Slashdot Mirror

← Back to Stories (view on slashdot.org)

Xbox 360 Kiosk Demo Spurs Hackers

Posted by Zonk on from the i-wish-i-had-that-kind-of-free-time dept.

An anonymous reader writes "Those hackers from team PI have released the Xbox 360 experience kiosk demo disc as an ISO. They say this demo contains no media protection and therefore it will run on the Xbox 360 when burned to a DVD-R disc. The disc contains playable demo's on the disk such as Call of Duty 2, which could also be hackable, as PI speculates."

161 of 229 comments (clear)

  1. Not suprising... by Ruff_ilb · · Score: 5, Insightful

    But -

    Won't we have demo disks released soon enough? I doubt OXM, among other publications, will pass up on making demo disks.

    Besides, can't demos and media be downloaded from Xbox Live as is? I didn't get my hands on a 360, but this is what I've heard.

    --
    http://www.TheGamerNation.com/Forums
    1. Re:Not suprising... by pjh3000 · · Score: 3, Informative

      They're out now! The January 2006 issue of OXM has a demo disk that works on both the original Xbox and the new Xbox 360. Probably possible because they both use different file extentions for the default file.

    2. Re:Not suprising... by Rectal+Prolapse · · Score: 1

      Someone could modify the code on the demo executables themselves and get an exploit in that way. Any thoughts?

    3. Re:Not suprising... by SScorpio · · Score: 5, Informative

      From what I saw on the magazine rack, OXM is already offering a disk with playable Xbox 360 demos. What is getting the hackers excitied is that the files on the demo disk are not encrypted, and they are signed to boot from seemingly any type of media. This disk can is going to be used by hackers to determine how the 360 authorizes a game to be booted and with what kind of media. They can know figure out what signals are different and produce a modchip that will allow backups to run. This is the second step in opening up the 360 to run any code. The first was figuring out the format files are laided out on the disk with, and this was cracked and reported on earlier.

    4. Re:Not suprising... by Ruff_ilb · · Score: 1

      Regardless of where the demo comes from, it's going to be hacked.

      Also - Is there protection on the OXM demo disk?

      Although - We all know this is a moot point. The Xbox 360 will be hacked, cracked, modded, etc, no matter what happens. This is simply expediting the inevitable.

      --
      http://www.TheGamerNation.com/Forums
    5. Re:Not suprising... by matth1jd · · Score: 5, Informative

      There have been demo disks circulating for sometime (also media check free). So while these demo discs may have no media checks that doesn't mean that the executables are not signed.
       
      As I understand it the media check basically lets the 360s hypervisor know what media the executable is allowed to run from. Demos do not have these media checks as they may be downloaded and run from the hard disk, or run from DVD.
       
      Obviously only signed code was intended to be run on the machine, the absence of a media check does not mean the executable isn't signed. In fact anyone would be incredibly naive to think that the executables were not unsigned.

      All in all I don't think we're any closer to modding the 360. This hacker group also released an Xbox 360 iso extraction tool which amounted to nothing. It turned out that any of the existing Xbox iso extraction tools could do the exact same thing. It's just alot of smoke and no fire.

    6. Re:Not suprising... by matth1jd · · Score: 2, Informative

      Obviously only signed code was intended to be run on the machine, the absence of a media check does not mean the executable isn't signed. In fact anyone would be incredibly naive to think that the executables were not unsigned. That should read : In fact anyone would be incredibly naive to think that the executables were not signed.

    7. Re:Not suprising... by matth1jd · · Score: 1

      Of course it boots.. the executables are still signed and therefore allowed to run.

    8. Re:Not suprising... by apoc06 · · Score: 2, Interesting

      yes the executables were probably signed, but in making copies you still have a copy of the signed exe, what stops media from directly running is the media check. normally, if its not the official format, if the dummy sectors are absent and the filesystem is correct, or if its not the official media of MS, it still doesnt run the code. its traditionally a three way check. thats not the case here though. here two parts of that are missing.

      whats really important here, is to know that games can be run from different sources; its not limited to a certain form of media. therefore you can run from a backup copy of your disk, or possibly even a harddrive. microsoft probably enabled the drive to accept any form of media disk [at least for certain titles like this] just in case they DO decide to move ahead with the HD-DVD drive. by the time they started manufacturing x360s the HD-DVD spec wasnt even done; thus they probably enabled this to future-proof the console, if they ever decided to change their minds and release hd-dvd versions of games or interactive media.

    9. Re:Not suprising... by Rectal+Prolapse · · Score: 1

      I later read that the executables themselves are probably signed...so I guess it won't happen any time soon!

    10. Re:Not suprising... by matth1jd · · Score: 1

      I agree that it's important to know that games run from multiple sources and that the media check doesn't need to be present for an executable to be run. Still need to be able to execute unsigned code though - or figure out how to sign executables for there to be a soft mod.

    11. Re:Not suprising... by irc.goatse.cx+troll · · Score: 3, Interesting

      All you need is a buffer overflow in some signed code and you can jump to your unsigned-loader. There are ways around this of course, but gaming hardware cant really take that kind of speed hit on execution time.
      I think phantasy star online for the dreamcast was the first major buffer overflow, which persisted in the gamecube version. Then there were the memory card savegame buffer overflows, and many more.

      --
      Pain lasts, kid. Its how you know you're alive. Sometimes I think this growing up thing is just pain management-TheMaxx
    12. Re:Not suprising... by Parham · · Score: 1

      That's what "meta moderating" is for ^^;

    13. Re:Not suprising... by Ruff_ilb · · Score: 2, Insightful

      They probably thought someone ELSE was trolling by correcting the parent's post.

      --
      http://www.TheGamerNation.com/Forums
    14. Re:Not suprising... by assassinator42 · · Score: 1

      Can anyone who has a 360 tell me if the Full Auto demo is available in the market place? Why don't they have all the released demos on Live for free?

    15. Re:Not suprising... by mrchaotica · · Score: 1

      Yeah, but making [backup... right?] copies of signed programs (e.g. commercial games) is only half the battle. They need to figure out how to run unsigned code anyway, because that's what allows community-written software (e.g. Xbox Media Center) to run.

      --

      "[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz

    16. Re:Not suprising... by alienw · · Score: 4, Insightful

      Not to mention, if the disk is not signed or encrypted, it would be trivial to make the xbox run arbitrary code. It is then possible to do just about anything. Of course, it is most likely that Microsoft will fix this exploit with a software update/hardware revision.

    17. Re:Not suprising... by ianpatt · · Score: 4, Interesting

      Microsoft actually supports this method of running executables - the xbox emulator update for the 360 can be installed just by downloading a default.xex from their website and burning it to a DVD. Nothing special there.

      http://www.xbox.com/en-US/games/backwardscompatibi lity.htm

    18. Re:Not suprising... by stupidfoo · · Score: 1

      because the only reason OXM (the Official Xbox Magazine) exists is that people are willing to pay $5-$10 a month to get xbox/xbox 360 demos.

      So, if every demo is available on live MS would effectively be shutting down one of their best sources of good press.

      And yes, I know they claim to be "independent".

    19. Re:Not suprising... by SuperRob · · Score: 1

      The backwards-compatibility CD you can download directly from Microsoft works the same way. No encryption.

    20. Re:Not suprising... by bigman2003 · · Score: 1

      I used to be a subscriber to OXM for exactly this reason- the demo disks. I passed on, or bought, a lot of games based on the demos. It was always good to get through the hype of the previews and see what the game was actually like.

      So far, I plan on relying on the downloadable demos (which are huge) to do this for me. If not enough demos are released, I guess I'll have to re-subscribe to OXM.

      I believe the subscription price was like $17 per year...much better than paying $9.99 retail per issue.

      --
      No reason to lie.
    21. Re:Not suprising... by Myria · · Score: 2, Informative

      Actually, Phantasy Star Online had a back door, not a buffer overflow. A packet that Sega called RcvProgramPatch could be sent to the client containing assembly code that the game would then execute. This allowed Sega to patch holes in the game and check for cheats, but it eventually led to the downfall of the Gamecube security system. (Dreamcast PSO had this feature as well, but Dreamcast had other security problems =) )

      Melissa

      --
      "Screw Sun, cross-platform will never work. Let's move on and steal the Java language." - Visual J++ Product Manager
    22. Re:Not suprising... by jacksonj04 · · Score: 1

      I thought the executables had to be signed, but the media didn't unless the executable signature said so.

