all...though to be honest, I doubt anyone would ever feel sorry for you in any given situation.

Re:Why?!

[Alphabet+Pal]

Yeah - nothing gets you a job faster than saying, "I know nothing about what you do. Hire me and pay me to learn it!"

Re:Why?!

[TorKlingberg]

Killing people is wrong. If you do it with a gun or not doesn't matter.

Playing with electronics is not wrong. And as long as it is your there is no problem.

Re:Why?!

[Eric604]

That's an interesting analogy.
--
This post is probably overrated

Re:Why?!

[colinrichardday]

Doesn't Microsoft lose money on the XBox itself, making up the loss by profiting on the games?

Re:Why?!

[FurryFeet]

If I guy a house is it immoral to add on a room or to tile the floor?

Dude, I don't know what "guying a house" is, but I'm quite sure it should be immoral.

Re:Why?!

[dubl-u]

At least I am not the unscrupulous individual who is taking the time and effort into doing something that is morally wrong.

I went to the store, bought something, and am using it for what I please. My use hurt nobody. Where's the moral wrong, exactly?

Re:Why?!

[AnalogDiehard]

The Xbox is the loss leader for M$, they get their profit back on the games you play on the box.

If you just want an Xbox for a cheap linux box and you don't buy games, M$ loses. This move is just to protect their return on investment. I'm not a fan of M$ but this is a legitimate business decision.

Sort of like Macrovision filing patents on circumvention methods of their own systems, that way if a third party sells a circumvention box then Macrovision can put them out of business citing patent infringement.

Re:Why?!

'Cause Microsoft sold (sells?) the XBox for a loss and makes all their revenue off of liscencing/game sales. Media Center users don't buy as many games; hence Microsoft can't make their money back from those users.

Re:Why?!

[Eivind+Eklund]

Yeah, it does, or at least did. The normal cycle for consoles is subsidy for the first year or so and then very slight profit per console, making the rest up in games.

However, knowing myself and my friends: Without the hardware it's much easier to avoid the temptation of buying, being given as gifts, or pirating those games ;)

Eivind.

Re:Why?!

[MCraigW]

What is morally wrong about doing whatever you want with something you paid for and own?

What's morally wrong is anyone arbitrarily dictating what you can and cannot do with your personal property.

Lets see, I bought this nice music CD, I paid for it, so I own it, or do I? Can I share it with a few friends?

Re:Why?!

[nicktripp]

Bill? Is that you?

Re:Why?!

[mfrank]

What, you don't have (or know anybody that has) a child? Or just have a neighbor do it.

I bet you drawer full of CDs smells...interesting.

Re:Why?!

[squiggleslash]

How is running GNU/Linux or NetBSD on an XBox "morally wrong"?

Re:Why?!

[brokenarmsgordon]

You can give the CD to whomever you want. You can even resell it if you want. It's yours.

Re:Why?!

while it may be technically true, microsoft really would not care. the more they sell, the more marketshare they have. the more marketshare they have, the more companies will produce games for the xbox. the more games that come out, the more money they get.

Re:Why?!

[TCM]

Lets see, I bought this nice music CD, I paid for it, so I own it, or do I? Can I share it with a few friends?

I dunno about you, but I still remember a time where it was perfectly legal to give a copy to your friends.

Re:Why?!

[lordsid]

to quote the matrix "because i choose to"

Re:Why?!

You sound like a fucking idiot. A convicted monopolist!! Avoid like the plague!!

Whoopy fuckin doo. Buying XBox games cos you want to play a fucking game, that's it. Geddit? Nobody really gives a fuck about the rest of it.

Re:Why?!

Because it's morally wrong to do something other than what others want you to do, silly!

Re:Why?!

HAHAHAHA! YOUR JOKE IS FONNY!

but for a totally different reason

Oh.

Re:Why?!

[Locke2005]

WTF? It's "morally wrong" to try to figure out how things actually work, then tell other people? So science is morally wrong then, we should just beleive what are leaders tell us, and never question anything? Well, at least you and Al Queda agree on something! Man, people making assinine statements like that about things being "morally wrong" is the best argument I've seen yet why creationism should NOT be taught in the schools... you've got it backwards; intentionally remaining ignorant is the most morally wrong thing a person can do... but that is apparently the path you have choosen.

Re:Why?!

[Geoffreyerffoeg]

At least I am not the unscrupulous individual who is taking the time and effort into doing something that is morally wrong.

It is morally wrong not to stand up against evil. It is an even worse moral wrong when the evil convinces you that it is good.

Microsoft made an Xbox, great. They put a lockout code, more power to them. But when they try to portray people who bypass the lockout code on their own property, that is morally wrong.

Re:Why?!

[Geoffreyerffoeg]

(Grr. Should've previewed. Oh well.)

At least I am not the unscrupulous individual who is taking the time and effort into doing something that is morally wrong.

It is morally wrong not to stand up against evil. It is an even worse moral wrong when the evil convinces you that it is good.

Microsoft made an Xbox, great. They put a lockout code, more power to them. But when they try to portray people who bypass the lockout code on their own property as lawbreakers or wrongdoers, then that is morally wrong. And it is the duty of moral individuals to stand up and say what is wrong.

(While I'm at it, I may as well mention that copying games without paying for it is morally wrong. All that is acceptable is modding the Xbox for fair uses: copying games you own (although I'm not sure why you'd do that), installing Linux, etc.)

Re:Why?!

[losman]

I understand where you are going and but your buying a house example is not helping you. When you purchase any piece of land it is zoned and that is controlled by the local government. Certain zones are for certain types of housing and what not.

You are allowed to change your house in accordance with their rules as it is zoned. Their zoning is like the EULA. You cannot tear down your home and build a 10 story tower to rent out. So whether you agree to it or not you are participating and bound to these kind of rules all the time. The only reason you are vocal about it now is because someone said Microsoft.

