[HN Gopher] How the Xbox 360 knows if your hard drive is genuine
___________________________________________________________________
How the Xbox 360 knows if your hard drive is genuine
Author : EatonZ
Score : 143 points
Date : 2023-01-24 19:40 UTC (3 hours ago)
(HTM) web link (eaton-works.com)
(TXT) w3m dump (eaton-works.com)
| jbverschoor wrote:
| Of all components, a disk is the only thing that "regularly"
| fail, that become too small, and have no other security impact,
| no profit margin (I think)
|
| It's idiotic MS took this route.
|
| And what's the downside/risk for MS? Nothing.. if the Xbox
| doesn't work anymore, just don't give any support on that disk
| jaywalk wrote:
| No profit margin? What? They were making a massive profit off
| the hard drives, and this security was meant to preserve those
| profits.
| jbverschoor wrote:
| Not using an Xbox.. I didn't know they sell storage upgrades.
|
| That's pretty toxic
| 0x457 wrote:
| Margins are low on retail drives. Drives MS was selling had
| _plenty_ of margin. Which is why MS went that way. Also, this
| saves you from "I bought shitty drive from NoName on alibaba
| and it doesn't work" support requests.
|
| Still stupid though. Glad Sony out of all companies opened up
| PS3 they way they did.
| JohnBooty wrote:
| Drives MS was selling had _plenty_ of margin. Which is why MS
| went that way
|
| Maybe? It's hard to say. The linked article comparing the
| price of MS's HDD accessory to the cost of a contemporary OEM
| hard drive via NewEgg and yeah, MS's HDD was way more
| expensive per GB.
|
| There are a lot of extra costs for MS though. Maintaining a
| separate SKU. Retail packaging. Cost of unsold units.
| Negotiating a supply of HDDs from e.g. WD which had to keep a
| production line or whatever open for that model when they
| otherwise might have phased it out sooner. The plastic
| enclosures. Etc.
|
| Some of the price/GB differential may well have been gouging
| but some of it was also certainly overheads such as those I
| mentioned. There was zero possibility MS's retail Xbox360
| HDDs could have been priced identically to the ever
| fluctuating price of HDDs from the direct sales channel.
|
| My strong hunch is that those official MS HDD's were _not_
| very profitable for MS. Otherwise one suspects they would not
| have tolerated hacked HDDs.
|
| Of course if you want to say their whole strategy was dumb, I
| agree. Why not just allow consumers to slap the SATA drive of
| their choice into the 360? Bigger drives = more room for
| games = customers theoretically buying more games.
| favorited wrote:
| > a disk is the only thing that "regularly" fail
|
| You must not be familiar with Xbox 360 failure rates. The
| solder in your GPU was going to fail long before the hard
| drive.
|
| https://en.wikipedia.org/wiki/Xbox_360_technical_problems
| ska wrote:
| > It's idiotic MS took this route.
|
| According to article, it let them sell commodity hard drives
| with 3x markup. There are words for that, but "idiotic"
| probably isn't one of them.
| LesZedCB wrote:
| stuff like this is outrageous. i got a steam deck a few weeks ago
| and decided to grab the base model and an $80 512GB NVMe drive on
| newegg. the install was easy and i saved a ton of money. that's
| how hardware should work, especially stuff as easy as drives/RAM.
| fnimick wrote:
| Similarly this is the approach Sony took with the PS5. It
| accepts any sufficiently fast nvme drive via the standard
| connector - just plug it in and it works. No proprietary
| expansion card like Microsoft and Seagate are selling for the
| new Xbox.
| izacus wrote:
| Steam Deck is pretty much the spiritual opposite of everything
| the console makers and the DRM industry stands for. I'm just
| waiting for big DRM publishers to start blocking it with excuse
| of poor DRM security and lockout.
| smoldesu wrote:
| It's fascinating to think that larger, more expensive machines
| find it acceptable to omit replaceable storage.
| robotnikman wrote:
| I love how hackable they made the Steam Deck, you can easily
| find replacement parts as well. I even remember someone got an
| external graphics card working on one by using the NVME slot
| and an adapter to connect it. Of course, that kinda defeats the
| whole purpose of the Steam Deck lol
| TAForObvReasons wrote:
| Repairability and general hackability are core design goals
| of the Steam Deck compared to other devices. On the software
| side, they don't hide the desktop Linux core.