      Or am I talking crap?

      --
      How many people can read hex if only you and dead people can read hex?
  2. Lucky for Microsoft... by parasonic · · Score: 1

    This has happened before too too many 360's have been released. They're going to want to protect their investments. I'll bet that they will release some sort of copy protection very shortly just as Sony released the PSP firmware update.

    1. Re:Lucky for Microsoft... by Ruff_ilb · · Score: 4, Interesting

      And this is where the online capabilities become a mixed blessing. Just as users can download media, MS may be able to sneak in a DRM-esque update without the users knowing it. I'd be suprised if that didn't happen, in fact.

      --
      http://www.TheGamerNation.com/Forums
    2. Re:Lucky for Microsoft... by pjh3000 · · Score: 2, Interesting

      Yeah, just wait 'til Sony puts an Xbox compatible rootkit on the latest crap-rock CD.

      Of course they'd probably ge sued out of existance...

    3. Re:Lucky for Microsoft... by Ruff_ilb · · Score: 2, Interesting

      Sony V. Microsoft: DRM rootkits on a MS console. Would be an interesting clash.

      Of course, that's if they WEREN'T working together.

      --
      http://www.TheGamerNation.com/Forums
    4. Re:Lucky for Microsoft... by Kevin108 · · Score: 1

      If they wanted to protect their investments, they'd enable all these trivial things to begin with and charge another $100 a box.

      --

      It's a perfect time for being wasted.
      A perfect time to watch the stars.
      - Burden Brothers, "Beautiful Night"
    5. Re:Lucky for Microsoft... by Richthofen80 · · Score: 1

      Well, in this case homebrewers just need to load an entirely new codebase. If you don't boot to the xbox dashboard, you won't have a problem.

      So if someone gets some sort of linux on there, autoupdates would be moot. I doubt you'd be connecting to Xboxlive at that point anyways.

      --
      Reason, free market capitalism, and individualism
    6. Re:Lucky for Microsoft... by TommydCat · · Score: 2, Interesting
      How's that any less significant than Sony rootkitting a business-class operating system? Liability to consumers versus liability to Big Business would be much less, plus on a controlled environment such as console, MS could update and wipe it clean.

      I think the big question is why hasn't MS done as much as make a statement about Sony's ploy and how it affects security of machines that have access to "secure" information...

      --
      This comment does not necessarily represent the views and opinions of the author.
    7. Re:Lucky for Microsoft... by iceanfire · · Score: 1

      just as playing halo 2 on live was the biggest incentive for people to NOT hack their box, halo 3 will most likley do the same.

  3. And let the games begin by EvilGoodGuy · · Score: 5, Interesting

    Now they just have to figure out how the demo disk becomes playable, use it as a boot disk, and poof, free games for everyone. :) I might be buying a 360 sooner than I thought...

    1. Re:And let the games begin by AyeRoxor! · · Score: 1

      Now they just have to figure out how the demo disk becomes playable, use it as a boot disk, and poof, free games for everyone. :) I might be buying a 360 sooner than I thought...

      Exactly. I have a feeling that this may be the first leak in the XBOX DRM 'dyke'...

      hehe... dyke...

  4. For the people who don't want to read by guruevi · · Score: 1, Redundant

    Quote from the article:

    SELF BOOTING XBOX 360 EXPERIENCE KIOSK DISK

    Team PI have done it again! YES YOU CAN BURN THIS ISO AND PLAY IT IN YOUR XBOX-360 - they call it the big m$ muck up. Team Pi leaves you with this Pillow statement:It seems Microsoft was in such a hurry to get this stuff out that they forgot to set the media protection on this disc. This leaves hackers with the posibility to hack around with this disc that load from a normal DVDR5 backup.

            quote:

            *** YES YOU CAN BURN THIS ISO AND PLAY IT IN YOUR XBOX-360 ***
            Microsoft left us with this blanket statement:

            Xbox 360 retail kiosks have started arriving at retailers. Due to the nature of the distribution process, not all kiosks are hitting simultaneously, but are continuing to pop up in retailers across the country in the coming weeks.

            The kiosks are designed for a retail environment and feature game samples, game trailers and product information. Team Pi leaves you with this Pillow statement:

            It seems Microsoft was in such a hurry to get this stuff out
            that they forgot to set the media protection on this disc.
            This leaves hackers with the posibility to hack around with
            this disc that load from a normal DVDR5 backup! - Team Pi
            also notes that the all datafiles on this disc isn't signed in
            any way, and will allow for extensive modification for producing
            exploits to further our efford to hack this box!

            Playable (hackable) games on this disc: Call of Duty 2, Hexic, Kameo, King Kong. Also includes lots of game and accessory demos in video format.
            Nothing ripped, just foreign videos were downsampled to fit onto a normal DVDR5!

            YES you can run this! Burn the iso, put it into your xbox and be very amazed... Next, think of the posibilities of hacking this little demo disc that we might start running code on the retail xbox 360's ! :)
            So the second task is done. We hope this encourages all hackers, coders and crackers out there to take up the challenge. Enjoy!

            Special note to the Clear kids: Yes, we are old and lazy, and no, we are not going to do some scene war against you. Life is too short for that, and our dicks are allready large enough :)

            Keep up the hard work!
            Pi Putting the 360' Spin on the Xbox :-)

    The above was taken from the nfo file of the release Experience_Xbox_360_Kiosk_Demo_SELFBOOTING_READNFO _PAL_DVD5_XBOX360-PI.

    --
    Custom electronics and digital signage for your business: www.evcircuits.com
    1. Re:For the people who don't want to read by johncadengo · · Score: 1

      They sure seem full of themselves for a team of people who sat around a computer and opened up Roxio EZ DVD Creator and clicked "DVD Copy".

      --
      My page.
  5. Good or bad...? by __aaclcg7560 · · Score: 1

    ... no media protection and therefore it will run on the Xbox 360 ...

    A bug or a feature? You can never be sure with Microsoft...

    1. Re:Good or bad...? by apoc06 · · Score: 1

      microsoft has made absolutely NO attempt to deny how they are closely following their competitions strategies. to that end... if they see potential to copy a concept im sure they will. they are highly aware that the ability to easily use swap methods with the ps1 and ps2, the mod and gamesave exploits for the original xbox, and the homebrew potential of the psp are major reasons for sonys' systems to sell like hotcakes, maybe this could be an underhanded effort to get "the scene" interested in cracking the x360. once they get the scene interested, the word of mouth will further their hype machine.

      look at how everyone was abuzz with news of homebrew available for the [v1.0] psp in japan, and everyone was waiting with bated breath for the us version [1.5] to be cracked as well. it could be that MS is trying to follow suit, and look the other way as the pirates offer free advertisement.

    2. Re:Good or bad...? by Anonymous Coward · · Score: 1, Insightful

      Microsoft loses money on the consoles. Ergo, there is no reason for them to care about console sales in situations that are less likely to generate game sales. i.e. homebrew uses

    3. Re:Good or bad...? by apoc06 · · Score: 1

      how is this insightful. whether it works or not, i cant argue... but the current philosphophy among consoles makers [except nintendo] says: what really matters isnt how much profit you make, what matters is how many systems you sell. if you have a large install base, more developers will want to release more games for your system. the more developers are releasing games equates to the more licensing fees youre going to receive. its not supposed to follow common sense... its marketting!!!

      your average joe [about 80% of your console owners] will not be tech savy enough to be able to actually mod their equipment or know where to buy the software/ hardware needed for homebrew or HD loaders, etc... so if you lose 20% of console base to homebrew and piracy, who cares as long as you have more consoles sold? you can turn a profit off the backs of the other 80%.

      think about it... nintendo supposedly posted the most profit from the last two generations, but no one would dare say that nintendo is still king of the hill anymore. if nintendo went the way of sega tomorrow, there arent too many developers that will lose more than a nights rest. but if sony went kaput, you would have developers seriously sweating bullets. sony has more pull over the direction of the entire industry right now. a large reason behind that is the size of sonys' install base, and a large reason behind that is that every sony system ever created has allowed for homebrew/ piracy of some form. hell, other than halo, most people mention the ability to mod the xbox as the next highest reason to buy a xbox in the first place. the highest selling nintendo product for now is the GBA, and thats the only nintendo product ever to allow reasonably easy homebrew/ piracy. sure it could all be a coincidence that the highest selling consoles have always been the ones that allow for piracy and homebrew... but this is how marketing works; whatever gets the product out there and creates a buzz.