I will have you know that I can't stand MS. And I don't agree with this either but it is their right to do so. It is my right not to purchase it and I haven't and will not.

Re:Why?!

[asdfghjklqwertyuiop]

  I don't know. What's morally wrong about wantonly shooting people with a gun I paid for and own?

Of course, this is an extreme example. The point of which is, your right to do whatever you want ends when it infringes on other people's rights.

Modifying your own xbox does not infringe upon anyone's rights. Your XBox is your property, not Microsoft's. They do not have any rights over your property that you could possibly infringe upon, except possibly the copyrights on the firmware code & whatnot. However copyright does not prevent you from modifying copies that you own.

Re:Why?!

[Bent+Mind]

The company that made your car isn't obligated to insure your car will run with aftermarket parts installed.

No. However, I'd be very unhappy about buying a car that was designed to purposely not work with aftermarket parts, especially if that ban were enforced by law.

but if they're howling because it doesn't do something it wasn't designed to do it seems to me the proper thing to do would be to stfu about it

The X-Box was designed to run computer programs. However, due to artificial design restraints, it only works with Microsoft computer programs. On top of that, it is illegal to remove the artificial restraints so that the X-Box does run non-Microsoft computer programs. The restraints are a minor pain that a hand full of people have discovered how to remove. And yes, I understand the game console business model. It allows Microsoft to make money on the X-Box while selling it below cost. I suppose that's the cost of cheap hardware. However, it should not be illegal for me to modify my X-Box so that it performs to its maximum potential. Nor should it be illegal to tell others how to make the change.

Re:Why?!

[rindeee]

Indeed...the qualifier "in this country" is very important. One of two things will happen (in my next to worthless opinion). Either we'll fix things, or many (any that doesn't have DMCA like craziness) other countries will surpass us in terms of technological advancement. Since money talks (and in the long run more money is to be made by advancement than payoffs from the current clan of DMCA pushers)I'm hoping for the latter.

Re:Why?!

[asdfghjklqwertyuiop]

You are allowed to change your house in accordance with their rules as it is zoned. Their zoning is like the EULA. You cannot tear down your home and build a 10 story tower to rent out. So whether you agree to it or not you are participating and bound to these kind of rules all the time. The only reason you are vocal about it now is because someone said Microsoft.

Nonsense. Zoning is a law, an EULA is not. Governments can impose arbitrary regulations on citizens. Private corporations cannot. An unsigned document written by microsoft is no more binding on you than a document I would write that says you must pay me one thousand dollars as a fee for reading this message.

Re:Why?!

[LWATCDR]

1. Not every place even in the US has zoning laws.
2. The EULA is not a law.
3. I bought my XBox from a pawn shop. I got no EULA and even if I did Shrink wrap EULAs are not binding.
4. From this site http://www.xenatera.com/bunnie/proj/anatak/xboxmod .html"Well, it's been about three months since I've posted anything significant. Half of that is I've been finishing my PhD thesis, and the other half is that I've been dealing with legal issues versus my work on the Xbox. Well, last week, I finished both my thesis, and I got a grudging thumbs up, so to speak, from Microsoft on my Xbox reverse engineering work. so...here I am, again."
So Microsoft has have decided it is not illegal.
And finally http://www.gcwf.com/articles/ipu/ipu_sum00_9.html "You are actually allowed by law to reverse engineer copyrighted code so long as it is necessary to discover the ideas or functional elements behind the code" So it is legal.
So if it is totally legal I would say that any question as to it's morality is dumb.

Re:Why?!

You should do that with your cat instead. Under English law you are responsible for your dog's or dogs' actions (but not cat's).

Slashdotted or what?

[lofoforabr]

Anyone able to RTFA? Fatal error: Call to a member function on a non-object in /home/groups/x/xb/xbox-linux/htdocs/w/includes/Obj ectCache.php on line 409

Re:Slashdotted or what?

Why would it be Slashdotted? We all read the article when it was first posted on Monday.

Re:Slashdotted or what?

[MWelchUK]

Mirrordot.org : Lazy Click Here.

How to fit 3 bugs in 512 bytes of security code

[CSHARP123]

Easy. Just put one bug in every 170.666666666666667 bytes and you will be done.

Re:How to fit 3 bugs in 512 bytes of security code

[Noaccess0]

512 bytes should be enough for anyone. (had to be said)

Re:How to fit 3 bugs in 512 bytes of security code

the site has been Slashdoted into Oblivion! :)

Re:How to fit 3 bugs in 512 bytes of security code

[rwise2112]

Yeah, Actually it's 3 times too much for MS!

Re:How to fit 3 bugs in 512 bytes of security code

Nah, that would require the security code to be 512.000000000000001 bytes long.

OK, OK, I'm an annoying bastard. :-)

What about hardware?

[AltGrendel]

I haven't finished RTFA yet, but I wonder if this will work with that "MS Appproved Hardware" initiative that I've read about.

Microsoft Consistency

[Blindman]

At least Microsoft provides the same level of security to it own hardware as its does yours. You can't accuse Microsoft of playing favorites.

Re:Microsoft Consistency

[FragHARD]

> So how is this any different from the rest of their programming? Personally when I write software for my hardware I do test it -- maybe not 100% but I do test the main branches of the code! I mean come on 512 bytes, I used to do assembler programs ten times as long and it would only take a couple of hours to test every possible function of the software !!!

Again!?!

I didn't read it the first time. I don't think I am going to read it the second time.

Tim

Sensationalist trash.

[AceJohnny]

Wow. Was it something in the coffee this morning?

First of all, it a dupe with another article in the games section.

Then it's wrong. The article isn't from wikipedia.

Finally, nice sensationalist terms:
- Oh noes, this code locked out GNU/Linux! Bad Microsoft!
- Hah, Microsoft can't even write 512 bytes of code without bugs!

Oh, and that last part was only the subtitle of the article, not the real title. But no thanks for pointing it out.

