×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Xbox Hypervisor Security Protection Hacked

samzenpus posted more than 7 years ago | from the they're-in dept.

XBox (Games) 232

ACTRAiSER writes "A recent Post on Bugtraq claims the hack of the Xbox 360 Security Protection Hypervisor. It includes sample code as well." From Bugtraq "We have discovered a vulnerability in the Xbox 360 hypervisor that allows privilege escalation into hypervisor mode. Together with a method to inject data into non-privileged memory areas, this vulnerability allows an attacker with physical access to an Xbox 360 to run arbitrary code such as alternative operating systems with full privileges and full hardware access."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

232 comments

That's Because... (0)

mfh (56) | more than 7 years ago | (#18189080)

... the wow is NOW! Or at least it's gonna mean wallhax ftw! (the bastages)

Re:That's Because... (4, Interesting)

TubeSteak (669689) | more than 7 years ago | (#18189166)

Oct 31, 2006 - release of 4532 kernel, which is the first version
containing the bug
Nov 16, 2006 - proof of concept completed; unsigned code running in
hypervisor context
Nov 30, 2006 - release of 4548 kernel, bug still not fixed
Dec 15, 2006 - first attempt to contact vendor to report bug
Dec 30, 2006 - public demonstration
Jan 03, 2007 - vendor contact established, full details disclosed
Jan 09, 2007 - vendor releases patch
Feb 28, 2007 - full public release
Patch Development Time (In Days): 6

Does MS force updates for things like this?

Re:That's Because... (5, Informative)

Kalriath (849904) | more than 7 years ago | (#18189224)

Does MS force updates for things like this?
Yes. As soon as your XB360 attempts to connect to Live (which even without you paying, it will do if you signed up for it) it will demand you update or it will disconnect you (which with Live-connected dashboard accounts signs you out of your local XB360 profile too)

Blue Pill time. (2, Interesting)

Ungrounded Lightning (62228) | more than 7 years ago | (#18189830)

Does MS force updates for things like this?

Yes. As soon as your XB360 attempts to connect to Live (which even without you paying, it will do if you signed up for it) it will demand you update or it will disconnect you (which with Live-connected dashboard accounts signs you out of your local XB360 profile too)


Any bets on whether code running in hypervisor mode can create a virtual machine environment where the updated Microsoft code can think it's running the show when it's actually king of a sandbox?

Re:Blue Pill time. (1, Informative)

Kalriath (849904) | more than 7 years ago | (#18189992)

Well, that depends. Is there code embedded into the processor to watch for "code tainting"? It's probable that there might be... to prevent you from using third party utilities on Xbox Live. If such is the case, your Xbox might survive, but your hardware ID gets an instaban from XBL.

Longer than I thought (1)

kir (583) | more than 7 years ago | (#18189090)

That actually took longer than I thought. I still like my Xbox Media Center Xbox original better.

Re:Longer than I thought (1)

lmnfrs (829146) | more than 7 years ago | (#18189162)

An Xbox with XBMC is great but an Xbox360 with XBMC360 would be able to play HD resolution media, something the Xbox can't do properly.

Re:Longer than I thought (1)

Breakfast Pants (323698) | more than 7 years ago | (#18189756)

It can with a minor, and very cheap, cpu upgrade.

Re:Longer than I thought (1)

Andy Dodd (701) | more than 7 years ago | (#18190220)

Um, cheap? Pentium 3 CPUs aren't made any more, and will likely be extremely expensive if you can find one.

Also, even the fastest P3 can't play back HD without hardware acceleration, and the video hardware in the Xbox is likely not HD-capable.

Re:Longer than I thought (1, Insightful)

Anonymous Coward | more than 7 years ago | (#18190516)

The video hardware on the Xbox is HD capable. The main problem with a CPU upgrade is that many games were programmed assuming that all Xboxes run at the same speed. Some of those games go wacky with faster CPUs.

Play HD Content (1)

mrops (927562) | more than 7 years ago | (#18190740)

Now if we can get media centre running on the 360, wonder if it can handle HD content playback. Original Xbox Media Centre refuses to play and HD content, the PIII 733MHz CPU is not fast enough to handle it.

Due to this limitation I set up a ubuntu/mythtv box, but somehow I still like XBMC better. I usually keep my content on my XP PC due to large storage on it and XBMC pulls it quite nicely. Not saying mythtv does not, but somehow I find using the game controller on xbmc more convinient to use.

Yes. (5, Funny)

TJ_Phazerhacki (520002) | more than 7 years ago | (#18189112)

All well and good, but....


Will it run DOOM?

Re:Yes. (1)

gblues (90260) | more than 7 years ago | (#18190216)

You can run DOOM on your Xbox 360 without hacking it. The complete game is on Xbox Live Arcade for like $5 in MS points.

huh? (4, Funny)

User 956 (568564) | more than 7 years ago | (#18189130)

A recent Post on Bugtraq claims the hack of the Xbox 360 Security Protection Hypervisor.