  6. HDLoader! by gcnaddict · · Score: 2, Insightful

    Well with the successes the hacking community has had lately, I wouldnt be surprised if we see an HD loader for the 360...

    I want HDLoader!

    --
    Viable Slashdot alternatives: https://pipedot.org/ and http://soylentnews.org/
    1. Re:HDLoader! by apoc06 · · Score: 1

      yeah, but then again the x360 doesnt play all games via backwards compatibility either, so if microsoft is having a hard time emulationg and finding workarounds for hardware that they themseolves created, you can imagine how hard it is for blackbox emulator creators. i think that you should give them credit for getting ANYTHING to work at all, considering...

      nothings perfect...

  7. Quite an achievement... by Anonymous Coward · · Score: 5, Funny

    Quite an achievement making an ISO of an unprotected DVD.

    We all bow down to the superiority of the hacking skillz of said release group. I am composing some ASCII art of a very large penis in your honor that you can use in your nfo file.

    1. Re:Quite an achievement... by b1t+r0t · · Score: 4, Insightful
      The achievement is not the ripping of the ISO. The achievement is finding out that this disk will boot when burned to a plain DVD-R.

      The first step in breaking the Dreamcast was finding a loophole that let it boot from plain CD-R.

      --

      --
      "Open source is good." - Steve Jobs
      "Open source is evil." - Microsoft
    2. Re:Quite an achievement... by yottabite · · Score: 3, Funny

      You still have to hand it to them, they did, after all, commence dumping the discs to ISO's a lil while ago all on their lonesome. Also they had the kindness to let us all know of the slip-up, and publish the ISO for people to play with. That said, this isn't really a flame-war I'm trying to start. I don't even HAVE a penis :D

    3. Re:Quite an achievement... by Anonymous Coward · · Score: 1, Funny

      Would you like to share mine? ;)

    4. Re:Quite an achievement... by pswayze · · Score: 2, Funny

      Perhaps you're thinking of the gamecube. The Xbox spun the normal way (unless maybe you lived in Australia?) and didn't require any custom dvd firmware.

    5. Re:Quite an achievement... by pswayze · · Score: 1

      Ah. Well in that case the original poster is just out to lunch.

    6. Re:Quite an achievement... by lysergic.acid · · Score: 3, Funny

      No penis? Well, since there are no girls that read Slashdot, there's only one other possibility... you must be one of those eunuchs I've been hearing so much about.

    7. Re:Quite an achievement... by jcnnghm · · Score: 1

      You may be correct, but the drive is still different than a PC DVD Drive. A couple years ago, I replaced the xbox dvd drive with a pc dvd drive because mine was having trouble reading disks.

      The pc drive had to be flashed and the motor had to be rotated 180 degrees to get it to read originals. I remembered moving the motor, I'm sure that's where the backwards bit came from. Here are directions. It is not as simple as putting a disk into a pc dvd drive and hitting copy.

      --
      You don't make the poor richer by making the rich poorer. - Winston Churchill
    8. Re:Quite an achievement... by pswayze · · Score: 1
      Perhaps we're talking about two different things.

      To copy a game for my xbox I'd pop the disc into my pc dvdr, copy the iso to the hard drive, then burn it to a dvd-r with said dvdr. Then put it into the xbox and play it. At no point was I changing the actual drive that was in the xbox, because... why would I.

    9. Re:Quite an achievement... by alienw · · Score: 1

      The motor in the xbox spins normally, just like it does for any other CD or DVD (xbox discs are ordinary DVDs). Soldering the wires in a different order is necessary because the firmware is designed for a different drive and the motor connections are in the wrong order on the replacement's PCB.

    10. Re:Quite an achievement... by jcnnghm · · Score: 2, Informative

      What software are you using to perform the backup. Last time I checked (well over a year ago) it still was not possible to read and copy disks without downloading files from the xbox, then using GDFIMAGE to create the ISO. You could use UDF, but the end result could be any number of bad things. If you are doing direct copies, how are you dealing with the media checks?

      As I recall, it has always been possible to create a backup of a backup.

      --
      You don't make the poor richer by making the rich poorer. - Winston Churchill
    11. Re:Quite an achievement... by TeknoHog · · Score: 4, Funny
      you must be one of those eunuchs I've been hearing so much about.

      This is a eunuchs site after all, if you pardon the misspelling... and with the evil proprietary eunuchs systems, it's time someone started developing a free clone.. we could call it Girls Not Eunuchs or something.

      --
      Escher was the first MC and Giger invented the HR department.
    12. Re:Quite an achievement... by DrEldarion · · Score: 1

      I still have no clue what "linuchs" are, though :(

    13. Re:Quite an achievement... by hobbesx · · Score: 1

      I believe there's a space in 'GNU Emacs'...

      [ducks!]

      --
      This rating is Unfair ( ) ( ) Fair (*) Funny
      Sigh... If only. Modding would be so much more fun.
    14. Re:Quite an achievement... by SyncNine · · Score: 5, Interesting

      Urban Legend. Gamecube discs do not default to being read from the outside in -- depending on the game and manufacturer/producer of said game, the game's bootstrap code or loader or whatever you want to call it can be as far as 3/4 of the way to the end of the disc. But it still doesn't read from the outside in. It pops the end of the disc on boot to get the game's boot code, then hits back to the center like any other CD/DVD reading device.

      To address the entire topic of this conversation, this 'achievement' doesn't mean crap. There is no *exploit* that allows this disc to boot. Whoever pressed it intentionally left off the media check -- thus allowing it to be played as downloaded from Live or on DVD. Not a big deal. It's still encrypted and signed -- the hypervisor still won't run it if a single bit has been altered.

      I don't know about you, but I don't think my computer has enough spare CPU cycles in the next 100 years to crack the digital signing.

      An exploit would be these people releasing the same DVD image that self-boots but has different content. But they can't. Because the 360 won't run it.

      Just think about what people are inferring here. Microsoft, tremendous software goliath, pioneers new Xbox360 system that they claim is 'unhackable'. They have learned from their mistake with the Xbox and have actually taken many steps to make sure the system is as hard to hack as possible. 20 days after its release, they accidentally post an un-protected ISO on their website, allow production facilities to produce un-protected DVDs, and allow hackers to have full reign over their console.

      Does this sound odd to anyone else? They wouldn't release these things if they didn't think (whether or not they're correct) that it had absolutely no gain to the hacker community. They're not going to help the hackers crack this system -- they have absolutely no gain from doing so. They lose money on each console, do you really think that's all they want you to buy? It doesn't work that way. This wouldn't have been released the way it was unless MS approved it -- there is a 99.95% chance that if they approved it, there is no way of hacking it.

      I'd like to be proved wrong here, but until someone makes a DVD iso for the Xbox360 that opens up to a picture of a horse's ass and an arrow pointing to it that says 'SyncNine', I'm going to have to think I'm correct.

      --
      To the darkened skies once more, and ever onward.
    15. Re:Quite an achievement... by mrogers · · Score: 1

      They're like a DIY version of eunuchs.

    16. Re:Quite an achievement... by ND4SPDR · · Score: 1

      But your computer, my computer, and the computer's of everyone who reads this article, collectively, could break it in a matter of hours.

    17. Re:Quite an achievement... by apoc06 · · Score: 1

      yes, but this isnt pure business here, its business and marketing. microsoft will do whatever it takes to try to gain a foothold into your entertainment center. the more buzz created by "the scene" in trying to tackle enabling homebrew/ piracy just adds to the x360 hype machine. they get more consoles into the public and get more licensing fees out of developers who cant afford to chance developing software for any console except the ones with the largest install base.

    18. Re:Quite an achievement... by breon.halling · · Score: 1

      Awesome! We're already half-way there! =P

      --
      "Yeah, well, Dracula called and he's coming over tonight for you and I said okay."
    19. Re:Quite an achievement... by Hast · · Score: 1

      If you are talking about the encryption/signing then you are wrong. People are still trying to brute force the Xbox keys. Basically by the time you have made a significant dent in the keyspace the console is long obsolete anyways.

      This would be true even if you used every computer on Earth.

  8. Re:No DRM == license to copy freely? by CableModemSniper · · Score: 4, Informative

    The DMCA makes it illegal to circumvwent the protection. Copyright infringement is still illegal on top of that. Creating/using DeCSS violates the DMCA, but copying the DVD is copyright infringment. The DMCA is "evil", but just because people don't protect something technologically doesn't mean you should have the right to copy it willy nilly.

