Bootable 360 ISO; hackers expectant
Microsoft might have accidentally given hackers the backdoor they need to run unsigned discs. The same group that managed to extract and copy Xbox 360 discs has now discovered a flaw in the PAL version of the Xbox 360 kiosk demo disc. The group, calling themselves Pi, said this, "It seems Microsoft was in such a hurry to get this stuff out that they forgot to set the media protection on the disc. This leaves hackers with the possibility to hack around with this disc from a normal DVDR5 backup!"
Could Microsoft have compromised their entire security system with this one oversight? Will they be able to shut any holes using the Live service to patch consoles?
Read
Reader Comments (Page 1 of 1)
azz0r @ Dec 31st 2005 5:22PM
Quite like the PSP firmware issue this will continue to rage on for many itterations.
The main difference being the Xbox360 always tries to connect to Live and could force users to patch unlike the PSP which gives users the option.
It wont be easy for the hackers.
funnyphreak.com @ Dec 31st 2005 6:13PM
great. I can't wait to play MORE MODDERS on Halo 3. Why don't you guys (pi) just leave well enough alone? What "code" could you really want to put on your 360 that it doesn't have already? Get a life.
Sjohn @ Dec 31st 2005 6:25PM
Really there is about 3 main reasons to run code on a 360, homebrew games, homebrew applications, and piracy. The first two I really enjoy, however normally when you are able to do the first 2 the 3rd comes along with it. I'm the type that has a modded xbox because of the media center functions, however, people like this are always after some type of "fame" I really don't know what kind of fame they can get by breaking multiple laws, but whatever makes them happy. I just like seeing what people can do with a this powerful system, "behind the scenes".
moomer @ Dec 31st 2005 6:30PM
This flaw isn't the same kettle of fish as those initial PSP hacks, as the flaw is with lack of encryption of the disc itself (due apparently to Microsoft's rush to put working machines on shelves). The equivalent on the PSP would be a UMD game with comparable lack of encryption (which do now actually exist), but the real difference in danger is that it's readily and easily possible to reproduce DVDs at home, but virtually impossible to make UMDs. Could you make a bootable UMD? Didn't think so.
azz0r @ Dec 31st 2005 7:14PM
No, I can just store it on a memory stick, much easier.
Matthew @ Dec 31st 2005 7:19PM
Sjohn, there are way more reasons to run your own code on the XBox 360.
One of the most looked forward to is the modding of the Media Center, allowing it to play any format of video, not just WMV. Allowing video to be stored on the HD, allowing USB devices to have their music ripped to the HD, etc. Allowing full functionality with media like a PC, instead of this streaming bullshit M$ gave us.
If you had a modded XBox, you could play every single SNES game on it with friends, watch any movie that was taken onto your PC, stream internet radio, browse the net, to name a few. Everyone is hoping the 360 will be able to do this with enough time.
Replex @ Dec 31st 2005 9:13PM
The possibilities the Xbox 360 hardware opens for EVERYONE is amazing, I cannot wait to see what kind of homebrew and OS' are put on the thing :)
Hello @ Dec 31st 2005 9:16PM
I would rather have a hacker-free xbox live than the ability to surf the net on my 360 any day..
miguel @ Dec 31st 2005 10:28PM
Modding it would be great for movies and stuff but what if live can detect it and shut your access down.. that would suck, no?
Trauts @ Jan 1st 2006 4:00AM
Find out in the next issue of...
XBOX 360 FANBOY!!!
Raymond "Rayeh" Dubisky @ Jan 1st 2006 10:54AM
One thing that is missing from this report is the fact that you can't add new code to the disc and have it run. The executable are digitally signed, changing one bit of the file will cause that executable not to run. All this means is that Microsoft allowed these to run on other media (cd-r, dvd-r, whatever), rather than on their discs only. This isn't some mistake they made, they likely did it on purpose.
C. Grant @ Jan 1st 2006 12:46PM
11: True, but as we've all witnessed in the past, all it takes is a crease in the armor. You can be sure hackers will do everything possible to take advantage of this. The real question is whether or not it's in Microsoft's interest to keep more open functionality from consumers, motivating many hackers to try and undermine the security of the system (Like Sjohn said). And in doing so, opening the door for all the cheaters who will certainly follow.
Scott @ Jan 1st 2006 2:36PM
"I can't wait to play MORE MODDERS on Halo 3"
Dont listen to Bungie's Propaganda. The Halo 2 Modding Commmunity is made up of mostly Action Replay Script Kiddies. Welcome to PC Gaming Kiddies, theres going to be hackers and just all around annoying people. Wear a Cup.
DarkStar @ Jan 2nd 2006 9:48AM
It should be noted that this isn't a mistake on Microsoft's part. This was actually done intentionally so that retailer disks could be easily modified.
It's really not a big deal since Microsoft ISO's already for download to update the Xbox emulation.