Is that like some primitive version of what Geordi Laforge wears?

Re:huh? (0)

Anonymous Coward | more than 7 years ago | (#18191202)

I think my cousin wears one while playing poker. It's green too!

He doesn't care much for escalating privileges though.

Sweet (0)

Sir_Real (179104) | more than 7 years ago | (#18189138)

I hope this works out as well as the xbox linux stuff did. I sure would LOVE to have a 1080p capable hd-dvd playing media center for under $400.00. Are HD-DVD drives even available for that?

I hear the thing even plays games!

Re:Sweet (2, Informative)

JebusIsLord (566856) | more than 7 years ago | (#18189206)

Weird... i'm using mine for exactly that, and without any hacks! (Yes, it does have to work as an extender, but anyone who isn't impressed by Windows Media Center hasn't used it yet. No I'm not an astroturfer).

The 360 is easily the most exciting console I've owned since the PSX, given all it can do. I don't even have cable hooked up to my 1080p TV - its basically just a monitor for my 360.

No, I guess this wasn't a very informative post... i mostly just wanted to give MS props for doing at least something right. You know; compliment before you criticize.

Re:Sweet (1)

Ender77 (551980) | more than 7 years ago | (#18189438)

I don't know, I wish they would do what XBMC does and play any video format instead of just DRM WMV. If they would do that the 360 would be perfect. At the moment it feels crippled in that one regard.

Re:Sweet (1)

JebusIsLord (566856) | more than 7 years ago | (#18189556)

My understanding (although I haven't tried it) is that any audio or video you can play on the host PC can be streamed to the xbox. At least I'm happily playing my FLAC audio files through my 360... I assume video is the same but could be wrong.

Re:Sweet (1)

EvlG (24576) | more than 7 years ago | (#18190394)

Your understanding is incorrect.

The 360 can only play WMV and MPEG2 - it can't just play any of the files playable on the host PC.

Re:Sweet (1)

Wescotte (732385) | more than 7 years ago | (#18189580)

I don't know, I wish they would do what XBMC does and play any video format instead of just DRM WMV. If they would do that the 360 would be perfect. At the moment it feels crippled in that one regard.

While it's not a perfect solution you can use tools like http://www.tversity.com/home [tversity.com] or http://runtime360.com/category/blog/transcoding/ [runtime360.com] to convert just about any media file into WMV in realtime to stream over a network.

Eric

Re:Sweet (1)

Osty (16825) | more than 7 years ago | (#18191050)

I don't know, I wish they would do what XBMC does and play any video format instead of just DRM WMV.

Just to clarify, the WMV files don't have to have DRM, though it's true that the 360 can only play WMV files (for the moment? Who knows if Microsoft will ever release a video codec pack?). In the meantime, you can transcode your videos and stream that to the 360 instead. It's not a perfect solution, but it is a solution.

Re:Sweet (0, Flamebait)

Froster (985053) | more than 7 years ago | (#18189572)

If you are impressed with an extender, then you must not have tried XBMC :). That program was in itself impressive enough to me to cause me to end a boycott of (then) new consoles, and to buy a modchip the day I bought my XBOX. I haven't played a game on my XBOX in weeks, but I use XBMC almost daily. I use my older desktop computer with MythTV to record TV from cable, and access it with the XBOX in my living room. I know that an extender can do all these things as well, but I can also stream virtually anything that I download online, listen to web radio, download movie trailers from Apple, among other things. The only way that it could be better would be to allow for easy streaming of music from an iPod.

Re:Sweet (3, Informative)

SP33doh (930735) | more than 7 years ago | (#18189336)

under $400?

you have to pay extra for the HD dvd drive...

Re:Sweet (0)

Anonymous Coward | more than 7 years ago | (#18189906)

At least you have the choice.

Re:Sweet (0, Flamebait)

SP33doh (930735) | more than 7 years ago | (#18190424)

oh get out sony hater. I don't own a PS3 but come on, you people are pissing me off so much, you god damn bandwagon f*ckers.

Re:Sweet (1)

Kalriath (849904) | more than 7 years ago | (#18189642)

Maybe it would, if it weren't already patched. Typical /., reporting on a bug which was fixed two months ago.

Re:Sweet (1)

ZX3 Junglist (643835) | more than 7 years ago | (#18190636)

Hey crybaby, Xbox 360 Hypervisor Privilege Escalation Vulnerability Feb 27 2007 11:14PM Anonymous Hacker (anohacker googlemail com) It's day old news, not 2 month old news.

oblig (1)

mastershake_phd (1050150) | more than 7 years ago | (#18189152)

Does it run Linux......yet?

Re:oblig (-1, Troll)

Savior_on_a_Stick (971781) | more than 7 years ago | (#18190028)

Why would you want linux on an xbox? Bragging rights?

pffft....

Who cares?

Turning a nice gaming console into a mediocre desktop is pointless.