Read the interesting linked article, or the comments on the original post on games.slashdot, but this article here is exactly what I don't like seeing on Slashdot.

MOD PARENT UP INSIGHTFUL

[th0mas.sixbit.org]

If I had the points, I would. Precisely what I thought when I read the GP's comments.

Until you see xbox media center play media off a remote samba share, or you sit down and enjoy playing all your old console games in similiar environment (tv/couch).. you would say things like the GP. Afterwards you would shut your mouth and learn to mod your xbox.

Re:MOD PARENT UP INSIGHTFUL

A-freakin-men.

Modding an Xbox and pointing it at my RAID server full of family photos, home movies, occasional torrent-supplied TV shows that I've missed (no Tivo), my 85GB of MP3s, or live Shoutcast broadcasts off the internet was worth EVERY BIT of that 30...no... 15... no, wait... only 10 minutes installing the modchip. (Xenium S.P.Ice on a v1.6 Xbox.)

The amazing thing is -- Microsoft really could have easily made the Xbox do all this (and more) to begin with, and had a flat-out winner on their hands. They would have sold GOBS of them, and at a PROFIT instead of a loss (I would have paid $250 for one if it did what I wanted). Instead, the **AA circles overhead...

Best non-project I ever did... I spent more time putting the Xbox in my entertainment center and handcrafting some airflow assistance out the back to vent the warmer air than I did actually modding the hardware, installing BIOS, and necessary apps.

Interesting Read

[Shads]

That was really interesting, and while it's a dupe it's the first time I've come across it.

I hadn't really tinkered in my x-box's internals just due to lack of time (I had previous tinkered with my ps1 and n64 a bit.)

I'm an amateur when it comes to assembly but the way that was presented made it pretty much easily readable for anyone. Kudos to the peeps who made it available.

Re:Interesting Read

[jandrese]

The original was in the games section, it never made it to the front page. That's probably why you have never read it.

Re:Interesting Read

[interiot]

And yes, quadruple kudos to the author for taking the time to make all the technical details very accessible for a first-time reader.

Pointless

[Sinju]

All the security that they put on games is a waste of time and money... if people want to copy a game they are going to find a way to do so, nothing has stoped them so far.

Re:Pointless

[Nightspirit]

What are you talking about? The security stops everyone who does not have a modded xbox from playing copied games. Infact, the security is decent enough that you can't copy Xbox DVDs on your computer, you have to ftp from the DVD drive on the Xbox (which you can only do on a modded xbox). Sure, with a modchip you can bypass the protection, but what percent of xbox owners have a modchip or softmod? Likely the number is low enough to be insignificant. So it accomplishes exactly what they want it to do: stop the majority of users from copying games. By the way, anyone with a modded Xbox should check out the OSS (I believe) Xbox Media Center. It takes the Xbox to a whole new level.

Re:Pointless

[Sinju]

No clue where you live but around where I like it seems everyone has a modded xbox. Guess I just live in a hacker zone or something.

Mirror

[melvin22]

Mirror here

You're a dupe yourself

http://hardware.slashdot.org/comments.pl?sid=15882 1&cid=13303218
http://hardware.slashdot.org/comments.pl?sid=15882 1&cid=13303209
http://hardware.slashdot.org/comments.pl?sid=15882 1&cid=13303204
http://hardware.slashdot.org/comments.pl?sid=15882 1&cid=13303198
http://hardware.slashdot.org/comments.pl?sid=15882 1&cid=13303177
http://hardware.slashdot.org/comments.pl?sid=15882 1&cid=13303176

Nice to read...

[AchilleTalon]

Microsoft has managed to include only three bugs, after all, they had a whole 512 bytes to include much more.

good news!

[justforaday]

Good news everybody! Apparently according to the new editorial standards set forth by CmdrTaco himself, every site that runs on slashcode can now be referred to as Slashdot! This should help line his pockets further so he'll be able to pay even less attention to his own site (as if that's possible)...

only 3?

[l0rdpestilence]

Only 3 bugs. Out does my GPL/GNU/Linux pos open office do dad with 50 thousand bugs , poor library management, crap fonts. I may go Microsoft after all. Microsoft rules, linux sucks, cause every os sucks--and blows, at the same time

dupes explained

[capicu]

A user is desperate to get his 15 mins by getting his story on the front page. He has tried and failed. A lot. So, he waits for a story to pass that won't be too high profile, and researches it, sticks with it for a while, looking for something different to say about it.

Then he either waits a month or two, or submits it when he thinks a different editor will see it.
Slashdot has a vulnerability. People are abusing it. Get over it.

double whammie!

[Qnaal]

and that's how xbox-linux.org got slashdotted twice

Nah...

[scsirob]

... It equals their handicap

Re:Dupe- thank god!

thanks for the repost, man....I almost missed an important piece of geek wisdom so I could have sex.

no..seriously...this is important.

and I almost missed it.

because I was having sex.

with a girl.

man..I wish I could have caught that it was a dupe so I could be recognized for the important accomplishments in life!

It also exposed....

[cant_get_a_good_nick]

the hidden dupe code of the Slashcode...

Dupity Dupe Dupe Dupe

[Moryath]

Dupe Dupe Dupe

I wonder

[bornyesterday]

how many times slashdotters can say both "dupe" and "just because it's wiki doesn't mean it's wikipedia" for the same article.

Re:I wonder

[jpetts]

Meta-whining: coming soon to a Slashlog near you...

Re:I wonder

[Idarubicin]

how many times slashdotters can say both "dupe" and "just because it's wiki doesn't mean it's wikipedia" for the same article.

At least once more, apparently....

Re:I wonder

[lawpoop]

I wonder how much metacommentary there will be about these issues...

Re:I wonder

Meta-meta-whining : Feeding a vicious cycle of faux-witty gen x humor since 1992

Curses, foiled again.

[doublem]

Well, there goes my plan of using a fleet of Xbox2s as a render farm to compete with Wetta.

