Slashdot Mirror

← Back to Stories (view on slashdot.org)

Xbox 360 Kiosk Demo Spurs Hackers

Posted by Zonk on from the i-wish-i-had-that-kind-of-free-time dept.

An anonymous reader writes "Those hackers from team PI have released the Xbox 360 experience kiosk demo disc as an ISO. They say this demo contains no media protection and therefore it will run on the Xbox 360 when burned to a DVD-R disc. The disc contains playable demo's on the disk such as Call of Duty 2, which could also be hackable, as PI speculates."

11 of 229 comments (clear)

  1. Not suprising... by Ruff_ilb · · Score: 5, Insightful

    But -

    Won't we have demo disks released soon enough? I doubt OXM, among other publications, will pass up on making demo disks.

    Besides, can't demos and media be downloaded from Xbox Live as is? I didn't get my hands on a 360, but this is what I've heard.

    --
    http://www.TheGamerNation.com/Forums
    1. Re:Not suprising... by SScorpio · · Score: 5, Informative

      From what I saw on the magazine rack, OXM is already offering a disk with playable Xbox 360 demos. What is getting the hackers excitied is that the files on the demo disk are not encrypted, and they are signed to boot from seemingly any type of media. This disk can is going to be used by hackers to determine how the 360 authorizes a game to be booted and with what kind of media. They can know figure out what signals are different and produce a modchip that will allow backups to run. This is the second step in opening up the 360 to run any code. The first was figuring out the format files are laided out on the disk with, and this was cracked and reported on earlier.

    2. Re:Not suprising... by matth1jd · · Score: 5, Informative

      There have been demo disks circulating for sometime (also media check free). So while these demo discs may have no media checks that doesn't mean that the executables are not signed.
       
      As I understand it the media check basically lets the 360s hypervisor know what media the executable is allowed to run from. Demos do not have these media checks as they may be downloaded and run from the hard disk, or run from DVD.
       
      Obviously only signed code was intended to be run on the machine, the absence of a media check does not mean the executable isn't signed. In fact anyone would be incredibly naive to think that the executables were not unsigned.

      All in all I don't think we're any closer to modding the 360. This hacker group also released an Xbox 360 iso extraction tool which amounted to nothing. It turned out that any of the existing Xbox iso extraction tools could do the exact same thing. It's just alot of smoke and no fire.

  2. And let the games begin by EvilGoodGuy · · Score: 5, Interesting

    Now they just have to figure out how the demo disk becomes playable, use it as a boot disk, and poof, free games for everyone. :) I might be buying a 360 sooner than I thought...

  3. Quite an achievement... by Anonymous Coward · · Score: 5, Funny

    Quite an achievement making an ISO of an unprotected DVD.

    We all bow down to the superiority of the hacking skillz of said release group. I am composing some ASCII art of a very large penis in your honor that you can use in your nfo file.

    1. Re:Quite an achievement... by SyncNine · · Score: 5, Interesting

      Urban Legend. Gamecube discs do not default to being read from the outside in -- depending on the game and manufacturer/producer of said game, the game's bootstrap code or loader or whatever you want to call it can be as far as 3/4 of the way to the end of the disc. But it still doesn't read from the outside in. It pops the end of the disc on boot to get the game's boot code, then hits back to the center like any other CD/DVD reading device.

      To address the entire topic of this conversation, this 'achievement' doesn't mean crap. There is no *exploit* that allows this disc to boot. Whoever pressed it intentionally left off the media check -- thus allowing it to be played as downloaded from Live or on DVD. Not a big deal. It's still encrypted and signed -- the hypervisor still won't run it if a single bit has been altered.

      I don't know about you, but I don't think my computer has enough spare CPU cycles in the next 100 years to crack the digital signing.

      An exploit would be these people releasing the same DVD image that self-boots but has different content. But they can't. Because the 360 won't run it.

      Just think about what people are inferring here. Microsoft, tremendous software goliath, pioneers new Xbox360 system that they claim is 'unhackable'. They have learned from their mistake with the Xbox and have actually taken many steps to make sure the system is as hard to hack as possible. 20 days after its release, they accidentally post an un-protected ISO on their website, allow production facilities to produce un-protected DVDs, and allow hackers to have full reign over their console.

      Does this sound odd to anyone else? They wouldn't release these things if they didn't think (whether or not they're correct) that it had absolutely no gain to the hacker community. They're not going to help the hackers crack this system -- they have absolutely no gain from doing so. They lose money on each console, do you really think that's all they want you to buy? It doesn't work that way. This wouldn't have been released the way it was unless MS approved it -- there is a 99.95% chance that if they approved it, there is no way of hacking it.

      I'd like to be proved wrong here, but until someone makes a DVD iso for the Xbox360 that opens up to a picture of a horse's ass and an arrow pointing to it that says 'SyncNine', I'm going to have to think I'm correct.

      --
      To the darkened skies once more, and ever onward.
  4. No exploit here... move along by rminsk · · Score: 5, Interesting

    The executables as still signed. It is common for supporting data files to be un-signed. The executable usually does a hash check on its datafiles to make sure they haven't been messed with. It seems like everyone jumps on every little thing about the inner workings of the XBox 360 as a major exploit. The sensationalism is just getting boring.

  5. Re:No DRM == license to copy freely? by taskforce · · Score: 5, Insightful
    No, it just allows you the fair use you were originally granted before the DMCA was put in. Copyright law still applies to everything you get, it's just that unlike making a backup of a CSS protected Video DVD, you can make a backup of this unprotected demo disk beucase you didn't have to break encryption.

    However, becuase of the very nature of this disk (restricted kiosk) it is unlikely that 99% of people will be able to make backup copies of it under fair use.

    --
    My 3D Texturing Skinning work (under construction)
  6. Hey, y'know by FryingLizard · · Score: 5, Interesting

    Will someone here with a 360 and a spare half hour go get the aforementioned warez, and burn two copies - one with a single byte modified in one of the executable files?

    Actual results posted here would be oh so welcome.

    --
    [FrLz]
  7. No breakthrough here by Smarty2120 · · Score: 5, Insightful

    If you try the 360's demo downloading capability, you know that it can run downloaded content. I haven't sniffed the data stream myself, but encrypted connections slow servers down quite a bit and it's doubtful that xbox live servers even use them for content download on the order of a 500MB demo. Those binaries are signed just like the demos on the discs which can be burned. By signing the binaries, they don't need to worry about how the code got on the xbox. DVD-R, download, remove hard drive->write binary->reinstall hard drive, iPod, it doesn't matter a bit. If it doesn't execute binaries that aren't signed by microsoft's private key, it doesn't matter how you give it the binary, it won't run it. This is a non-story. Unless someone steals or or breaks microsoft's private key, this is gonna need a hardware hack at minimum.

  8. Just tried it. No go. by THESuperShawn · · Score: 5, Informative

    I just changed one digit with a hex editor and re-burned the iso. The change was in Call of Duty. It no longer plays. The other demo's play just fine. No error message, it just locks up with a blank screen.

    I am going to try again to verify. I will know in about 20 minutes.

    --
    Repant. Thy end is sheer.