Re:oblig (1)

Mad Merlin (837387) | more than 7 years ago | (#18190290)

Probably something to do with it being a 3x 3.2 Ghz gaming console that costs much less than a comparable PC. It turns out that computers are useful for more than just playing games.

Re:oblig (0)

Chandon Seldon (43083) | more than 7 years ago | (#18190576)

I'm not sure if a 3-core striped down PPC system with 512 megs of RAM is really that interesting. Sure, it's got one more core than any desktop PC you can get in that price range, but those cores are pretty limited. From what I hear, they don't even do out of order execution - I'd guess they're slower than even a 1.66 ghz Core 2 Duo core.

PCs are pretty cheap. The XBox360's primary claim to fame is the graphics processor. I highly doubt the XBox is a better deal than a cheap PC for any sort of non-game application.

The real question is (-1, Redundant)

Anonymous Coward | more than 7 years ago | (#18189158)

but will it run Linux?

Attacker?? (5, Insightful)

Anonymous Coward | more than 7 years ago | (#18189160)

this vulnerability allows an attacker with physical access to an Xbox 360 to run arbitrary code such as alternative operating systems with full privileges and full hardware access.


Wait. Don't you mean this allows an Xbox 360 user to run arbitrary code such as alternative operating systems with full privileges and full hardware access on the machine they rightfully own ?

How is this an attack, except in the eyes of MS?

Re:Attacker?? (1)

segafreak (721003) | more than 7 years ago | (#18189228)

yeah I've gotta say I'm surprised at these hackers - there is a huge scene dedicated to opening up the xbox 360 to run non-signed code, yet these guys find a way to do it and they report it to MS as a bug! While I appreciate this could be a security issue, its a shame they went straight to MS...

Re:Attacker?? (2, Funny)

Anonymous Coward | more than 7 years ago | (#18190476)

You are hacking your own system - cancel or allow?

Re:Attacker?? (1)

DrJokepu (918326) | more than 7 years ago | (#18189250)

Wait. Don't you mean this allows an Xbox 360 user to run arbitrary code such as alternative operating systems with full privileges and full hardware access on the machine they rightfully own?
How is this an attack, except in the eyes of MS?


I don't know US laws well, but isn't it a DMCA infringement? In that case, it's an attack in the eyes of the jurisdiction of your country.

Re:Attacker?? (0)

Anonymous Coward | more than 7 years ago | (#18189278)

SO TRUE!

Re:Attacker?? (1, Interesting)

Frosty Piss (770223) | more than 7 years ago | (#18189358)

Wait. Don't you mean this allows an Xbox 360 user to run arbitrary code such as alternative operating systems with full privileges and full hardware access on the machine they rightfully own ?

Well, yes, if you can get it to work you can run anything you want on your XBox. Has Microsoft ever said you couldn't? Did they make any legal threats? No, no I don't think so. As much as youmight want to be a martyre for The Cause, the police will not be looking for you simply because you have voided your Xbox warranty.

YOU DON'T OWN "YOUR" XBOX 360 !! (0)

Anonymous Coward | more than 7 years ago | (#18189376)

GET IT!

M$ DOES WHAT THEY WANT WITH IT.

Their patch burned an eFuse in the CPU - you can't revert to an old unpatched kernel anymore. No way.

In some countries that would be called "damage" and M$ would have to pay for it doing so...

Re:Attacker?? (2, Interesting)

TheRealMindChild (743925) | more than 7 years ago | (#18189402)

See my comment here [slashdot.org]

You might think you own it, but SUPRISE, you are licensing it. You probably could have found the completely abiguous statement on that little postcard you threw away.

Re:Attacker?? (1)

asdfghjklqwertyuiop (649296) | more than 7 years ago | (#18190312)

You might think you own it, but SUPRISE, you are licensing it.


Says who? Microsoft? Why do you think that is the case? Because Microsoft said so?

Re:Attacker?? (0)

Anonymous Coward | more than 7 years ago | (#18190428)

licensing depends on the country your in
here if i paid money for it("it" has to be a physical object) then its mine to do with as i please

Re:Attacker?? (1)

Chandon Seldon (43083) | more than 7 years ago | (#18190532)

You might think you own it, but SUPRISE, you are licensing it. You probably could have found the completely abiguous statement on that little postcard you threw away.

It's possible that our world is warped enough that that shit works for software. Having a license agreement to use a copyrighted work that you've bought a copy of at a store is absurd, but there's the outside chance that the courts have bought that bullshit and have set precedents making it legal.

There's no way it works that way for hardware. What's next? Shovels with licenses that limit them to being used only to shovel snow in March?

Re:Attacker?? (5, Informative)

karmatic (776420) | more than 7 years ago | (#18191206)

Quoth the parent: See my comment here.

You might think you own it, but SUPRISE, you are licensing it.


The fact you keep repeating the same wrong information doesn't make it any less wrong.

Adobe made that same claim you are making. It didn't go over well in court. [cryptome.org] It didn't go over too well for Microsoft either (Microsoft Corp. v. DAK Indus). Novell tried that argument, and got shot down too (Novell, Inc. v. CPU Distrib., Inc., 2000 ).