I guess I'll have to go back to scrounging parts from the MIT Flea.

*frwooomp*

[Akardam]

Neeeeeeoooooobody expects the Slashdot editors! Our chief weapons are laziness, laziness and corporate shilling, our *two* weapons are laziness and corporate shilling...

oh, I give up.

Re:*frwooomp*

Instead of griping about the dupes the overworked editors allow through why not volunteer to help them out with an extra set of eyes and a few minutes a day?

Oh wait... that's been tried. Volunteers need not bother.

Re:*frwooomp*

Why should I volunteer when the "Editors" are getting paid to supposedly "Edit?"

Dipshit.

Re:*frwooomp*

Why should I volunteer my efforts for a neighborhood watch when the police are paid to watch out for crime for me?

Lazy, selfish mooch.

Re:*frwooomp*

[millette]

Ah, the police and slashdot editors, working (or not) hand in hand. Just what the world needs, really, I'm dead serious.

But one editor...

[doublem]

I don't know. From what I've been told, one editor named after a mexican dish looks smashing in a cocktail dress and red garters.

Re:Pointless... Or is it?

[GecKo213]

All the security ... is a waste of time and money...

I'll give you a personal example of why it works in their favor, and perhaps why they continue to put time and money into securing their product.

I used to support Windows 95/98/ME/2K and XP (after it came out) for Microsoft before they decided to move everything to India. (Right about that time I decided that if I didn't want to move to India to keep my job I had better make a few changes and have since left the IT industry) Right as XP was released they gave us all our own copy of XP Pro. I took mine home and installed it so I could actually use it at home while supporting it. (I think that was the whole reason that they gave it to us in the first place) Not too long after that, there was an "internal" release of the "devils own" version of XP. No Activation, No Calling Home, and no problems. I promplty thought, "I need this more than the legit version they gave me..." and installed it the same night that I got a copy of the CD from a coworker. I've been running the internal version of XP ever since and have to date installed many many programs and games and went on with life as usual. I was able to update to SP1 with no problem, and with a little tweaking (Information available online) able to upgrade to SP2. This last little upgrade that won't allow me to use Windows Update unless I'm "legit" happened to stop me from receiving the most recent security updates. I don't want to become part of some Zombie Network etc and know that constant updates help narrow the chance of those problems. Being unable to update my computers security vulnerability I finally threw my hands in the air and gave up. I ran a repair install and put my original product key in and now everything is just fine.

My point is just this. I had a fully usable copy of Windows XP that happened to be "hacked" for lack of better terms and was happy with that. In fact, I was almost proud that I was using the internal (illicit) version vs. the legit version that they had freely given me. Being unable to update from here on out just bothered me and I didn't want to waste a whole lot of time and effort to sidestep the new security that MS had added. I had to go throught he hassle of a recovery reinstall over my current install just to add the legit product key to allow me to update. Now I'm legit again and happy that I won't have to worry about circumventing the system anymore.

Point Being: Sometimes people get tired of bucking the system. (FYI, I have a dual boot setup with Linux on that PC and the same OS dual boot on all of my other computers in the house.) I still like to play games on Windows however and so XP is staying for the time being. I just got tired of having to work around Micrsoft's attempts to stop me from using their OS "illegally". Even though there are always going to be ways around the MS blockades, I don't want to fight it anymore and so have given in.

Microsoft must be thinking: "If you slow people down enough and enough times, some of them may end up just giving up."

They Can Do Better Than That!

[ficken]

Im sure that M$ has managed to put more bugs than that in 512 bytes before (ie: WinXP pre-SP1).

Chain of trust?

It's actually called 'circle of trust' and once you're out it's extremely hard to get back in, I hear.

For best results...

[raehl]

Use small bugs, like gnats.

Re:Pointless... Or is it?

[Sinju]

Yes that does seem to work in some cases... I have always used Legal verions of windows cause I have never wanted to deal with any of the problems like that but there are and always will be those who don't really care, don't have the money, are board and want something to do, and will use illegal verions of anything they can get their hands on. But I was mainly talking about Games... security on games is a waste of time and money because most of the people play games seem to want to hack them anyways in some way or another. Things like Operating systems though I do agree that it is not a waste of time and money, they should try to add more security to operating systems and whatever else but games is a totally different catagory.

These things are COMPLEX.

[WWWWolf]

"While the CPU initialization can be done in less than 150 bytes, the initialization of the chipset and RAM, if done completely, will require more than 1000 bytes of assembly code."

And at this point me, the old C64 coder, just went "ewwwfffh." Back in the day, you could do all of the CPU and RAMbank initialization you wanted with five bytes! (lda #%whateverbitmask; sta $0001) And memory initialization was simple, ummm... 9 bytes + 3 bytes per 256 bytes of memory cleared. (lda $00; ldx #$00; .clrloop: sta $c0000,x; sta $c100,x; ... ; inx; cpx $ff; bne .clrloop)

PC hardware is monstrously complex. No wonder people no longer code in assembly. =)

Re:These things are COMPLEX.

You conveniently overlooked the chipset part of the init. That'll require specific values and could be a considerable number of registers.

You 9 bytes sounds like rather a lot. Although my Z80 has long since been forgotten, moving stack to top mem, loop of pushing 0 on to the stack, set stack to wherever, should be 7 bytes. Using the slower LDIR will be around 5. Speed vs memory eh?

For your info, x86 only has 3 general purpose registers. Shit as 6502/10 or what!

Re:These things are COMPLEX.

[Poromenos1]

And memory initialization was simple, ummm... 9 bytes + 3 bytes per 256 bytes of memory cleared.

How much is that for a few hundred megabytes of memory? :)

Re:These things are COMPLEX.