| [deleted]
| everyone wrote:
| I will never understand why people buy that locked down,
| proprietary, DRM infested shit (gaming consoles, "smart"
| appliances, smartphones, apple stuff etc.) in the first place. ..
| I would rather have nothing.
| haunter wrote:
| Life is too short to not enjoy things. Sure I can choose to
| have nothing either but personally to me that's not fun.
| alerighi wrote:
| The fact is that you don't enjoy these things. These things
| generate only frustration, its more the time you want to
| throw these things out of the window than the one you enjoy
| them. A console that you have to mod just to upgrade/replace
| its internal hard drive? What the hell? Just because
| Microsoft can sell you a normal SATA disk for double the
| price?
| jaywalk wrote:
| > The fact is that you don't enjoy these things.
|
| I definitely enjoyed my Xbox 360 and didn't give a single
| damn about not being able to use a non-Microsoft hard
| drive. I doubt I ever really thought about the fact that I
| couldn't, it just wasn't an issue.
| Lammy wrote:
| It's possible to enjoy something like a game console while
| also being aware of their role in the elimination of general-
| purpose computing. These kind of platforms are where they
| farm us for technologies like hypervisors, signed-everything,
| e-fuses, always-online, etc. Consent is easily manufactured
| when enough people believe that media """needs to be
| protected""" to exist at all. I still love my 360 though :)
| everyone wrote:
| Yeah consoles indoctrinated people and opened the way for
| stuff like the BMW with the DRM heated seats. I think
| similarly, micro-transactions and DLC in games, digital
| goods, rare loot in WoW, led the way for stuff like bitcoin
| and nfts becoming relatively popular, and not just being
| utterly ridiculed by everyone.
| deely3 wrote:
| What model of phone your using? Tv? Laptop? Bank card? Car? All
| these stuff contains "locked down" or "proprietary" or "DRM
| infested" shit.
| beardog wrote:
| People want products that "just work" and I don't think it is
| fair to blame them for that. The problems mainly arise when the
| locked down stuff breaks or treats the user badly in some way,
| but even if stuff were not locked down the average person would
| just sell or throw out their device when it no pleased them
| anyways.
| everyone wrote:
| I'm not blaming users for something. I said "I will never
| understand". Though I can hypothesize. I think in some cases
| due to deceitful marketing, users think "This thing will be
| great! It will do X,Y and Z for me.".. Then they buy it and
| realize that X is forbidden, Y requires a subscription, and Z
| is not available in their region or whatever. They are
| disspointed but they've already bought the thing at that
| point and make do rather than return it. I have seen this
| happen to people I know for sure.
|
| I definitely blame the corporation for unethically making
| products like that in the 1st place, and then also
| deceitfully marketing them. There should be much stricter
| laws and severe punishments in place to protect the public.
| ddoolin wrote:
| The irony of your username isn't lost on me.
| extasia wrote:
| What's the alternative? Rub sticks together?
| wronglebowski wrote:
| I honestly prefer banging rocks together vs sticks but that's
| just my opinion.
| fnimick wrote:
| It can be nice. It takes mental effort to manage an open system
| and make sure you don't run anything malicious - a limited,
| sandboxed environment you can always rely on to work is much
| easier by comparison.
|
| I do miss the PS3 linux option though. It would be great to
| have console hardware that boots in two modes - a console mode
| for playing games, and an open x86 mode for doing general
| compute. This is especially relevant now that current console
| are effectively PCs with custom software rather than having
| specialty instruction sets. AMD even already sells broken PS5
| chips as barebones systems!
| https://www.youtube.com/watch?v=9h08cMFwqRc
| forgotpwd16 wrote:
| >I do miss the PS3 linux option though.
|
| Still possible with a CFW.
| p1necone wrote:
| > I would rather have nothing.
|
| Nothing can't play Halo.
| NavinF wrote:
| > I would rather have nothing.
|
| Then I think you know exactly why others buy consoles lol. Even
| the most hardcore PC gamers would prefer a console over nothing
| ct0 wrote:
| If only every child would rather have nothing than a "locked
| down" Xbox. When I was 13 I didn't really care if it was locked
| down, but as an adult it matters a bit more.
| ascagnel_ wrote:
| As an adult, I don't want to have to manage a thing that I
| would normally use for leisure. Thankfully, we're starting to
| see devices released that point in that direction -- the
| Steam Deck is an open device (users can install an M2 SSD if
| they're willing to open the device, or they can use a
| standard SD card if they're not), has a full desktop
| environment available, yet can be entirely used in the
| device's "game mode" that abstracts and hides the bulk of the
| device's complexity.