"...the Ninth Circuit held that the economic realities of the agreement indicated that it was a sale, not a license to use."

"... Like Adobe, CPU argued that it purchased the software from an authorized source, and was entitled to resell it under the first sale doctrine. Novell claimed that it did not sell software but merely licensed it to distribution partners. The court held that these transactions constituted sales and not a license, and therefore that the first sale doctrine applied. 2000 U.S. Dist. Lexis 9975 at *18."

"...The Court finds that the circumstances surrounding the transaction strongly suggests that the transaction is in fact a sale rather than a license. For example, the purchaser commonly obtains a single copy of the software, with documentation, for a single price, which the purchaser pays at the time of the transaction, and which constitutes the entire payment for the "license." The license runs for an indefinite term without provisions for renewal. In light of these indicia, many courts and commentators conclude that a "shrinkwrap license" transaction is a sale of goods rather than a license."

"...Ownership of a copy should be determined based on the actual character, rather than the label, of the transaction by which the user obtained possession. Merely labeling a transaction as a lease or license does not control. If a transaction involves a single payment giving the buyer an unlimited period in which it has a right to possession, the transaction is a sale."

"Raymond Nimmer, The Law of Computer Technology 1.18[1] p. 1-103 (1992). The Court agrees that a single payment for a perpetual transfer of possession is, in reality, a sale of personal proper and therefore transfers ownership of that property, the copy of the software. "

So, at least in the US, a one-time payment for a perpetual use of software is a SALE, regardless of what you call it, and rightfully so. They can't change that with a EULA any more than a car dealership could claim you had a one-time lease payment, with a lifetime use period and the right to transfer the lease for free (thus avoiding legal regulations with regards to sale of vehicles). Any reasonable court would rule that such was a sale, not a lease. What you call it doesn't matter.

It's a joke. LAUGH! (5, Insightful)

Ungrounded Lightning (62228) | more than 7 years ago | (#18189454)

Wait. Don't you mean this allows an Xbox 360 user to run arbitrary code such as alternative operating systems with full privileges and full hardware access on the machine they rightfully own ?

It's a joke!

The guy who caught the bug is using techie humor in perfect hacker tradition. He's pretending to take things utterly literally and following them to a redicuilous extreme.

In this case he's doing it by publishing a report of how to crack an Xbox and run an arbitrary OS on it - with complete details on how to replicate it - as a bug report. And he went through the entire procedure:
  - Identify and diagnose the problem.
  - Build a proof-of-concept test.
  - Check it against the latest release (and find the bug still there).
  - Notify the vendor (who ignores the report, as usual).
  - Give him time to respond (which he doesn't).
  - Give a public demonstration.
  - Respond in friendly fashion to the vendor-initiated contact (after the public demo lights a fire), giving him the details of the proof-of-concept.
  - Give the vendor some time to generate and publish a patch.
  - Publish the complete details of the exploit.
He did this just as if it were a bug, rather than a "feature".

Now there is "improved" firmware that fixes the hole. And the complete details are out there. If anybody who actually owns an Xbox who doesn't want to "fix" the "bug" and leaves his firmware backdated, so he can "be exploited by himself" by loading Linux, *BSD, or whatever on his own Xbox, well, that's what he gets for not staying up to date on patch levels.

ROTFLMAO!

Meanwhile the "anonymous hacker" has published (on Bugtraq no less) complete details of how to crack the Xbox (with a backdated firmware load) and run an arbitrary OS on it with full privileges. Yet when it comes to the DMCA he's squeaky-clean. The MAFIAAs and Microsoft have absolutely no claim against him if anybody out there happens to "exploit himself" and use this "bug" to break their "trusted" computing platform.

But there's one thing I don't understand:

Why didn't samzenpus use "The Foot" when he approved this article? B-)

Re:It's a joke. LAUGH! (1)

Kuciwalker (891651) | more than 7 years ago | (#18189616)

One problem with your amusing story: Microsoft did respond with a patch that closed the hole.

Patch... (1)

Ungrounded Lightning (62228) | more than 7 years ago | (#18189758)

One problem with your amusing story: Microsoft did respond with a patch that closed the hole.

So did you install it? Without a way to back out if it broke something? B-)

Re:It's a joke. LAUGH! (0, Troll)

SilentChris (452960) | more than 7 years ago | (#18191430)

"But there's one thing I don't understand"

That's funny, I have something I don't understand either: why bother?

People were using the original Xbox as a media center. I never understood why.

For the amount of money it costs to get an Xbox 360 with an HD, you can build your own media PC with off the shelf parts and run whatever OS you like. You don't have to worry about coding around 3 cores or that the Xbox 360 looks terrible in most home theater setups. You don't have to worry about accidentally updating firmware and crippling functionality. Just build you own box (mine is slim and almost impossible to see), throw a massive HD and tuner card in there and you're done.