[WWWWolf]

How much is that for a few hundred megabytes of memory? :)

If you had looked at the code with a feeling, you might have noticed it was "3 bytes per 256 bytes of memory" only because the loop register is 8-bit. 6502 family had only 8-bit registers. =(

One might guess that this amazingly leet Intel hardware has a bit longer registers, like, oh, 32 bits or something, which would make memory cleanup so much more efficient, like 4 megs per 3 bytes or something. And this is an extremely simple algorithm too, could be improved to take advantage of the processor's advanced features...

Still, I wonder what this article rambles about putting the machine into "stable state" and checking that the memory works properly. My 64's memory works without asking, and it still does!

Re:These things are COMPLEX.

[Urchlay]

lda $00
ldx #$00
.clrloop: sta $c000,x ; fixed obvious typo, was $c0000
sta $c100,x
;...
inx
cpx $ff ; another typo: should be "cpx #$ff"
bne .clrloop

Your "cpx $ff" compares X against the contents of location $ff. Probably not what you intended :)

As written, that won't zero out location $c000 through $c1ff anyway. It doesn't touch $c0ff or $c1ff (the loop terminates when "inx" increments X to $ff, *without* zeroing anything).

Get rid of the "cpx" entirely. Then, the "bne" won't branch until "inx" causes X to wrap around from $ff to $00, which is what you wanted.

Still, 2 typos and one real bug for 7 lines of assembly is not bad, if (as I assume) you're out of practice :)

Re:These things are COMPLEX.

[Poromenos1]

Because everyone on /. knows asm.

Wait, isn't that a Fark cliche'?

[larsoncc]

Everytime you masturbate, a Slashdot dupe is posted.

So, basically, A LOT.

Re:Wait, isn't that a Fark cliche'?

[Fulcrum+of+Evil]

Everytime you masturbate, a Slashdot dupe is posted.

Nah, there'd a whole lot more dupes then.

Re:Wait, isn't that a Fark cliche'?

A constant stream...

Btw, Dead Milkmen++.

modding hardware you own

Soon you will be "licensing" the hardware from MS.

Internal ROM is cheap!!

[mrm677]

The article explains how having lots of internal ROM in an IC is expensive.

The is absolutely false. I worked on a cellphone product in which the main IC (DSP, MCU, etc) had 4k of internal ROM. The cost of the entire part was less than $15 and remember, this included _all_ of the digital circuitry.

You can easily have more than 512 bytes of internal ROM.

Can't you read?

The masthead says "news for nerds." If you don't understand why somebody might want to reverse engineer his car stereo so he could install Linux on it, you're at the WRONG website.

An actual on-topic comment

[kurtkilgor]

So, I have a question actually relevant to this article. The article says that the CPU was supposed to jump to address FFFF_FFFF, turn off the ROM, then roll over to 0000_0000, where the CPU would throw an exception thus halting the CPU. However, says the article, the CPU does not in fact throw an exception in this case.

So my question is, how did the hackers who reverse engineered this code conclude that it was supposed to trigger an exception? It seems hard for me to believe that the MS engineers would base their entire security mechanism on a feature of the CPU that didn't actually exist.

Re:An actual on-topic comment

[Geoffreyerffoeg]

Just a theory...IIRC, the Xbox processor is slightly customized, right? It's not the generic off-the-shelf Celeron? So I suppose that when MS was asking Intel to make Xbox processors, Intel asked the MS guys, "Do you need it to throw an exception when the instructioon pointer overflows? We can make the chip slightly cheaper by removing that feature." MS thought for a second and said, "We're putting security on all the code that goes in, so we can watch for that feature. Besides, the users can't do anything if the CPU halts in a commercial game; it may as well overflow and crash that way. So no, we don't need that feature." And they forgot to ask their security team itself, who was relying on that feature, which was present in the development systems only.

From the article:
Apparently the i386 CPU family throws no exception in this case, Microsoft's engineers only assumed it or misread the documentation and never tested it.

Does anyone know which CPUs actually throw exceptions? I have a feeling the security team tested their code on one that did.

Re:An actual on-topic comment

[The+Moving+Shadow]

The 2BL (bootloader2/secondary boot loader) is responsible for decrypting/decompressing the main KERNEL image and 'jumping' to it.

When 2BL starts, it is executing in a CPU address region from 090000-095FFF. It first sets up some simple page-tables (with what appears to be a one-to-one mapping of virtual to physical addresses), copies itself to CPU address region 400000-405FFF, enables paging, then 'jumps' to the copy of 2BL that it created based at 400000.

Next, the MCPX internal boot sector is 'hidden' (since it is no longer needed), and the PIC 'watchdog reset' is disabled (without doing this, the PIC chip will force a CPU reset after approximately 200ms of execution). The original decrypted copy of 2BL at CPU addresses 090000-095FFF is erased.

Some unknown initialization of video registers (memory-mapped based at CPU address FD000000) is done next, followed by some unknown PCI initialization.

Now for the 'guts' of 2BL: validation/decryption/decompression of the KERNEL.

The encrypted/compressed KERNEL image is located in Flash, "below" the KERNEL initialized data segment, which is located just "below" the encrypted 2BL (which starts at CPU address FFFF9E00). The size of the compressed KERNEL image is stored at offset 005FD8 into the 2BL, and the size of the KERNEL initialized data segment is stored at offset 005FDC into the 2BL. Using this information, the 2BL can find the start address/size of the encrypted/compressed KERNEL image.

First, a SHA-1 hash validation is done on the encrypted KERNEL image. The hash also includes some other items, like the RC4 key used to encrypt/decrypt the KERNEL, the unencrypted KERNEL initialized data segment, and the beginning of the Flash image up-to/including the MS copyright message (MCPX initialization, X-code, etc). The hash is compared against a 20-byte stored digest at offset 005FEC-005FFF into the decrypted 2BL image.

Next (assuming SHA-1 has was valid), the KERNEL image is decrypted to a temporary RAM buffer using an RC4 key stored at offset 00008C-00009B into the decrypted 2BL image. Note that this is not the same RC4 key that was used to decrypt the 2BL.