    --
    Why not fork?
  9. No media check doesn't mean the code isn't signed by Shaolyen · · Score: 1, Insightful

    Although this is interesting news, the lack of a media check certainly doesn't mean the code isn't signed.

  10. Re:No DRM == license to copy freely? by nwbvt · · Score: 4, Insightful

    Does the existence of hate crime laws means I am free to kill other white guys?

    --
    Mathematics is made of 50 percent formulas, 50 percent proofs, and 50 percent imagination.
  11. No exploit here... move along by rminsk · · Score: 5, Interesting

    The executables as still signed. It is common for supporting data files to be un-signed. The executable usually does a hash check on its datafiles to make sure they haven't been messed with. It seems like everyone jumps on every little thing about the inner workings of the XBox 360 as a major exploit. The sensationalism is just getting boring.

    1. Re:No exploit here... move along by krunoce · · Score: 1

      What's so hard about disassembling and "skipping" the hash check?

    2. Re:No exploit here... move along by b1t+r0t · · Score: 2, Insightful
      The executables as still signed. It is common for supporting data files to be un-signed. The executable usually does a hash check on its datafiles to make sure they haven't been messed with.

      All it takes is one buffer overflow in an executable reading a corrupted data file (which will probably be verified with something less than MD5), and this could be turned into a "boot key" allowing the loading of arbitrary code... at least until Microsoft uploads a patch to everybody locking out the executable if you don't have a demo unit. Since this is a demo disc, that means a lot less people can complain if it stops working. Only the few who never hook their 360 up to the network, and never run games which force an upgrade, may have a chance of running hacks in the future.

      --

      --
      "Open source is good." - Steve Jobs
      "Open source is evil." - Microsoft
    3. Re:No exploit here... move along by sampspoon · · Score: 1

      they resized the movies to fit the dvd9 iso on a dvd5. they don't ever hash check files on run time due to the fact that it'd take way too much time. at most they do a checksum on the executable which is non-existant in this iso...

    4. Re:No exploit here... move along by matth1jd · · Score: 2, Insightful

      That would cause the executable to no longer be signed, and the system would not allow it to run.

    5. Re:No exploit here... move along by psavo · · Score: 1

      All it takes is one buffer overflow in an executable reading a corrupted data file ...

      Umm. Do you really think that IBM's Power -architecture doesn't have NX flag?

      --
      fucktard is a tenderhearted description
  12. Re:No DRM == license to copy freely? by taskforce · · Score: 5, Insightful
    No, it just allows you the fair use you were originally granted before the DMCA was put in. Copyright law still applies to everything you get, it's just that unlike making a backup of a CSS protected Video DVD, you can make a backup of this unprotected demo disk beucase you didn't have to break encryption.

    However, becuase of the very nature of this disk (restricted kiosk) it is unlikely that 99% of people will be able to make backup copies of it under fair use.

    --
    My 3D Texturing Skinning work (under construction)
  13. Re:No DRM == license to copy freely? by Rude+Turnip · · Score: 3, Funny

    Sure! Of course, IANAL.

    --
    Bill Clinton: Pimp we can believe in. - The Shirt!!!
  14. Re:No DRM == license to copy freely? by ch-chuck · · Score: 1

    Sure, just like if someone does not lock up their valuables you're free to take all you want.

    --
    try { do() || do_not(); } catch (JediException err) { yoda(err); }
  15. Trust the Honor System by Trolling4Columbine · · Score: 1

    We all know that news like this is great for people who want to make legitimate backups of their games. Freeloaders and Warez kiddies would have nooooo use for this whatsoever! No siree!

    --
    Socialism: A feeling of discontent and resentment caused by a desire for the possessions or qualities of another.
  16. Grammar Nazi Time by feijai · · Score: 1, Flamebait
    [sigh] One of the worst violations in a while.
    The disc contains playable demo's on the disk such as Call of Duty 2, which could also be hackable, as PI speculates.

    • Apostrophes indicate ownership or relation, not pluralality.
      • I enjoyed the demo's playability.
      • The disc contains playable demos.
    • "Disc" is a less-used variant of "disk". You can use either, but for God's sake, be consistent within a single sentence.
    • "The disc contains playable demo's on the disk..." Welcome to the Department of Redundancy Department.
    • "...which could also be hackable, as PI speculates." Why exactly is as there? It'll only be hackable while PI is speculating? It's hackable in the same way that PI speculates things are hackable? What the hell? Oh, you meant... ...which, PI speculates, could also be hackable.

    Said properly:

    The disk contains playable demos--such as Call of Duty 2--which PI speculates may also be hackable.
    1. Re:Grammar Nazi Time by dancingmad · · Score: 1

      Disc isn't less used. "Disc" usually refers to optical media, such as DVDs, CDs, Gamecube discs, and MDs. Disk usually refers to floppy disks, hard disks, etc.

      Though your point remains correct, that the sentence needs remain consistent.

      --
      "There is no time, sir, at which ties do not matter," Jeeves, (Jeeves and the Impending Doom)
    2. Re:Grammar Nazi Time by feijai · · Score: 1
      Apostrophes are also used for contractions as in this case.

      Absolutely, totally, false. This is not a contraction. This is the plural of a simplification. The simplification of demonstration is demo. Just as the plural of demonstration is demonstrations, the plural of demo is demos. For god's sake, go read a grammar text.

    3. Re:Grammar Nazi Time by juancn · · Score: 1

      I like your explanation, and I don't really think that it should be modded as flamebait.

      Just thought some support would be nice.

      PS: I'm not a native english speaker and there is a very good chance that I'm making some sort of mistake in this post. Be gentle!

  17. For personal use, yes I should by tkrotchko · · Score: 1

    "but just because people don't protect something technologically doesn't mean you should have the right to copy it willy nilly."

    If I buy a game, I should have the right to make a backup so I don't worry about the original being scratched. I don't really have that option right now, so I watch in horror as my son just casually tosses around $50 game disks.

    It shouldn't be that way, but it is.

    --
    You were mistaken. Which is odd, since memory shouldn't be a problem for you
    1. Re:For personal use, yes I should by drinkypoo · · Score: 1

      You could always bittorrent ISOs of your favorite games, pre-cracked and ripped down to a DVD5. Granted, it's not precisely legal (they're modified copies) but it's not precisely illegal, either...

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    2. Re:For personal use, yes I should by tkrotchko · · Score: 1

      I thought doing that required you to modify your console; not something that I'd like to do.

      --
      You were mistaken. Which is odd, since memory shouldn't be a problem for you
    3. Re:For personal use, yes I should by drinkypoo · · Score: 1
      This is quite true. However, Xboxes are cheap, and the modification is really easy for 1.1, 1.2, and 1.3-version Xboxes. You don't even have to solder anything, you can use a conductive pen. You could alternatively install a clip-on modchip, which leaves no traces of the modification if uninstalled, save for the opening of the case which is irrelevant for Xboxes in the US past something like 90 days (was it 60?) since the warranty is so damned short. Unless you buy the extended warranty, anyway, which is basically guaranteed to be useless because the Xbox will fail either before or after the extended warranty period in 99.9% of situations which involve a failure.

      Using a clip-on modchip with a switch is the best bet for people who want to use Xbox Live, as well, because Live can detect your BIOS version and it will permanently disable Live accounts if non-MS BIOS is detected. Or you could do what I plan to do when I can afford another Xbox (they're cheap, but I'm poor) and just have one for Live, pristine, and a hacked version to play game backups, emulated games, and run XBMC.

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    4. Re:For personal use, yes I should by fbjon · · Score: 1
      the Xbox will fail either before or after the extended warranty period in 99.9% of situations which involve a failure

      And in 0,1% of situations involving a failure, it occurs in the fifth dimension.

      --
      True confidence comes not from realising you are as good as your peers, but that your peers are as bad as you are.
    5. Re:For personal use, yes I should by nwbvt · · Score: 1
      " It shouldn't be that way, but it is."

      Actually, it isn't. You can make a copy of a non-DRMed work of intellectual property for personal use, assuming of course you have the means to do so. Note that distributing it to other people over the net isn't considered 'personal use'.

      --
      Mathematics is made of 50 percent formulas, 50 percent proofs, and 50 percent imagination.
    6. Re:For personal use, yes I should by tkrotchko · · Score: 1

      Well, I can't actually use those backups because I understand all the consoles reject non-original disks. So I can backup all I want; I just can't use those backups for any purpose.