People who hack these things have way too much time on their hands -- there's seriously no point in messing around with this kind of crap when you can build a completely "open" (at least more open that Xbox 360) PC for free. (And no, not even for the "really nice video card" -- most people are never going to use it in Linux and there's better cards available for free.

Re:Attacker?? (1)

edwardpickman (965122) | more than 7 years ago | (#18189554)

Not entirely true. They are selling you a machine a radically discounted price for a specific use, gaming. They aren't selling a general use computer. They are ineffect giving you a gaming machine at a bargin price so they limit what you are permitted to do with it to avoid competing with themselves. If most people tried to mod out their game stations to turn them into desktops as well then it could potentially cut into their desktop business and force them to charge full price for the game boxes making the gaming machine unsellable. Most aren't going to the trouble to get an underpowered machine and risk killing an expensive Xbox. Ultimately it's about geeks points and little else. The machines just aren't suitable for a desktop.

Re:Attacker?? (1, Flamebait)

Ash-Fox (726320) | more than 7 years ago | (#18189792)

Not entirely true. They are selling you a machine a radically discounted price for a specific use, gaming.
And they still lock the hardware from letting you use it the way you please

They aren't selling a general use computer.
And? It's still your hardware.

They are ineffect giving you a gaming machine at a bargin price so they limit what you are permitted to do with it to avoid competing with themselves.
Bargain? I can't afford it. Sorry, I have to disagree.

If most people tried to mod out their game stations to turn them into desktops as well then it could potentially cut into their desktop business and force them to charge full price for the game boxes making the gaming machine unsellable.
I thought most people were too 'stupid' to even try another OS other than the one their machine came with and now you're trying to claim they majority could turn their game console into a desktop ..... Hahahahahaha.

The machines just aren't suitable for a desktop.
Yeah, I know. I saw a Dell ad some time ago, this guy wanted to use the machine for 'work' and 'webbrowsing', the phone representative recommended he use a Core duo 2 with 1GB of RAM that comes with Windows XP...

Seems the requirements for Internet Explorer and running Microsoft Office decently are getting a little insane to me... I'd hate to think what they would recommend for Skype.

Re:Attacker?? (1)

Yartrebo (690383) | more than 7 years ago | (#18190328)

Basic economic theory says that it's inefficient to do this - it results in more machines being sold than would be ideal, just like selling printers for a time a dozen encourages people to junk perfectly functional printers while going to great lengths to avoid wasting what should be very cheap ink.

The proper price for the machine is cost + reasonable profit, and the proper price for games is cost + reasonable profit. The legal system should be enforcing that via the anti-trust department, not doing the opposite as they now do.

Re:Attacker?? (0)

Anonymous Coward | more than 7 years ago | (#18190700)

Basic economic theory shows that you have no idea what your talking about. Game consoles have a shelf life, especially when competing against others. So unless you are nintendo and going for the low end of the market with little to no competition the only way to have an affordable high end console is to have a massive player base in order to sell games to minimise development costs. if sony and MS and others previously had been selling at Cost plus profit then there would be no high end console industry. This is not like the printer market, they must sell millions before they can start making a profit. If they went real cost plus profit the actually cost of research and development would make consoles hideously expensive as they would have a reduced audience, You going to pay $1500+ for your console? Government forcing true cost being passed on to the end user here would be to the industries detriment not benefit.

Re:Attacker?? (0)

Anonymous Coward | more than 7 years ago | (#18190472)

How is the parent "insightful"? It's a totally ignorent statement. It only make sense if you are "leet".

Ironically, I might buy one now (2, Interesting)

sdo1 (213835) | more than 7 years ago | (#18189196)

I've been looking to upgrade my media streamer capabilities and the original XBOX can run Xbox Media Center (http://www.xboxmediacenter.com/). I wonder if this means that a 360 version with HD streaming might be forthcoming? I hope so. I've been avoiding getting one because how locked down it is.

-S

Re:Ironically, I might buy one now (2, Informative)

Osty (16825) | more than 7 years ago | (#18190692)

I've been looking to upgrade my media streamer capabilities and the original XBOX can run Xbox Media Center (http://www.xboxmediacenter.com/). I wonder if this means that a 360 version with HD streaming might be forthcoming? I hope so. I've been avoiding getting one because how locked down it is.

You do realize that the 360 can act as a Media Center Extender for Windows XP Media Center 2005 and Vista, right? Also, the 360 can stream music and (with the Fall 06 patch) videos from any "compatible" UPnP media server (technically only Windows Media Connect and WMP11 are supported, but there are apps to do the same on OS X and Linux since all the MSFT apps are really doing is acting as a UPnP media server). Yes, there are codec limitations, but you can transcode on the fly easily enough if you have a powerful enough server.

It just seems weird to me that your killer app is media streaming, but you won't buy a 360 that does that out of the box (or close enough, with the Update). Similarly, if you wanted to develop homebrew games the 360 can already do that with XNA. It has some growing to do still, but expect big things from XNA in the coming months/years. Why would you wait until there's a hack to do that when you could build supported homebrew games already?