The KERNEL image is then decompressed to RAM starting at CPU address 80010000. The compression used for the KERNEL is a modified ".cab" (Microsoft CABinet) compression. See the Microsoft CABinet SDK for more detailed information (http://msdn.microsoft.com/library/en-us/dnsamples /cab-sdk.exe).

CAB compression allows for different types of compressions. The compression used for the KERNEL is "tcompTYPE_LZX" (Microsoft LZX). The CFHEADER, CFFOLDER, and CFFILE structures have been eliminated (since it's a single 'file') - only the CFDATA section is used. A slight modification to the CFDATA structure has been made: the 32-bit checksum ("u4 csum") stored at the start of each block has been eliminated. What remains are "cCFData" blocks of compressed data: each block starts with a 16-bit size of compressed data ("u2 cbData"), 16-bit size of uncompressed data ("u2 cbUncomp"), followed by a stream of "cbData" compressed data bytes.

The 2BL knows the value for "cCFDATA" (number of compressed CFDATA blocks) by adding-up the "u2 cbData" values from each CFDATA block header, until the total is equal to the total compressed KERNEL size (found at offset 005FD8 into the 2BL).

The decompressed kernel is a PE-format executable ('xboxkrnl.exe'). Once decompressed, the 2BL grabs the entry point address from the PE header and jumps to it. Two arguments are passed to the kernel entry point function: a pointer to string 'arguments' to the KERNEL (only used in debug kernel), and the base address of two 16-byte encryption keys. One of the keys is the EEPROM key (offset 00006C into 2BL), the other is the certificate key (offset 00007C into 2BL).

Re:An actual on-topic comment

[Lothsahn]

That's gotta be one of the best trolls I've seen lately :)

Comment Dupe...

[Jack+Johnson]

I've seen nearly identical snide "Dupe!" comments at least 10 times in the last year.

Slashdot posts dupes. So the fuck what? Get over it already.

Personally, I didn't even see the original posting on this story and I'm thankful for the dupe. I doubt I would have found this interesting article otherwise.

Re:Comment Dupe...

The commenters aren't getting paid well to "edit" and post pre-written submissions at the brisk rate of 10 or so per day.

The "editors" are.

Re:Comment Dupe...

[Mr2001]

Slashdot posts dupes. So the fuck what? Get over it already.

Some people are Slashdot subscribers, and they're rightfully upset when they still have to deal with bottom-of-the-barrel editing work on a site they pay for.

The real lesson here is: don't pay for a subscription. If you want to hide the ads, there are ways to do it for free. If you want to see the next story minutes before non-subscribers do, just let it go, it's probably a dupe anyway. ;)

Re:Comment Dupe...

I've seen nearly identical snide "Dupe!" comments at least 10 times in the last year.

Slashdot posts dupes. So the fuck what? Get over it already.

Personally, I didn't even see the original posting on this story and I'm thankful for the dupe. I doubt I would have found this interesting article otherwise.

*your friendly anonymous coward*

Secure to most

[JamesR2]

Remember, security is layers and each layer protects against certain hackers. Sniffing and understanding communication between chipsets is way beyond the average hacker. And, to date, I cannot place a disc in my XBox and turn it into something else without opening the case ... so in my opinion, it is still secure.

Re:Secure to most

[Stanneh]

Just becouse you cant do that it doesnt meen it cant be done easilly with a tiny bit of reading all you need to do is transfer a gamesave to your memory card from your pc (A very simple task)then place 1 of 3 games i know if 007 agent under fire,mechassault and splintercell then boot the game load the gamesave linux gets installed and MS security gets owned.

Re:Secure to most

This is known as soft-modding, and it's very easy to do. I've put 320 GB hard drives in XBoxes with softmod exploits. I've done over 18 now with just about every variety of XBox out there.

Re:Secure to most

[oldwolf13]

>> And, to date, I cannot place a disc in my XBox and turn it into something else without opening the case ... so in my opinion, it is still secure.

Actually, you can... using a save game exploit... sure you need it on a memory card, but that's not hard, and opening the case is not required.

Check out www.xbox-scene.com for good tutorials on how to do this... it involves a retail game (I think there are 3 or 4 that work), so I see your point.

The XBox hasn't been fully cracked... it's been exploited in a few ways. Thank god however... I wouldn't own one if I couldn't use XBox Media Centre on it.

Incidently, I won't buy a PS3 or XBox360 unless I can run whatever code I want on them.

Re:Secure to most

[JamesR2]

Hmmm ... maybe. Those are flaws in the game code, not the Xbox hardware. So, still can't do anything without opening the case. However, point taken, it would be another layer of security to check the game code. Here is a question; are there devices out in the wild that ARE more secure than the Xbox?

ROFL, but

you have to get Nickelodeon or be pretty "long in the tooth" to get the joke. It's a good one, 'though.

p.s.: or Identical cousins or identical Cheese-Hostesses (Google is your friend)

Why?

[Locke2005]

512 bytes is a very small amount of code (it fits on a single sheet of paper!), compared to the megabytes of code contained in software like Windows, Internet Explorer or Internet Information Server. Three bugs within these 512 bytes compromised the security completely - a bunch of hackers found them within days after first looking at the code. Why hasn't Microsoft Corp. been able to do the same? Why? Uh, maybe because they simply don't give a shit?

Re:Why?

Or its because their programmers are farmed out in another country, and they just don't understand anything beyond 'code this to do this' and do not research and test properly.

Re:Why?

What does it matter *where* they are 'farmed'. Plenty of bad programmers in any country, let me tell you...

huh?

"The Xbox is an IBM PC, i.e. it has an x86 CPU. "

I didn't know PPC was x86....

Stupid article.

Re:huh?

[skepticult]

Pssst, the Xbox has a 733Mhz Celeron CPU.

obfuscation engineering

[fdisk3hs]

Well, this is the first time I saw this article. I can't believe they made a virtual machine to handle cpu init only! I found this very insightful into Microsoft.