| jhoechtl wrote:
| #metoo
| progbits wrote:
| I couldn't find what is the size of the RSA key used. Any chance
| it is small enough to be broken today with bunch of cloud
| instances and few $100 [1] to spare? It was almost 20 years after
| all.
|
| Of course cloning another disk is simpler and more practical, but
| it might be fun to eg. have custom logos on unmodded console.
|
| [1] https://arstechnica.com/information-
| technology/2015/10/break...
| beardog wrote:
| Eaton, if you are planning to write more interesting posts like
| this, please consider adding RSS/Atom (or making it more obvious
| if it is already there).
| xavdid wrote:
| +1 RSS.
|
| In the meantime, you can use https://kill-the-newsletter.com/
| to get an RSS for newsletter items.
| EatonZ wrote:
| I have received other requests for this. I thought about it
| when I redesigned the site, but didn't think people really used
| RSS that much anymore. I have it on my list to implement (:
| nfriedly wrote:
| I use RSS, so you'd have at least two subscribers :)
| robotnikman wrote:
| I thought I remember there being adapters which allowed you to
| use regular 2.5inch hard drives on the xbox 360. Maybe my mind is
| just tricking me again though.
| scintill76 wrote:
| It seems to me they could MITM the SATA link and effectively do
| the "HDDHackr" method to make that work. I don't know though.
| xen2xen1 wrote:
| There was the USB official setup later, but you could also find
| a hard drive of the same model and flash firmware from a 360
| drive onto it. So yes, but not just any drive.
| easton wrote:
| I did this, I remember there being some fairly common laptop
| hard drive on the list because I found it laying around at
| home. There was a live cd to boot off of to format it and
| everything. Memories...
| Lammy wrote:
| That was possible over USB later on in the life of the console:
| https://www.se7ensins.com/forums/threads/complete-history-of...
|
| - 2.0.9199.0 -- April 6, 2010 -- Allows up to two USB flash
| drives or external hard drives to be used for storing profiles,
| game saves, demos and more up to 16 GB each, 32GB combined.
|
| - 2.0.16197.0 -- October 16, 2012 -- Added support for up to
| 32GB USB drives.
|
| - 2.0.17349.0 -- April 30, 2015 -- Added: Able to use USB
| Storage up to 2TB for Xbox Content.
|
| There was also the "Hard Drive Transfer Kit" SATA-USB adapter
| that became available alongside the 120GB HDD:
| https://www.engadget.com/2007-04-26-xbox-360-hard-drive-tran...
| Graziano_M wrote:
| It's possible that the adapter MITM'd requests for this
| security sector and would return a valid blob.
| fredoralive wrote:
| You might be thinking of the PlayStation 3 / 4, they do use
| standard 2.5" drives without artificial lockouts.
| wkat4242 wrote:
| I still have one of those hacked WD blues. Always served me very
| well though I no longer have a 360. It serves out its live now as
| a 320 gb even though it's a 500 because I couldn't find a working
| 500 firmware at the time and I couldn't manage to get the
| original firmware back. But it's ok, I'm mainly doing ssd these
| days anyway.
| nywles wrote:
| May the logo have been included so that the security sector could
| not be distributed under copyright law?
| Operyl wrote:
| The modders could have just as easily decided to go the "you
| must find the logo on your own" route and written a "select the
| logo" file prompt into the tools. I find the "they intended to
| let others sell HDDs" then changed their minds later route more
| plausible, especially since they never went after the "hacked"
| drives with bans or anything.
| anamexis wrote:
| However, it would have been effective at preventing people
| from selling modified HDDs commercially.
| EMIRELADERO wrote:
| It really wouldn't. Courts don't like it when you misuse
| copyright like that.
| anamexis wrote:
| It would seem so. But, it doesn't cost anything to try.
| EMIRELADERO wrote:
| Sega tried and lost in court, so in that sense it _did_
| cost them to try as they had to pay for counsel which
| ultimately wasn 't even successful.
| anamexis wrote:
| Right, but it doesn't cost Microsoft anything to add
| their logo as an additional check. If laws or court
| precedent change, it's already there. (For example, the
| DMCA came long after the Sega decision)
| anamexis wrote:
| That was my thought upon reading that as well. I think Nintendo
| pioneered this strategy with the Gameboy - if the cartridge
| didn't start by showing the Nintendo logo, the Gameboy would
| not boot. And if you used the Nintendo logo without licensing
| it, it was trademark infringement.