Re:Ironically, I might buy one now (1)

pjl5602 (150416) | more than 7 years ago | (#18190798)

It just seems weird to me that your killer app is media streaming, but you won't buy a 360 that does that out of the box (or close enough, with the Update).

But it doesn't do that (at least for me.) I don't have a Vista or Media Center server in the house. I've already got my Linux server set up with all of my content (Ogg Vorbis, MP3, FLAC, Xvid and DVD ISO images) that plays via XBMC on my original Xboxes throughout my house. On Linux AFAIK, transcoding isn't even an option, but if it was, that'd be silly given all of the horsepower of the 360. Why should I need both a beefy server and a beefy viewer on the other end? I would get a 360 with XBMC support in a heartbeat given that the original box's hardware is being pushed to it's limits already.

Please note, that I'm not trying to whine about the need for Vista or XP MCE. It's Microsoft's box and if they want to tie it to their other products, good for them. That's however stopping me from getting one for the moment.

And I do agree that their XNA platform is very cool.

Shhhhhh! (0, Redundant)

AltGrendel (175092) | more than 7 years ago | (#18189204)

No one tell Microsoft!

Re:Shhhhhh! (0)

Anonymous Coward | more than 7 years ago | (#18189276)

Too late.

A masked guy showed a modified XBox 360 on 23C3 in Berlin last year. It was said that he contacted M$ before but they didn't react. After the demo (which could be found on YouTube...) M$ did an non reversible update of the XBox 360 burning one "eFuse".

Too bad for those damaged XBox 360 owners - if you knew before they could have prevented this eFusing by removing an resistor on the mainboard and thus being able to use the hack to run linux or macos...

But XBox 360 owners don't deserve no different than big brother technology...

They already did (0)

Anonymous Coward | more than 7 years ago | (#18189296)

As the bugtraq link shows, the reporter got in touch with Microsoft and the current version of the firmware no longer has this vulnerability.

was it really "patched"? (1)

NinjaNewb (1020821) | more than 7 years ago | (#18189222)

from the article

"Vendor was notified anonymously, and after cordial discussions a patch
was promptly released."

was it really "patched"?

How Useless. (4, Interesting)

Rdickinson (160810) | more than 7 years ago | (#18189254)

"Bug was fixed in version 4552 (released Jan 09, 2007 - not a
Patch Tuesday)."

Fixed already for most people , anyone who's connected to xbox live.

I'm not sure why there still protecting the system like they are though, 'backup' games are already rife due to hacked DVD rom firmware (which they seem to be unable to back fix), so why not let it run arbitary code, didnt hurt the xbox 1?

Re:How Useless. (2, Insightful)

Anonymous Coward | more than 7 years ago | (#18189370)

They need content providers to trust the platform.

Re:How Useless. (1)

smaddox (928261) | more than 7 years ago | (#18189522)

AFAIK Microsoft still hasn't made a profit off of the Xbox 1. I don't have any sources to prove it, but that was the impression I had.

They need to sell software to make money. Hardware is not where the profit is.

Re:How Useless. (1)

Rdickinson (160810) | more than 7 years ago | (#18189594)

How is that relevant?

Yes they make money on sales - 360 costs about what it sells for now, xbox1 was always a looser(financialy also..:P) - sales they make money on are games, add ons (controlers etc) and live stuff.

The 360 is [i]already[/i] compromised in its chief money making area, new games, you can play illigal copies with hacked DVD roms, this should have been the primary area of security, but as normal what security is left only hurts the law abiding people (no multie region dvd player, no linux, no arbitary homebrew etc).

Re:How Useless. (2, Interesting)

Osty (16825) | more than 7 years ago | (#18190622)

Yes they make money on sales - 360 costs about what it sells for now, xbox1 was always a looser(financialy also..:P) - sales they make money on are games, add ons (controlers etc) and live stuff.

That's "loser". And the original Xbox was expected to lose money. It was a mostly-off-the-shelf console built quite quickly (approximately a year from initial design to ship, compared to the 360 that was in design for 3+ years before shipping) in an attempt to break into the market following the Sony-style loss-leader method.

The 360, on the other hand, was designed as a purpose-built console, with contracts in place to allow Microsoft to own the IP of the chips, thus allowing them the opportunity to farm out chip manufacture to lower cost partners, or even consolidate chips at a later date. While it's unclear whether or not the 360 is currently breaking even or making a profit on console sales, it's safe to say that this will happen eventually, and probably sooner than later.

The 360 is [i]already[/i] compromised in its chief money making area, new games, you can play illigal copies with hacked DVD roms, this should have been the primary area of security, but as normal what security is left only hurts the law abiding people (no multie region dvd player, no linux, no arbitary homebrew etc).

