George_K
06-06-2002, 16:45
The following was found at a news link:
Wednesday, June 5, 2002 - 7:17 am CT
MIT Student Hacks Xbox
Reported by: David Laprad
Source: Reuters
A graduate student at the Massachusetts Institute of Technology said he has found a way to circumvent the security system for Microsoft's Xbox, opening the way for hackers to use it to run competing software. The MIT computer expert also questioned the security behind Microsoft's soon-to-launch online service, Xbox Live, saying hackers could exploit a flaw in the system to identify individual players from their game machines.
Andrew Huang, who recently completed a Ph.D. thesis on supercomputer architecture, wrote a memo May 26 describing his efforts to build hardware that would read the Xbox's internal security system. In the memo, Huang said the Xbox's primary security is contained in what he calls a secret boot block encoded into a media processor chip built for Xbox by Nvidia.
Representatives of Microsoft and Nvidia were not immediately available for comment.
Huang said he had extracted the contents of the boot block by tapping the data path that travels between the media chip and the central processor. By attaching a custom-designed board to that data path, Huang was able to capture the data transmitted between the two chips and manually process it to uncover the secrets contained in the boot block. He said it took a total of three weeks to build his custom board for a total cost of around $50.
Given the particular encryption algorithm used and the decryption key, it would be possible to run unauthorized games and other operating systems on the console, Huang said. Huang also said a colleague of his had discovered a vulnerability in the console's programming that would allow the boot-up sequence to be interrupted so that any code could be run on the system.
Huang in the paper also said he has discovered keys to the identity of the console owner that may be vulnerable through an online connection. Huang said he separately discovered that the console's serial number is stored in its memory - and that the data might be readable by the central operating system.
Wednesday, June 5, 2002 - 7:17 am CT
MIT Student Hacks Xbox
Reported by: David Laprad
Source: Reuters
A graduate student at the Massachusetts Institute of Technology said he has found a way to circumvent the security system for Microsoft's Xbox, opening the way for hackers to use it to run competing software. The MIT computer expert also questioned the security behind Microsoft's soon-to-launch online service, Xbox Live, saying hackers could exploit a flaw in the system to identify individual players from their game machines.
Andrew Huang, who recently completed a Ph.D. thesis on supercomputer architecture, wrote a memo May 26 describing his efforts to build hardware that would read the Xbox's internal security system. In the memo, Huang said the Xbox's primary security is contained in what he calls a secret boot block encoded into a media processor chip built for Xbox by Nvidia.
Representatives of Microsoft and Nvidia were not immediately available for comment.
Huang said he had extracted the contents of the boot block by tapping the data path that travels between the media chip and the central processor. By attaching a custom-designed board to that data path, Huang was able to capture the data transmitted between the two chips and manually process it to uncover the secrets contained in the boot block. He said it took a total of three weeks to build his custom board for a total cost of around $50.
Given the particular encryption algorithm used and the decryption key, it would be possible to run unauthorized games and other operating systems on the console, Huang said. Huang also said a colleague of his had discovered a vulnerability in the console's programming that would allow the boot-up sequence to be interrupted so that any code could be run on the system.
Huang in the paper also said he has discovered keys to the identity of the console owner that may be vulnerable through an online connection. Huang said he separately discovered that the console's serial number is stored in its memory - and that the data might be readable by the central operating system.