|
| Clever way to prevent un-licensed third-party cartridges.
| Drakim wrote:
| Funny enough, it only checked about half the logo, meaning
| you could change the bottom half to something else.
| [deleted]
| dividuum wrote:
| That was (of course?) eventually defeated:
| https://dhole.github.io/post/gameboy_custom_logo/
| goosedragons wrote:
| According to legend at least this was defeated pretty early
| with Argonaut Software submitting a GB proof of concept
| that bypassed the boot screen (and was also 3D!). This
| ended up becoming the game "X".
| EMIRELADERO wrote:
| This didn't work though, as courts don't like it when you
| (ab)use copyright/trademark like that.
| morcheeba wrote:
| That was a tactic Nintendo used with the gameboy. The courts
| eventually decided that the logo, when used as an access token
| like that, no longer qualified for the creative component
| required for copyright protection.
| devwastaken wrote:
| That case was 1992, which today would not hold up due to the
| political shift of corporate power. Same as how in the 90's
| Microsoft couldn't monopolize with internet explorer, yet
| mobile devices are doing it every day in even worse fashion.
| JohnBooty wrote:
| yet mobile devices are doing it every day in even worse
| fashion.
|
| Which mobile browser has 90%+ market share ala "peak"
| Internet Explorer?
|
| I hate being limited to Safari on iOS, but iOS has < 30%
| market share worldwide.
|
| Additionally, browsers are (highly unfortunately IMO) less
| relevant than in ~2004 when IE had a stranglehold on
| things.
| kmeisthax wrote:
| Strictly speaking, the logo bit wasn't about copyright, but
| trademark. Specifically there was certain territories that
| Japan had trademark treaties with, but not copyright
| treaties. Taiwan if I remember correctly.
|
| So you could legally make unlicensed copies of Super Mario
| Bros but they couldn't be called Super Mario Bros. This is
| why a lot of old bootleg games change the titlescreen to say,
| say, "7 GRAND DAD[0]" instead of "Super Mario Bros". This
| behavior actually seems to persist to the present day despite
| these copyright loopholes having long since been fixed.
|
| Of course there were companies that got around the logo check
| with custom hardware[1]. And Nintendo themselves got lazy and
| didn't check the whole logo on the Color. So it's possible to
| change the boot logo on basically every Game Boy.
|
| The court case you're thinking of has to do with SEGA's
| Trademark Security System (TMSS) for the Genesis. Sega v.
| Accolade to be specific. The broad strokes are similar,
| though - small bits of copying to sell an original unlicensed
| work are acceptable because console hardware is not
| copyrightable just because you worked on it real hard.
|
| [0] Fleenstones? Aaaaugh...
|
| [1] The Game Boy BIOS has a TOCTOU bug. AFAIK this is also
| how Argonaut Software managed to get an in with Nintendo to
| publish X in Japan.
| anamexis wrote:
| Interesting, I was not aware of this. It appears this was the
| case:
|
| https://en.wikipedia.org/wiki/Sega_v._Accolade
| error503 wrote:
| Seems plausible, since otherwise it would be fairly simple for
| a third-party accessory vendor to create compatible drives that
| could legally sell in all the usual places you can buy console
| accessories.
|
| Trademark isn't going to stop modders, but it would have been
| effective against legitimate accessory vendors and retailers.
| Jerrrry wrote:
| Regular blog posts about x360?
|
| The statute of limitations is over, it's time to revel in
| nostalgia :D
|
| Eaton's gonna be spoiling us, dude has always been an
| overachiever.
|
| By the way, you DID save my original 20gb security partition - I
| never told you, I don't think, but I had the original MS backup
| cable and your software right as that was figured out.
|
| Can't wait for the ultimate "KV.bin" write-up...
|
| >>:"Why would MS add over 4 magnitudes of cryptographic checks to
| a damn virtual serial number....?"
| [deleted]
| cheeseomlit wrote:
| [flagged]
| kevingadd wrote:
| People want these kind of security measures when they buy a
| game console, because the alternative is easily-modded consoles
| that people use to cheat in online games. Lots of online games
| are also not well engineered so cheating can cause crashes and
| save corruption - for example, modders constantly find bugs in
| GTA V that can be used to crash GTA Online sessions or even
| _crash single-player sessions where you 're playing offline by
| yourself_ as long as you're online.