Except that hacked consoles are detectable on Live and can be blocked from participating in online gameplay as well as access to the Marketplace (no updates for games, no demos or trailers, no XBLA access, etc). Xbox 360's biggest draw is the pervasive support of Xbox Live. Halo 2 is still selling very well today, over two years later, due to its Live support. Games like Gears of War or Crackdown are fun in single player but are even better when you can team up with a friend and play co-op. Some small percentage of people may be willing to trade off Live support in order to get free games. The bread-and-butter core market isn't going to go there.

Re:How Useless. (1)

garcia (6573) | more than 7 years ago | (#18189542)

Exactly, it should say "XBox Hypervisor Security Protection Hacked in November and Patched in January" but that wouldn't make for a very good Slashdot headline and no one would read the comments^H^H^H^H^H^H^H^Harticle.

Re:How Useless. (1)

cgenman (325138) | more than 7 years ago | (#18189730)

Online cheating?

E-commerce?

Because it's easier to stop the end user from discovering weaknesses in your protection schemes if they can't run arbitrary code?

Because if you could run arbitrary code, people wouldn't need to pay licensing fees to MS to release games on the Xbox 360?

Re:How Useless. (3, Interesting)

Sycraft-fu (314770) | more than 7 years ago | (#18190098)

While I'm sure there are also more draconian reasons, a simple one is cheat prevention. Cheating is always a big problem with online games since you end up having to trust the client to some degree to get reasonable performance. It's a nice idea that everything would e done server side, but you find that the latency and bandwidth of normal Internet connections make such a thing unworkable.

Well, one thing that sure as hell makes cheating hard is requiring signed code and not allowing it to be modified. Have a hell of a time getting around that.

I have a couple friends who are both PC and console gamers and one thing they say they really like about shooters on their 360 is the absence of cheaters. On the PC it seems to be a game of cat and mouse. The cheaters find a way to screw with things, the anti-cheat software is updated, they find a way around that, etc. I remember back in the Quake 2 days it was just continuous. You'd get jerks with the latest, greatest aimbot, then the servers would update the anti-cheat, they'd all disappear, until the next one came out.

From the article... (4, Informative)

non0score (890022) | more than 7 years ago | (#18189256)

Sadly, unless you haven't updated your machine in the last two months, this wouldn't matter as MS has already patched it. As for those of you with an "unpatched" kernel, let's just say this is like v1.5 PSPs.

Re:From the article... (1)

fyrewulff (702920) | more than 7 years ago | (#18191334)

Not really. It didn't affect Xbox360s before October 31st. So, the only way to have an "open" 360 is to have: 1) Bought a 360 before October 31st. 2) Have updated your 360 on or shortly after October 31st. 3) Have never signed into Live since January 9th or so (unlikely, since that was shortly after Xmas and a lot of people that fell into #1 and #2 would have more than likely been playing a game they got for Xmas) If you buy a 360 now, they still have the unaffected launch dashboard/BIOS/whatever. And the only way to patch them up is to get the cumulative patch up to this point. Any 360 they sell after this point is safe, and all 360s that signed on to Live since Jan 9 are also safe, which leaves a very small section of 360s that still have this exploit.

Timelines for Vulnerability Fixes (5, Interesting)

lmnfrs (829146) | more than 7 years ago | (#18189268)

Timeline:
..
Jan 03, 2007 - vendor contact established, full details disclosed
Jan 09, 2007 - vendor releases patch
..
Patch Development Time (In Days): 6

Interesting to compare timelines affecting Microsoft's users to timelines affecting Microsoft's control schemes.

Re:Timelines for Vulnerability Fixes (5, Insightful)

Ent (88363) | more than 7 years ago | (#18189388)

I imagine the quick response had more to do with a smaller test/compatibility matrix than anything else.

Much easier on a console (1)

Sycraft-fu (314770) | more than 7 years ago | (#18190076)

They don't have to test against nearly as much. Part of the problem with OS patching is you have to test to make sure your patch doesn't break anything else, since a whole lot relies on it. Releasing a patch early that screws up is almost worse than releasing no patch at all. With a console, there's little that runs. A very basic OS and only a single 3rd party app at a time. Much less work to do to check it.

MacOSX (1)

dasmoo (1052358) | more than 7 years ago | (#18189270)

Could this be a cheap way to get a nice small G5? Somehow I doubt that it'll run anything other than pirated games a some *nix.

the future? (1)

toby1 (998516) | more than 7 years ago | (#18189486)

so if this opens the possibility of "arbitrary code" i guess that means only days until someone is running slackware on their 360. someone has already mentioned the updates through xbox live so i guess it's all over now. i do not have a 360, so forgive me if this is a silly question, but are these updates optional? i understansd the psp situation where there was no requirement to update the BIOS but newer games were not guaranteed to work with older versions .. same deal here perhaps? more interesting would be the option of running something like bootcamp and making great use of the hardware. but i'm biased cos i like osx ...