I used to have conspiracy theories that when MS was going to release a build, they ran an obfuscation script to inject random code. Like copying values around in memory, values that were never used for anything, etcetera, as reverse engineering-quelling techniques.

After using Unixes for a while I began to think that it would be just too much work to reverse engineer Windows, so such techniques were just unnecessary. If you can't buy Windows or run CE for your platform, just use another toolkit and OS.

Reading the amount of work they did to break running normal x86 binaries on their custom PC, the conspiracy theories are coming back.

I also think it's insightful that, instead of say more OpenGL optimizations or more security work, they paid engineers to develop these obfuscation techniques. What does that tell you about them?

Their still grudgingly trying to sell black boxes, whether software or hardware, that buyers will be helpless to work with without them. How can you still think that will work?

When people are using Nokia devices with Linux or whatever the future holds, Bill 'Monty Burns' Gates will still be refusing to get entangled in building or selling anything that he doesn't have total lock-in on. And the tar pit will swell up around him, and he'll join the other dinosaurs.

Re:Microsoft Owns Your XBox

[mpapet]

and the code running on it.

When you bought the xbox, you likely bought a LICENSE TO USE the box to play games, you did NOT get a license TO BREAK their system or use it in a way Microsoft can't capture your money. Just like you don't own MS Windows if you use it. You bought a license for your personal use.

It's precisely because you have no philosophical objection to TCPA devices that the emininent demise of user-modifiable devices is coming quickly. User modifiable devices threaten mega-corporation's ability to maintain control of their property. The political/economic environment will continue to eliminate devices and their manufacturers that mega-corporations can't control.

There is nothing new going on here! This was happening way before DMCA. It's a very simple process, you buy products for a very narrow and well defined purpose of entertainment or productivity. For example, Sony doesn't give you all rights to their movies and games when you buy one. They limit your rights by letting you be entertained by them in your own home among many other very strict conditions.

It's SO sad there are at least 5 people who can't understand a more complex notion of ownership and act indifferent to the extreme limits and controls being forced onto them.

Professing outrage about the DMCA (or any other matter) and it's limitations and doing NOTHING about it is the new american way. Enjoy the new america you have chosen to make for yourself. Sad sad sad.

If Microsoft Owns Your XBox

[einhverfr]

Then if I smash the XBox I buy with a sledge-hammer, am I guilty of vandalism? After all, I just destroyed Microsoft's property, right?

Furthermore, if I mod it to run Linux and Apache, does Microsoft *really* have any recourse under the DMCA? After all I am not *accessing* their copyrighted code. I am *replacing* it. IANAL, but I think that the Lexmark case might have some relevance here.

Personally I disagree with you in that I don't think that user-modifyable devices are in danger of demise. I think that there will always be a strong market for such devices, and we need to do a better job of selling them. But the market will exist and unless legal mandates exist preventing user modifyable devices from existing, then I don't think there will be a problem.

I am more optimistic than you are. I think that it is just fine for the Studios to be involved in DRM, etc. I think that the tyrany which they excersize over the mind of man will come back to haunt them becuase not only will the market react against them (which it has been doing) but also this will provide incentives to build an open alternative.

Open Source happend before Open Music because software licenses were more intrusive. With the music companies trying to emulate the software industries, they are creating a market for any good entrepreneur who wants to create such a business.

Call me naive, but I think that it is one of the deepest drives of man that he be free. This doesn't necessarily mean anarchy, but it means being free from the fetters which unduely restrain that liberty. Think of how one feels when micromanaged at work or face to face with DRM restrictions. That drive for liberty is undying and, though greed can pervade the world from time to time, it is in its eternal nature stronger than any other drive.

Trusted Network Connect

[tepples]

Personally I disagree with you in that I don't think that user-modifyable devices are in danger of demise.

True, but user-modifiable devices that can be connected to the Internet are in danger of demise. Alsee explains how.

Re:Trusted Network Connect

[einhverfr]

I don't think so. His article seems to focus entirely on content providers and proprietary softeware vendors. These aren't the only players in the industry, and in many markets including those most critical to the internet (ISP's), they aren't nearly as powerful today as FOSS.

Even if Microsoft is on track with such a plan, I would contend that it is simply too late. There is too much invested in FOSS from governments to big companies (many of which dwarf Microsoft) to make this happen.

Think about it.... If 10 years ago, the IETF proposed a RAND policy who would have said "What about FOSS?" Today, this *is* the issue regarding several "open" standards organizations including OASIS. And it is highly controversial. FOSS has become a force to be reconned with and I don't see that changing.

Re:Trusted Network Connect

[tepples]

His article seems to focus entirely on content providers and proprietary softeware vendors. These aren't the only players in the industry, and in many markets including those most critical to the internet (ISP's), they aren't nearly as powerful today as FOSS.

Sure, under a Trusted Network Connect setup, you'll still be able to use software that has been distributed as free software, but you'll only be able to connect to the Internet using binary builds that your ISP has approved. Or you might be under the situation where a machine behind a T1 ($$$) can operate with un-"trusted" software, but both the local telco and the local cable company require TNC on all client machines behind a residential connection.

There is too much invested in FOSS from governments to big companies (many of which dwarf Microsoft) to make this happen.

Big companies have the clout to get ISPs to "trust" their builds. Residential users don't.

FOSS has become a force to be reconned with

Assuming that by "performed reconnaissance" you really mean "reckoned", the publishers of proprietary software and other proprietary works of authorship have even more dollars to lobby with than the publishers of free software. This lobbying doesn't have to be to governments; it can also be to ISPs.

Re:Trusted Network Connect

[einhverfr]

This lobbying doesn't have to be to governments; it can also be to ISPs.

Hmmm... On the proprietary side (i.e. lock out FOSS side) we have Microsoft, Adobe, Macromedia (possibly), and a few others.

On the side of the businesses who are now dependent on the future of FOSS, we have IBM, Novell, Cray, SGI, Sun, RedHat, HP, etc.