| EMIRELADERO wrote:
| I would prefer that platforms are fully open because it would
| force game studios and app developers to implement good
| security that doesn't rely on the client being unhackable.
| dontlaugh wrote:
| That doesn't work for low latency games like shooters.
| Jerrrry wrote:
| so you want an unhackable, but fully open, client.
|
| zero sense.
| EMIRELADERO wrote:
| No, I want the client to not be able to hack the game
| experience for other users.
| infotogivenm wrote:
| Not disagreeing but remember
|
| > Microsoft Corp., the world's largest software maker, loses at
| least $153 (U.S.) on each Xbox 360 video game console it sells,
| based on just the cost of components and assembly, a research
| firm says. Parts such as processors and manufacturing cost
| $552.27 for each machine that retails at $399, El Segundo,
| Calif.
|
| With this context it doesn't surprise me they try to recoup
| something on each optional hardware upgrade.
| chronogram wrote:
| When was that? Because at the start of the console your chip
| might be a cutting edge and incur massive costs, but cost a
| tenth to produce once it goes from cutting-edge to practiced.
| Someone1234 wrote:
| Right, but the above figure is under-shooting if anything
| since it budgets $0 for software development. Microsoft
| definitely charged a premium for accessories, seems like a
| classic price discrimination, wherein the richer consumers
| were subsidizing the cost of the console (and its
| development) for poorer ones.
| nottorp wrote:
| Why would they care if my hard drive is genuine?
|
| For the PS3, PS4 and PS5 i just bought a hard drive (ssd for the
| ps5) matching their specs, installed it inside and gamed on.
|
| For the xbox you have to buy hard drives from Microsoft?
|
| Edit: please don't tell me about usb drives hanging off your
| console. I don't like stuff hanging off my console.
| meibo wrote:
| The article leads with this, the drives from Microsoft had a
| massive upcharge compared to regular HDD rates at the time.
| They were making a pretty penny with these.
| Gigachad wrote:
| This is pretty similar to how Nintendo validates game cartridges.
| They all contain a unique signed header. If you connect to an
| online game and your game serial number is being used by hundreds
| of other users, Nintendo can see its a pirated copy and you get
| console banned from online for all games.
| jchw wrote:
| Microsoft really seemed to be ahead of the curve with console
| security. They really thought this through back in 2005 or so, to
| the point where clearly, they knew people would hack the drives
| to rewrite the serial number. It's probably for the best that
| they never actually did anything about the knowledge that gave
| them, but they clearly stayed a step ahead of the game. As much
| as I hate it, their actions show a great deal of respect towards
| the ingenuity of console hackers, because if they didn't, they
| would've never bothered to do such an effort thwarting them.
| Compared to the Nintendo Wii, which had a decent security model
| that was ultimately ill-fated due to several fatal flaws in both
| hardware and firmware, and the PlayStation, where Sony seems to
| have a continual problem developing security measures that
| hackers and modders can just completely ignore, Microsoft really
| pulled it off. I still wish game consoles would allow you to just
| run your own code. Xbox has dev mode, which I haven't ever used
| since I generally do not buy game consoles, but it does seem like
| the absolute best option that's been available to consumers
| lately. Before then, it was OtherOS (ill-fated,) PS2 Linux (cool
| but kinda limited,) and Net Yaroze? Which seemed awesome to me,
| but unfortunately was a relatively uncommon good. Beyond that,
| official escapes from the walled garden are truly scarce. A sad
| reality that will get worse when measures like remote attestation
| finally make their way to general purpose computers. Remember:
| you can never have nice things. Ever.
|
| Thanks for FATXplorer BTW, it is very useful.
| stefan_ wrote:
| This was not a security feature at all, it wasn't securing
| anything? This is purely a feature to allow Microsoft to resell
| hard drives at 3x the price.
| RandomBK wrote:
| Every time I hear about the XBox's platform security, I think
| back to this talk [1] about how Microsoft protected the XBox
| One. A lot of it boils down to clear requirements and good
| engineering, and many of these technologies are now showing up
| via Project Pluton.
|
| [1] https://www.platformsecuritysummit.com/2019/speaker/chen/
| airstrike wrote:
| This is what I found on "Project Pluton"
| https://www.microsoft.com/en-
| us/security/blog/2020/11/17/mee...
| Jerrrry wrote:
| >their actions show a great deal of respect towards the
| ingenuity of console hackers, because if they didn't, they
| would've never bothered to do such an effort thwarting them.