Re:the future? (1)

Chmcginn (201645) | more than 7 years ago | (#18189750)

Well, they're optional in the sense that you don't ever have to connect the 360 to XboxLive if you don't want... however, most of the games I've gotten for my 360 have brought up a "this game requires an update to your 360's software to play" message the first time you put it in. So unless you're intending to stop using any of the console's games (or at least any newer than the patch for the hack you're using), you're going to get stuck.

now i've got a reason too buy a 360 (1)

sirmonkey (1056544) | more than 7 years ago | (#18189512)

now i've got a reason too buy a 360 :-) i was waiting 360 or ps3. let me restate that ps3 with full hardware access, or hacked 360(full hardware access implied). woohoo now i'll be able to play halo 3 at my house. ( i'm not going to own a system for one or two games )

Re:now i've got a reason too buy a 360 (1)

jmorris42 (1458) | more than 7 years ago | (#18190470)

> let me restate that ps3 with full hardware access, or hacked 360(full hardware access implied)

No. The PS3 also uses a hypervisor to keep Linux out of things Sony doesn't want you to touch. They allow basic framebuffer access, including direct YUV video modes at all of the popular HD resolutions. But 3D is reserved for PS3 games who pay their percentage to Sony. Hard drive access is also regulated to keep Linux inside the portion of the drive reserved for it.

On the other hand this hack for the 360 is useless. To make use of it means you have to abandon ANY use of the hardware as a game console (or at least never connect it to Live again) and even that assumes a sufficient supply of machines with that narrow band of revision numbers can be located to have a critical mass to create and sustain a Linux port.

Re:now i've got a reason too buy a 360 (1)

sirmonkey (1056544) | more than 7 years ago | (#18190570)

never connected my xbox to xbox live, and used the heck out of it as a mythfrontend and htpc :-) now i have a sneaky replacement that isn't a big ugly pc case :-) welll mabye there isn't a set of tools yet. i kinda wish the computer gods cracked the ps3 first i'd like the bluray drive oo well.

Re:now i've got a reason too buy a 360 (2, Interesting)

tlhIngan (30335) | more than 7 years ago | (#18190662)

No. The PS3 also uses a hypervisor to keep Linux out of things Sony doesn't want you to touch. They allow basic framebuffer access, including direct YUV video modes at all of the popular HD resolutions. But 3D is reserved for PS3 games who pay their percentage to Sony. Hard drive access is also regulated to keep Linux inside the portion of the drive reserved for it.


Yes, we really need a crack for the PS3's hypervisor. I believe it's similar to VMWare - Linux on the PS3 runs under a highly virtualized environment - not only can Linux not access the RSX, but it can only touch the stuff Sony wants touched (e.g., no wifi). The Linux partitioning is transparent to Linux (i.e., you can't access the "Game OS Partition" - Linux just sees its partition as a blank disk), and the hypervisor presents incomplete SCSI emulation of the 6 storage devices (hard disk, 4MB of flash memory, blu-ray drive, SD, CF and memory stick slots).

The emulation is so incomplete, if you have a bad block somewhere, the hypervisor returns an I/O error without reporting a media error. Makes for interesting times when your filesystem suddenly goes read-only for no apparent reason (you don't get anything logged other than "I/O Error" and "Filesystem is read-only", no media sense errors...). I think this is testing codepaths in Linux that really couldn't be tested since the errors they handled would be caught earlier...

The things that the hypervisor doesn't let you do:
* RSX access, obviously
* WiFi adapter
* Full access to Blu-Ray drive
* Full hard drive access
* Full configuration flash access
* Access to the EE/GS hardware

If you want fun, you can boot into Linux without formatting the hard drive - the hard drive doesn't appear at all.

Modchips? (1)

toejam316 (1000986) | more than 7 years ago | (#18190474)

Now then, just wait for the modchips with the old firmware on it pre-exploited to run a new dash, with a on off switch. Flick switch, Homebrew dash! Flip switch, Xbox live! Best of both worlds. As I said, just have to wait :D

Re:Modchips? (2, Informative)

romland (192158) | more than 7 years ago | (#18190952)

Yes, absolutely. But there are some things that need to be dealt with first, one being how to prevent the efuse from being blown (prevents kernel from being downgraded).

Yes! (0)

Anonymous Coward | more than 7 years ago | (#18190714)

I had my 360 connected to the 'net up to January 7th and then disconnected it (heading back to university). Perfect timing!

XBOX360 is a paper weight (0, Troll)

NFN_NLN (633283) | more than 7 years ago | (#18190838)

Just checked and I have 4552. I was holding onto it hoping it would get hacked but my patience is running out. I hardly touch it. I use my XBOX1 a couple times a week but the XBOX360 is junk. The media capabilities are a joke compared to XBMC on xbox.

Great timing (rolls eyes) (0)

Anonymous Coward | more than 7 years ago | (#18191352)

Great, tell microsoft the one way we know how to get into the xbox 360 a few months before microsoft releases the redesigned, cost reduced 65 nm xbox 360....

I would have waited until 1 to 2 weeks after the 360 was released to spread the good news ;)
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...