      --
      You were mistaken. Which is odd, since memory shouldn't be a problem for you
  18. Does Microsoft fund these guys? by Animats · · Score: 4, Funny

    They're redistributing Microsoft marketing materials. Usually, you have to pay a PR firm to do that.

  19. Well... Sorta.. by Chordonblue · · Score: 1

    Creating a boot disc is the first step into a much larger world. Thus is was with the Dreamcast, so it appears to be with the Xbox. The major difference is the fact that the Xbox' BIOS is malleable at MS's whim so even if an exploit works for a while, there are certainly no guarantees with a software solution like this.

    --
    "...Well, there's egg and bacon; egg sausage and bacon; egg and spam; egg bacon and spam; egg bacon sausage and spam..."
  20. Re:No DRM == license to copy freely? by chobee · · Score: 1

    No but I like the way you think. ;)

  21. No, you move along by brunes69 · · Score: 1

    You are not supposed to be able to rip *any* 360 game and play it off a burt DVD

    The fact that you can do this means with this demo DVD means that all any group has to do is figure out *why* this is (what the relevant section of bytes is), rip out the needed bytes, and use it to bootstrap the 360 to run any burnt game or app they please.

    1. Re:No, you move along by Breakfast+Pants · · Score: 1

      Wrong. Microsoft has different keys for burnable and non-burnable media. So you don't get to just "rip out the needed bytes," you have to "solve an NP complete problem"-- that is unless some exploit is found. You are assuming the binaries are unsigned and there is just a little chunk of header information that lets it be run--this certainly isn't the case.

      --

      --

      WHO ATE MY BREAKFAST PANTS?
  22. Here's the video... by hobbzey · · Score: 1

    http://www.youtube.com/watch.php?v=PlT7hfls88E

    1. Re:Here's the video... by Predius · · Score: 2, Interesting

      They don't show the xbox booting that DVD, but reading from it after a hot swap while the system is running...

  23. Not that exciting by lord_sarpedon · · Score: 2, Insightful

    The media protection and signing are very different things. The executables are still signed and from that cannot be modified. However, they can be played on a variety of media, burnable media included. The files themselves, to my knowledge, are not signed or checked. That would open the door for simple map mods or similar as seen with the Halo series. As for code execution, not likely. The hypervisor as well as other checks are in place to prevent the most common forms of attack. It would take some clever doing to get the good old fashioned gamesave exploits of yesteryear on this new platform ;) Realize also that there isn't much anything preventing authors of demo discs from setting the media flags...this was more likely than not a mishap.

    --
    "Strangers have the best candy" -Me
  24. Mod Parent UP by Anonymous Coward · · Score: 1, Funny

    Parent deserves karma points just as a dog requires biscuits to operate. (?!??!)

  25. Protected disk and/or executables by thallgren · · Score: 1

    It seems they made it possible to boot from ordinary CD/DVDs, but with the requirement that the executables are signed. Don't know if that was intentional or not, but if it was I can see how nice it will be to pull down game demos and burn them.

    I hesitate to buy an expensive game without trying the game for a while.

    With this capability high-quality games with demos out will convince reluctant buyers like me to try and probably buy.

    Brilliant!

    1. Re:Protected disk and/or executables by Shano · · Score: 1

      Given that it's possible to boot from a DVD-R, I would fully expect the system to be as follows:

      The 360 checks the media type (hard drive, DVD, whatever), and also the executable. The executable contains bits specifying what types of media it can run from. Since it's signed, it isn't feasible to modify those bits - until someone cracks the DRM scheme, of course.

      This allows companies to release freely distributable (but still signed) demos, while the full game can still only be run from the original disk.

    2. Re:Protected disk and/or executables by SScorpio · · Score: 1

      You hit the nail on the head. This is exactly how the orginal Xbox was. The only issue is that only Microsoft has the key to sign executables on retail machines. Developers have their own keys that will only sign the files for running on the debug units. So if you're a developer and you make a demo, you have to have Microsoft sign the executable for people to play it on their normal 360s.

    3. Re:Protected disk and/or executables by jonwil · · Score: 1

      The first xbox had information in the XBE file stating what media it should be run from (if you change it, the signature doesnt match anymore)

  26. Re:No DRM == license to copy freely? by vertinox · · Score: 1

    Does the existence of hate crime laws means I am free to kill other white guys?

    If someone kills white guy, does it make it ok to pass hate laws discriminating against all non-white races? Even if they were innocent and possibly the white guy was killed by another white guy?

    In theory this is how DRM works.

    Everyone is assumed to be a criminal.

    --
    "I am the king of the Romans, and am superior to rules of grammar!"
    -Sigismund, Holy Roman Emperor (1368-1437)
  27. Re:No DRM == license to copy freely? by heson · · Score: 1

    No, you cant at least not if they are gay or vi users.

  28. Re:No DRM == license to copy freely? by DA-MAN · · Score: 1

    First, IANAL. That said

    The DMCA makes it illegal to circumvwent the protection.

    There is an exception for compatibility. For example Asterisk PBX has a reverse engineered Skinny protocol, this is ok because it is done for compatibility. If this boot loader is used for running custom code on a personal x-box this would not be illegal even under the DMCA.

    Copyright infringement is still illegal on top of that. Creating/using DeCSS violates the DMCA, but copying the DVD is copyright infringment.

    Copying the DVD is illegal but not a prosecutable offense. The Fair Use doctrine makes personal copies legal. Downloading an image from BitTorrent or other things would be illegal.

    DeCSS violates the DMCA. Before the DMCA it was still illegal because it stole decryption keys from the DVDA (not to be confused with double vagina, double anal). Although I believe that was only protected via trade secret, so it may no longer be elgible for protection at this point now that it is not a secret.

    The DMCA is "evil", but just because people don't protect something technologically doesn't mean you should have the right to copy it willy nilly.

    I disagree. You have the right to copy your personal stuff nilly willy for personal use. You do not have the right to copy other peoples stuff nilly willy.

    The DMCA is evil though!

    --
    Can I get an eye poke?
    Dog House Forum
  29. You still dont get it do you guys? by AzraelKans · · Score: 3, Interesting

    MS doesnt make their money just out of selling games (and I seriously doubt they LOSE money on each Console sale as they claim) they make a lot of money out of selling XDK's and licenses to publishers, the more people owning the console, the more publishers will want to port their games to it. Piracy and hacking is a surefire way to make the console available to those who cant afford or are unwilling to buy the games at their current price (not just in America but worldwide) besides they CANT clone the console just the games themselves so they have to buy the console anyway and MS knows that, thats why they have never been too severe with piracy or hacking (contrary to sony who is basically sinking PSP by doing the oposite.. and not releasing too many games either), do you actually believe they havent noticed there are groups doing great dashes and even homebrew games on their console using warezed xdks? entire companies dedicated to mod chips?

    Do you think is just a big coincidence they released UNPROTECTED demos and games, which can easily be compared to PROTECTED ones by pro hackers?

    They are not stupid you know? (at least not that stupid)

    Yet IMO it would suck to own a modded or hacked xbox 360 since you wouldnt be able to log to xbox live which is a big part of the 360 deal.

    --
    Go ahead MOD my day!
    More opinions here
    1. Re:You still dont get it do you guys? by FryingLizard · · Score: 1

      "..and I seriously doubt they LOSE money on each Console sale as they claim"

      Why do you seriously doubt that? Do the math.

      Unless M$ are somehow warping the very fabric of capitalism they are paying (very approximately) as much for their chips and circuit boards as anyone else. Sure, I bet they get a great deal from all their vendors, but in this case, the hardware is universally agreed to be some expensive shit to make. I saw an estimate of around $100 for the GPU+EDRAM alone. On the other end, what about the retailer markup? Sure, that's negotiable, but not by very much.

      An 1.2-mm thick polycarbonate disc costs well under a buck. Let's say $1.50 with packaging. Throw handful of bucks to the publisher, another ten or so to the retailer, and considering a game retails for say $50, you can see where the money lies.

      http://www.gamespot.com/news/6140574.html

      Sony recently sold 100 million PS2s; but over the years a total of 1.8 BILLION games have been sold for the PS1 and PS2. Let's just say Sony made $5 a game (which is likely a significant underestimate)...