|
| dude. The irony. They bricked our machines and joked about it.
| They had a fellowship with the FBI.
|
| They (MS and EA) threw OP, the author of this fkn submission,
| in jail.
|
| Their own Terms of Service and Policy Enforcement page still
| brags about "pwning the pwnrs" - to this day.
|
| Make no mistake, MS and Xbox still hate us. It's just from a
| capitalist perspective, its hard to compete with losing PC
| audience.
|
| Their only selling point is itself, an unhackable console.
|
| They did have restraint. There is a list of console ID's
| hardcoded in every NAND because originally a few souls had
| reversed the NAND enough to RSA-sign CON files - they were just
| gonna ban everyone who had made modified content, but didnt...
| because of Halo3's File Share incidentally preserving personal
| RSA keys, making it difficult to reconcile modified content,
| once spread.
|
| Regarding hacked DVD drives....they did the math and banned
| millions when it was profitable, ironically.
| jchw wrote:
| Yes. I agree.
|
| > Make no mistake, MS and Xbox still hate us.
|
| I should point out that I was not suggesting there was a good
| relationship between console hackers and Microsoft. Quote
| from me again:
|
| > respect towards the ingenuity of console hackers
|
| I did not say they had respect for the _people_ , or that
| what they were doing was good, or anything like that. I'm
| claiming that from a security standpoint, they took the
| threat very seriously.
|
| Microsoft legally bullying people is bad, but it's nothing
| new from Microsoft. Hell, it's nothing new from the console
| industry either. I actually was not aware of Microsoft
| putting anyone in jail over the Xbox homebrew/modding scene,
| but it does not surprise me. I remember what happened with
| Sony and Geohotz.
|
| Still, from a sterile, technical point of view, I do think
| that in 2005 they were way, way ahead of keeping their
| console "secure" according to their threat model. I am never
| going to be particularly fond of a threat model where the
| adversary is the customer, but that's not really the point.
| Jerrrry wrote:
| > I do think that in 2005 they were way, way ahead of
| keeping their console "secure" according to their threat
| model.
|
| I agree, see my other comment re: KV.bin
|
| They built the x360 with layers, upon layers, like an
| onion.
|
| Two exploits (JTAG and RGH), and a few forever-unspeakable
| social engineering incidents aside, they did great work.
|
| Until Mw2 came out in 2011.
| alexklarjr wrote:
| Xbone is not hacked because nobody care about essentially a
| boring pc without any memorable games. It will remain in
| history as another Microsoft marketing disaster. One day it
| will eventually and silently destroyed to be emulated like all
| ancient arcades and microcomputer games protections. Every
| protection can and will be broken. Regarding unsuccessful money
| grab, Idea that Microsoft minds forsaw that people will want to
| upgrade their boxes with cheap generic parts and that must be
| punished is indeed new, no car manufacturers never did anything
| like that since 90s.
| EMIRELADERO wrote:
| I wonder what would have happened if someone tried using
| antitrust laws to defeat this. Seems like there was a quite alive
| market for "third-party HDDs compatible with Xbox 360s" and
| Microsoft effectively tried to monopolize it. Plus, it seems to
| me like it could have passed the test of the modern Sherman Act
| interpretation. MS's actions directly reduced output and
| increased prices.
| imadr wrote:
| The articles says that the security sector is RSA-signed using a
| private key only Microsoft possesses, what if you also change the
| public key used for verification that is stored in the console?
| fredoralive wrote:
| You'd need Microsoft's private key to sign the system firmware
| with a changed HDD verification public key in it (or an exploit
| undermining the general security chain of the system).
| imadr wrote:
| If everything is verified locally couldn't you also change
| the firmeware verification key, and whatever verifies the
| firmware verification..etc ? Isn't it turtles all the way
| down?
| izacus wrote:
| The Xbox 360 security is a lot of turtles and the last
| turtle is actually baked into the SoC itself so it's
| impossible to modify. That firmware verifies the next stage
| and establishes the chain of verification that's very hard
| to break.
|
| It did get broken eventually (after years of trying!) by
| figuring out that the CPU stops being reliable at very low
| clocks, but it was not even remotely easy.
| AceJohnny2 wrote:
| At that level you're already hacking the console firmware.
| Easier then to just patch out the check as they've done.
___________________________________________________________________
(page generated 2023-01-24 23:00 UTC)