As neutrals, we have AMD, Intel, etc.

So who would you bet on? Microsoft/Adobe/Macromedia or IBM/Novell/Cray/DGI/Sun/RedHat/HP?

Personally I really don't see Trusted Network Connect going anywhere in the near future. It really serves no purpose really. Really....

Everything that it does can be handled via TCPA from a content provider's position (think Universal/MGM/etc), so the MPAA/RIAA really have very little reason to pursue it.

Similarly, most ISP's internally run a combination of Linux and *BSD. Licensing for Windows becomes prohibitive in this market fast. The very competitiveness of the market will prevent vendor-dependence in this area.

As I say, the *only* way to kill FOSS in this way is to change the law first. The Consumer Broadband Internet Protection Act or whatever it was called was such an attempt and we see what happened to it. Even Microsoft opposed the law.

I am not saying we need not be vigilant. But I am saying that with even minimal effort, we can block any such plans.

Re:Trusted Network Connect

[tepples]

On the side of the businesses who are now dependent on the future of FOSS, we have IBM, Novell, Cray, SGI, Sun, Red Hat, HP, etc.

Of course, providers of combinations of hardware with free software can make a lot more money by specifying that only those kernel builds authorized by IBM, Novell, Cray, SGI, Sun, Red Hat, HP, etc. are "trusted" for use with major ISPs' networks. Besides, even if they want their customers to make full use of the freedoms under a free software license, these companies market products largely to businesses, not to residential customers, and ISPs are more likely to enforce mandatory use of Trusted Network Connect for residential customers behind a DSL or cable connection than for business customers behind a T1 or T3 connection. (Before you mention ThinkPad, recall that IBM has sold off its PC business to Lenovo.)

Personally I really don't see Trusted Network Connect going anywhere in the near future. It really serves no purpose really. Really.... Everything that it does can be handled via TCPA from a content provider's position (think Universal/MGM/etc), so the MPAA/RIAA really have very little reason to pursue it.

True, the part to keep a given work-other-than-a-computer-program locked to a given customer's own playback device(s) can be done with only using "trust" at each end of the connection, but that's not what TNC is marketed for. TNC is marketed to keep spam, viruses, and spyware off a given network, and it is being marketed to ISPs and universities to keep their residential customers from causing problems with spam, viruses, and spyware. Besides, at least one major movie studio's parent company (Time Warner) owns a major dial-up "ISP" (America Online) and a major cable ISP (RoadRunner).

Similarly, most ISP's internally run a combination of Linux and *BSD. Licensing for Windows becomes prohibitive in this market fast. The very competitiveness of the market will prevent vendor-dependence in this area.

"Trusted" Computing is not tied to a particular brand of operating system. TNC requires only that the network owner (e.g. an ISP) has authorized use of each particular program capable of communicating over the network. Such programs could include the specific version of *Linux used by the ISP, the specific version of *BSD used by the ISP, and the latest version of Microsoft Windows.

As I say, the *only* way to kill FOSS in this way is to change the law first.

Even without TNC, the law that may kill free software was first put in place before the year 1800. It's called the Patent Act.

I am not saying we need not be vigilant. But I am saying that with even minimal effort, we can block any such plans.

Problem is that once the support for "Trusted" Computing is present in 90 percent of home computers, local monopoly or duopoly ISPs will be tempted to make their residential networks TNC-only so that they can advertise "spyware protection and virus protection". How do we block ISPs from succumbing to this temptation?

Re:Trusted Network Connect

[einhverfr]

Problem is that once the support for "Trusted" Computing is present in 90 percent of home computers, local monopoly or duopoly ISPs will be tempted to make their residential networks TNC-only so that they can advertise "spyware protection and virus protection". How do we block ISPs from succumbing to this temptation?

The duopoly threat is fairly substantial, I think, no thanks to the FCC and their deregulation of DSL services. Or at least it is in most locations.

At least in Rural Central Washington (at least in Chelan, Douglas, and Franklin counties, and I suspect in others as well) we are in no danger of having dupolies emerge. Sure Verizon might be the only place to get DSL, and Millenium Digital might be the only cable modem vendor, but the county has purchased not only the power dams from the Bonneville Power Administration but also the fiber infrastructure linking them. They have used the dark fiber to provide open and competitive access to consumer and business broadband markets by using them to connect customers to ISP's.

I would like to see this modem expanded elsewhere, where local counties start laying fiber to people's homes and businesses (or at least, as in Franklin County, allowing WIFI-based access to the system), and then allowing ISP's to sell broadband over this infrastructure. These networks are a common good and we need to promote them as such. PUD-based broadband internet projects should be used to encourage real competition, rather than add a single entrenched player to the market. If we can retain competition in the ISP space, TNC doesn't stand a chance. If not, we may be on our own...

Europe: Xbox by landslide

[tepples]

Sure, Microsoft is doing surprisingly well in NA, but Japan is a different story.

In Europe, only old people have a GameCube. Here's the battle for the #2 console as I see it:

• Japan: GameCube by landslide
• North America: Xbox by slight margin
• Europe: Xbox by landslide

Bring out your obsolete...

Bring out your obsolete stories...err, x-boxen

Why even bother?`

Seriously, Microsoft, just stop trying to protect your hardware/software. The second you guys release it, you will have an MASSIVE ARMY of hackers descend upon it and tear it to pieces, while laughing at feeble copy-protection attempts. And if said protection would block, for instance, Linux, you;'ve got a whole NEW army going after it too. Just not worth it, Bill. You're only making it worse for yourself.

Slashdot is *so* over

[fm6]

It's dumb that the submitter doesn't know the difference between a Wiki and Wikipedia. It's sad that the editor didn't catch this. It's utterly, hopelessly, painfully ridiculous that the editor in question is Rob Malda himself.

Go see your Youthasizer!

[WgT2]

You seem to have "a serious case of old."