      --
      [FrLz]
    2. Re:You still dont get it do you guys? by ClamIAm · · Score: 2, Insightful
      MS doesnt make their money just out of selling games

      Bullshit. This is how every console manufacturer makes money. Sure, they make some money by licensing developers, but the amount of money the games industry makes is not being paid for by SDKs and such. Even if it was, the developers would have to offset this by the income they make from games. This would mean that the console makers would, transitively, be making money from selling games, not developer kits. And if your groundless assertion was correct, why did Atari and Nintendo sue unlicenced game makers?

      and I seriously doubt they LOSE money on each Console sale as they claim

      Then why do we have two different 360 consoles available? And never mind all the analysis we've seen that concludes MS is losing money right now on their systems.

    3. Re:You still dont get it do you guys? by AzraelKans · · Score: 1

      They ban you on Xbox Live if they detect any hardware changes like mod chips, larger hard drives, etc.

      Of course they do, if they would allow you to use a modded xbox in live everybody would be able to cheat, also they are not SUPPOSED to allow hacking remember?

      --
      Go ahead MOD my day!
      More opinions here
    4. Re:You still dont get it do you guys? by fluor2 · · Score: 1

      please read the whole post. even if they loose selling the "hardware" they still get a larger market for potential game buyers, thus gaining more on licences.

    5. Re:You still dont get it do you guys? by blincoln · · Score: 1

      Are you serious? Something like $10 out of every $50 game goes straight to MS' wallets. Game licenses are where nearly all of their income from the console market is from.

      --
      "...always new atoms but always doing the same dance, remembering what the dance was yesterday." -Richard Feynman
    6. Re:You still dont get it do you guys? by AzraelKans · · Score: 1

      Look guys, I dont want to start a conspiracy theory, this is just my opinion. I just think is too much of a coincidence, but It could be just about anything (simple incompetence or PR policies perhaps). And about the Xbox price, a huge company like MS cant get good prices in buying hardware in large scale sales and therefore have to sell at a loss? Sorry but I wont buy that for a second. Believing MS PR reports? yeah right! They are still claiming the xmas shortage was just a lucky misunderstanding! "Seriously, we didnt knew about the shortage is not like we had a ton of preorders in the USA months ago and we knew we couldnt cover them, and almost NONE in Japan yet we shipped like half of the production there! I mean how could we knew? it's fate I guess"

      --
      Go ahead MOD my day!
      More opinions here
    7. Re:You still dont get it do you guys? by Anthony+Liguori · · Score: 2

      MS doesnt make their money just out of selling games (and I seriously doubt they LOSE money on each Console sale as they claim)

      People really don't understand this well at all. Developing the Xbox required a very large up front investment. To justify the investment, Microsoft will analyze how much they expect to sell, and amortize that cost over the consoles and games.

      Clearly, there business model is such that if they only sold consoles, and not games, they would not recoop their costs. This makes sense because the relative profit margins on games are going to be much higher than on the consoles. This is how they "lose" money on the Xbox. The sum of the components, however, are not worth more than what they sell it for. Otherwise, people would just buy a bunch and sell it for scrap. If you buy Xbox's, Microsoft does not lose money. It's quite the opposite, every Xbox and game they sell gets them closer to recooping the original investment and eventually making quite a profit.

    8. Re:You still dont get it do you guys? by AzraelKans · · Score: 1

      Clearly, their business model is such that if they only sold consoles, and not games, they would not recoop their costs. This makes sense because the relative profit margins on games are going to be much higher than on the consoles. This is how they "lose" money on the Xbox. The sum of the components, however, are not worth more than what they sell it for. Otherwise, people would just buy a bunch and sell it for scrap. If you buy Xbox's, Microsoft does not lose money. It's quite the opposite, every Xbox and game they sell gets them closer to recooping the original investment and eventually making quite a profit.

      Now, thats a more reasonable explanation, thanks for the informative, intelligent answer. :)

      --
      Go ahead MOD my day!
      More opinions here
    9. Re:You still dont get it do you guys? by FryingLizard · · Score: 1

      FUD? WTF? See the thing in my post that starts with "http://" ... that's part of a secret code that only me and my brotherhood the Justified Ancients Of Mu will understand. It communicates to them - and them alone - the secrets of which I speak.

      --
      [FrLz]
  30. Re:No DRM == license to copy freely? by nwbvt · · Score: 1
    I didn't get a thing you said until I read your sig:

    Using analogies to compare the Internet with real life is like trying to rationalize the universe with a bag of marbles.

    So you were trying to make a paradoy analogy. Ok, but I think my post was still valid as it was intended to be more sarcasm, not an analogy.

    --
    Mathematics is made of 50 percent formulas, 50 percent proofs, and 50 percent imagination.
  31. Re:Double standards by vertinox · · Score: 1, Offtopic

    Sure, just like if someone does not lock up their valuables you're free to take all you want.

    In reality, if your insurance company finds out you didn't lock your doors or take precautions against theft, they won't write you a check for your loss.

    If I could break a rule here about analogies, if I make a juicy delicious steak and and put it out on my table and I leave my door open and my neighbors dog comes in and eats it... Who can I blame for my lost steak?

    I could blame the dog, but that is what dogs do... They eat meat, just like a theif steals things. I can't teach the dog not to eat my food because it isn't my dog. I can beat it myself, or call my neighbor and have him punish it, or I can go the extreme and call the pound and have it dragged away.

    However I'm still out of a steak because I didn't have my door closed. It doesn't make the dog right, but obviously it benefits you to suck it up and protect yourself and stop using "other people aren't supposed do bad things" as an exscuse to not put forth the effort of protecting yourself.

    Guess what? You don't have control over other people when they do bad things. You do have control over yourself and how much of those bad things will affect you. Understanding that will go a long way.

    --
    "I am the king of the Romans, and am superior to rules of grammar!"
    -Sigismund, Holy Roman Emperor (1368-1437)
  32. Re:No DRM == license to copy freely? by vertinox · · Score: 1

    So you were trying to make a paradoy analogy.

    Correct, I think the problem with analogies is they cannot be applied from physical realm to idea realm without having infinite amounts of exceptions to whatever you were having an analogy about.

    Mostly because information does not behave in the same respect as the physical world. Does murder and lack of DRM have anything in common? Can you really make an equation between to two actions and use murder of a white guy to justify the inherit wrongness of copyright violations.

    As much as I could reverse it and absurdly declare that DRM as an analogy to hate laws passed by a racist government oppressing everyone regardless of race...

    Although I broke my rule a few posts down but I was using an anology of a real world situation vs a real world situation.

    --
    "I am the king of the Romans, and am superior to rules of grammar!"
    -Sigismund, Holy Roman Emperor (1368-1437)
  33. Speculation doesnt mean "fact" by Ancient_Hacker · · Score: 1
    Just because there are some copyable discs doesnt mean squat.

    The actual .exe files still have to be digitally signed before the CPU will accept them.

    Changing one bit of the .exe will break the digital signature's validity.

    So this isnt a way to sneak fresh code onto the 360.

    Sorry.

    1. Re:Speculation doesnt mean "fact" by tepples · · Score: 1

      The actual .exe files still have to be digitally signed

      But do the data files?

    2. Re:Speculation doesnt mean "fact" by necro2607 · · Score: 1

      "Team Pi also notes that the all datafiles on this disc isn't signed in any way, and will allow for extensive modification for producing exploits to further our efford to hack this box!"

      For someone with the name "Ancient Hacker" I'd expect that you would understand that this means a very high chance of exploiting the software that loads these data files, whether the .XEX is signed or not.

  34. Re:No DRM == license to copy freely? by nwbvt · · Score: 1

    Umm, that post was intended to be sarcastic as well...

    --
    Mathematics is made of 50 percent formulas, 50 percent proofs, and 50 percent imagination.
  35. Hey, y'know by FryingLizard · · Score: 5, Interesting

    Will someone here with a 360 and a spare half hour go get the aforementioned warez, and burn two copies - one with a single byte modified in one of the executable files?

    Actual results posted here would be oh so welcome.

    --
    [FrLz]
  36. Or even easier... by brunes69 · · Score: 1

    ... would be to simply find a buffer overflow within the executable that can be exploited by modifying a data file (which are usually unsigned).

    You could then use this unmodified signed executable to load any code you want.

  37. Re:Double standards by nwbvt · · Score: 1
    "In reality, if your insurance company finds out you didn't lock your doors or take precautions against theft, they won't write you a check for your loss."

    I believe the discussion here was whether or not the action was illegal, not whether or not you can get your insurance company to compensate you for it. The two are radically different.

    "If I could break a rule here about analogies, if I make a juicy delicious steak and and put it out on my table and I leave my door open and my neighbors dog comes in and eats it... Who can I blame for my lost steak? I could blame the dog, but that is what dogs do... They eat meat, just like a theif steals things. I can't teach the dog not to eat my food because it isn't my dog. I can beat it myself, or call my neighbor and have him punish it, or I can go the extreme and call the pound and have it dragged away."

    Ok, you don't like your neighbor's dog, we get it. But you still havn't contributed a damn thing to the discussion of the legality of pirating a non-protected work. You are on a tangental subject that has no bearing to what is being discussed.

    --
    Mathematics is made of 50 percent formulas, 50 percent proofs, and 50 percent imagination.
  38. No breakthrough here by Smarty2120 · · Score: 5, Insightful

    If you try the 360's demo downloading capability, you know that it can run downloaded content. I haven't sniffed the data stream myself, but encrypted connections slow servers down quite a bit and it's doubtful that xbox live servers even use them for content download on the order of a 500MB demo. Those binaries are signed just like the demos on the discs which can be burned. By signing the binaries, they don't need to worry about how the code got on the xbox. DVD-R, download, remove hard drive->write binary->reinstall hard drive, iPod, it doesn't matter a bit. If it doesn't execute binaries that aren't signed by microsoft's private key, it doesn't matter how you give it the binary, it won't run it. This is a non-story. Unless someone steals or or breaks microsoft's private key, this is gonna need a hardware hack at minimum.

  39. HEY MODS, mod up parent. by numbski · · Score: 4, Interesting

    This is a good question. Hex edit one of the binaries. Heck, run strings on it, change some text someplace and burn it.

    If it still runs, good things be ahead.

    --

    Karma: Chameleon (mostly due to the fact that you come and go).

    1. Re:HEY MODS, mod up parent. by mikek3332002 · · Score: 1

      What happens about collosions in the code signing? 2 exes with the same sig?

    2. Re:HEY MODS, mod up parent. by Megane · · Score: 1
      What happens about collosions in the code signing? 2 exes with the same sig?

      Any good digital signature or hash is always going to come up with a different result after changing exactly one byte of the hashed file.

      --
      #naabhaprzrag, #sverubfr-000, #agi-fcbafberq, negvpyr[pynff*=' negvpyr-ary-'] { qvfcynl: abar !vzcbegnag; }
    3. Re:HEY MODS, mod up parent. by Hast · · Score: 1
      always (and here I truly am saying "always") hash collisions.

      Yes, but with any decent cryptographic hash you will not be able to find collisions without brute force. Brute forcing is not feasable unless you have a long time to wait.

      Furthermore even if you did find a collision it probably wouldn't do anything useful.
  40. To you and others who don't understand... by Corngood · · Score: 1

    Any code on the disc is digitally signed, it just doesn't care what type of media it's loaded from. Hell, Microsoft already released a burnable disc image that updates the bios firmware and system software. If they trust their security system enough to do that, then burnable game demos are probably going to be common. Why bother media protecting a demo anyway? They might as well let people copy it.

    The only sliver of hope is that there is some flaw in the signed software which is exploitable by changes to the unsigned data. It's not impossible, but I have a feeling that it's going to be a lot harder than finding flaws in the PSP software, because of W^X pages, hypervisor, etc.

  41. What makes you think it's unsigned? by Corngood · · Score: 1

    Your lack of comprehension of the subject matter, I assume.

  42. Thank you! ++score. by Corngood · · Score: 1

    Well said.

  43. Re:Double standards by ch-chuck · · Score: 1

    Not sure what you're trying to say but that's a good argument FOR DRM - The customers (dogs) can't help themselves but WILL copy and share media (the dogs will grab the steak) unless we put DRM around it (lock the doors so the dogs won't steal the DVD's, uhm, steak).

    --
    try { do() || do_not(); } catch (JediException err) { yoda(err); }
  44. RTFA!! by AoT · · Score: 1

    It seems Microsoft was in such a hurry to get this stuff out
    that they forgot to set the media protection on this disc.
    This leaves hackers with the posibility to hack around with
    this disc that load from a normal DVDR5 backup! - *Team Pi
    also notes that the all datafiles on this disc isn't signed in
    any way*, and will allow for extensive modification for producing
    exploits to further our efford to hack this box!

    --
    A blog about stuff.
    1. Re:RTFA!! by cnettel · · Score: 1

      Data != executables. This of course still might leave some opportunity for a buffer overflow attack by modifying that data, but as the 360 actually normally runs with some memory protection (compared to the original "everything is friends down at ring 0" in the Xbox), the route into loading arbitrary code of arbitrary size may still be quite complex.

    2. Re:RTFA!! by apoc06 · · Score: 1

      thank you, but realize that my point still stands. the xbox /should/ be looking for signed code, and /should/ NOT play any code that is NOT signed. so actually now what youre saying is that there are no parts of the threeway check present...?

      prob not the case here. chances are that the binaries are in fact signed and the release group jumped the gun; OR they meant that the data itself is unsigned; and the exes are the only thing signed. same as on the original xbox... which is why people were able to import character models from halo, dead or alive etc...

  45. RTFA by AoT · · Score: 1

    Or perhaps the part where he read the damn article?

    --
    A blog about stuff.
    1. Re:RTFA by _Pablo · · Score: 1

      The article does not say anything about anything being unsigned - just that the media protection check is not present on the disc so it doesn't matter if the contents are on a pressed DVD, DVD-R or the HD. The code on the disc is still signed so any change to the executable would invalidate the signature and stop the code from running. That's why corngood puts boxxa's incorrect post down to a lack of comprehension and not a failure to RTFA.

      --
      $2B OR NOT $2B = $FF
  46. Re:basic grammar by mbessey · · Score: 1

    It's a gray area when the word itself is an abbreviation

    No, it isn't.

    Perhaps you should invest in one of these:
    http://www.angryflower.com/aposter.html

  47. From the article by AoT · · Score: 1

    It seems Microsoft was in such a hurry to get this stuff out
    that they forgot to set the media protection on this disc.
    This leaves hackers with the posibility to hack around with
    this disc that load from a normal DVDR5 backup! - *Team Pi
    also notes that the all datafiles on this disc isn't signed in
    any way*, and will allow for extensive modification for producing
    exploits to further our efford to hack this box!

    Not executables, but unsigned nontheless.

    --
    A blog about stuff.
    1. Re:From the article by Corngood · · Score: 1

      You're right that there is unsigned content on the disc (presumably), but that troll who started this thread said:

      it now shows that there is a way to load and boot non signed dvds which will enable custom code and eventually softmodding

      It doesn't show anything of the sort. It shows that demos are not likely to require a media check, so you can freely copy and run them. It's no different than the system update CD they officially released without a media check.

  48. DVD-9 by tepples · · Score: 1

    Gamecube spins the right way but goes from outside -> in

    So does the second layer of a DVD-9.

  49. Return to libc by tepples · · Score: 1

    Do you really think that IBM's Power -architecture doesn't have NX flag?

    Do you really think execution of the stack is the only way to fool the system into jumping to untrusted code? Have you ever heard of a return-into-libc exploit?

  50. Pointless by evilgrug · · Score: 4, Insightful

    To reiterate what others have said, the executables are still signed AND demo discs with no media checks have been around for months. So that rules out modifying the executables.

    As far as gamesave exploits and the like...On the original Xbox, gamesaves were signed, but they used a key stored in plaintext in the executable. Meaning if you found a way to crash the game and run your code, it was trivial to get the game to accept it. I suspect on the Xbox 360 the key will be secret.

    Secondly, games on the Xbox run in kernel mode. I suspect this is NOT be the case on the Xbox 360.

    The Xbox 360 does not use an off-the-shelf CPU. Microsoft licensed it and built its own. The original Xbox was first hacked because it used an off-the-shelf Mobile Celeron and thus its secret information had to be built into the Xbox-specific southbridge and travel down the HyperTransport, which could be sniffed. Since the Xbox 360 used an MS-made CPU, I would wager that the key is on the CPU itself.

    If we presume that gamesaves are signed with a secret key in the CPU, and applications do not run in kernel mode, we can rule out gamesave exploits in addition to executable modifications.

    In short, this "news" is pointless. MS ship an executable with a few different bits allowing DVD-R playback and people suddenly think that we have a new Dreamcast on our hands. The disc will undoubtedly be subject to much scrutiny, but we're not really any closer to hacking the Xbox 360.

    1. Re:Pointless by Bob+of+Dole · · Score: 1

      I suspect on the Xbox 360 the key will be secret.

      How, exactly?
      Signing the games works because they sign it THERE and we decode it HERE, so they don't have to let anyone see the private keys.

      What signs the game saves? And what reads them?
      If the game saves are signed, the signing key is ON THE XBOX. It has to be!

      --
      I respond to your sigs
    2. Re:Pointless by evilgrug · · Score: 1

      Sorry, "secret" was a bad choice of words when talking about encryption. "Not out in the open and easily readible" perhaps. I suspect that the integrity of gamesaves will be verified possibly with a key in the Xbox360 CPU rather than plaintext in the executable.

    3. Re:Pointless by Hast · · Score: 1
      Since the Xbox 360 used an MS-made CPU, I would wager that the key is on the CPU itself.

      From what I've read this is the case. Actually the CPU has a crypto engine on it so all verification is made on chip. That will make it very hard to extract the keys from the machine.
    4. Re:Pointless by necro2607 · · Score: 1

      Please read: http://games.slashdot.org/comments.pl?sid=172301&c id=14354694

  51. Just tried it. No go. by THESuperShawn · · Score: 5, Informative

    I just changed one digit with a hex editor and re-burned the iso. The change was in Call of Duty. It no longer plays. The other demo's play just fine. No error message, it just locks up with a blank screen.

    I am going to try again to verify. I will know in about 20 minutes.

    --
    Repant. Thy end is sheer.
    1. Re:Just tried it. No go. by THESuperShawn · · Score: 4, Informative

      Same result with King Kong. It will not load the game, it just freezes. Everything else (non modified) still works.

      --
      Repant. Thy end is sheer.
    2. Re:Just tried it. No go. by THESuperShawn · · Score: 4, Informative

      Last one..getting tired...

      I was able to remove three files and everything still boots.

      Draw your own conclusions from these three tests. I guess the only other thing I left out was trying to replace a movie file. Maybe tomorrow, I have lost my enthusiasm tonight.

      In other news, I finally finished the war in Call of Duty 2.

      --
      Repant. Thy end is sheer.
    3. Re:Just tried it. No go. by THESuperShawn · · Score: 1

      OK, so I wanted to try something else...

      I replaced a movie file and it played the new movie file without any problems. That was pretty interesting as I did not think it would work.

      Is there anything else anyone wants tested? I am running out of ideas here. It looks like this disc is "nothing new", just signed exe files on a non-flagged disc. I don't think this disc is going to help anyone understand how the files are signed.

      I am considering sniffing a download from Xbox live and comparing the executables with the ones on the cd. I am wondering if the files from Xbox live will work on other media types besides the Xbox hard drive...

      --
      Repant. Thy end is sheer.
    4. Re:Just tried it. No go. by FryingLizard · · Score: 1

      Thanks man, that is exactly the kinda concrete answer that was needed to lower the noise level. ;-)

      --
      [FrLz]
  52. Re:Double standards by Geoffreyerffoeg · · Score: 1

    In clearer words: Yes, it's still illegal to copy [almost all] ISOs, but since Microsoft knew how heavily the original Xbox was cracked, if they made a way for the Xbox 360 to boot from a DVD-R, then they don't have anyone to blame if people use this to hack the Xbox.

    The dog was still wrong for eating your food, but that's what dogs do, so you should have "played hide the salami" (as Howard Dean would put it). The crackers were still wrong for trading warez, but that's what crackers do, so you should've put some copy protection.

  53. Cracking the executable is NOT the point here by Rolman · · Score: 4, Interesting

    People here talking about the executable still being signed and thus not hackable are terribly missing the point.

    Team Pi notes that the DATA FILES are not protected. That means that content can be changed and thus the signed executable could be hijacked into loading unsigned code.

    This is nothing new. It's exactly what happened in the old Xbox and the game 007: Agent Under Fire. Someone hacked a savefile, which exploited a buffer overrun on the PERFECTLY SIGNED executable from the game and enabled unsigned code (Linux, or a backup game if that's your intention) to run WITHOUT ANY MODCHIP.

    You just need a Memory Card to load the hacked savefile from, and the original, signed, protected game.

    Team Pi is suggesting that the same idea is possible here, and that's the reason why this ISO is being distributed.

    --
    - Otaku no naka no otaku, otaking da!!!
  54. homebrew code != bootleg games by hyperbotfly · · Score: 1

    Ok. The scene now has:
    1. The ablitiy to dump data from Xbox disk into ISO
    2. A damn good understanding of media checks (thanks to this) which will help enterprising individuals be able to hack . these dumped ISOs to play when on burned on standard media.

    Great! Not that this doesn't help the homebrew/linux sceen, but is MUCH more significant to being able to pirate/bootleg games! Wow! Turns out that the M$ "content protection" sceme was more focused on locking out linux/homebrew than it really was about anti-priacy! Not surprising from a company renowned for their unlawful anti-competitive practices.

  55. Running unsigned code by PaladinAlpha · · Score: 2, Insightful

    Given that the data files are unsigned, freely modifiable, and given MS's history of exploits in pure data (and MS-made code-data hybrid) formats, it seems likely a buffer exploit will be relatively easy to insert into the datastream. Heck, given the Windows-autolaunch mentality it wouldn't suprise me if you could just replace the video file with an executable by the same name. *grin*

  56. I wonder by kyoko21 · · Score: 1

    I wonder if MS really screwed up or if they did this for a reason ...

  57. You will have to eat those words right now. by patrixx · · Score: 1

    The demo disk contains a movie player and the data files is not signed, so you can replace a video file with one containing the said horse part. I do not think anyone will bother however just to prove you wrong.

  58. Actually... by necro2607 · · Score: 1

    "Not a big deal. It's still encrypted and signed -- the hypervisor still won't run it if a single bit has been altered."

    Actually...

    Team Pi also notes that the all datafiles on this disc isn't signed in any way, and will allow for extensive modification for producing exploits to further our efford to hack this box!

    1. Re:Actually... by SyncNine · · Score: 1

      Please note -- the DATA files are not encrypted or signed. The executables still are. Yes, you can change the .WMV file all day long, but what purpose does that serve? Unless someone finds a flaw in the way that a Microsoft device plays HDWMV, (which is possible, I guess) all you can do is make a video of you pointing at a horses ass and shouting 'SyncNine'. Still can't run unsigned code.

      Let me re-phrase my challenge to something a little more worthy:
      When someone uses this DVD as a base for writing code that executes directly on the Xbox360 and displays a static image (read: doesn't use existing code and change an unprotected data file, because that's stupidly easy and absolutely NOT a proof of concept) of a horse's ass with an arrow pointing to it that says "SyncNine", I will concede defeat.

      I'm not saying the X360 is unhackable, just saying that this isn't the bane of MS's console security like everyone is playing it up to be.

      Anyways.

      --
      To the darkened skies once more, and ever onward.
    2. Re:Actually... by necro2607 · · Score: 1

      Well, that's the thing. Someone very well may come up with a way to exploit one of the 5 or so game demos on the disc, by making unexpected edits to the data files that these games load. I don't have the disc myself so I don't know if they're playable demos or just trailer-style movies, but if they are playable I'm sure there's a lot more than just Windows Media files being loaded ;)

  59. Re:No breakthrough here? Incorrect! by necro2607 · · Score: 1

    Everyone seems to be missing the point here.

    It's not the fact that you can burn this stuff to CD/DVD-R. We all already knew about the downloadable emulator update from the xbox.com site that you can burn to disc and run on the 360 and everything.

    The point is that this demo disc loads unsigned/unprotected data files (although whether any of the game demos verify these files to any extent is currently unknown). I'm sure everyone heard about the vulnerability in Windows' GDI+ JPEG processing. It's a prime example of supposedly innocent data files being far from "innocent".

    It's 100% possible that someone out there will find a vulnerability to exploit in one of these what, 5 or 6 game demos? Don't even try to tell me that you think every programmer on every one of these development teams produces bug-free code.

  60. Grammar by Icephreak1 · · Score: 1


    The disc contains playable demo's on the disk such as Call of Duty 2, which could also be hackable, as PI speculates.

    When will you kids learn that plurals are not formed with apostrophes followed by the letter 'S'?

    - IP