[HN Gopher] How the Xbox 360 knows if your hard drive is genuine ___________________________________________________________________ How the Xbox 360 knows if your hard drive is genuine Author : EatonZ Score : 143 points Date : 2023-01-24 19:40 UTC (3 hours ago) (HTM) web link (eaton-works.com) (TXT) w3m dump (eaton-works.com) | jbverschoor wrote: | Of all components, a disk is the only thing that "regularly" | fail, that become too small, and have no other security impact, | no profit margin (I think) | | It's idiotic MS took this route. | | And what's the downside/risk for MS? Nothing.. if the Xbox | doesn't work anymore, just don't give any support on that disk | jaywalk wrote: | No profit margin? What? They were making a massive profit off | the hard drives, and this security was meant to preserve those | profits. | jbverschoor wrote: | Not using an Xbox.. I didn't know they sell storage upgrades. | | That's pretty toxic | 0x457 wrote: | Margins are low on retail drives. Drives MS was selling had | _plenty_ of margin. Which is why MS went that way. Also, this | saves you from "I bought shitty drive from NoName on alibaba | and it doesn't work" support requests. | | Still stupid though. Glad Sony out of all companies opened up | PS3 they way they did. | JohnBooty wrote: | Drives MS was selling had _plenty_ of margin. Which is why MS | went that way | | Maybe? It's hard to say. The linked article comparing the | price of MS's HDD accessory to the cost of a contemporary OEM | hard drive via NewEgg and yeah, MS's HDD was way more | expensive per GB. | | There are a lot of extra costs for MS though. Maintaining a | separate SKU. Retail packaging. Cost of unsold units. | Negotiating a supply of HDDs from e.g. WD which had to keep a | production line or whatever open for that model when they | otherwise might have phased it out sooner. The plastic | enclosures. Etc. | | Some of the price/GB differential may well have been gouging | but some of it was also certainly overheads such as those I | mentioned. There was zero possibility MS's retail Xbox360 | HDDs could have been priced identically to the ever | fluctuating price of HDDs from the direct sales channel. | | My strong hunch is that those official MS HDD's were _not_ | very profitable for MS. Otherwise one suspects they would not | have tolerated hacked HDDs. | | Of course if you want to say their whole strategy was dumb, I | agree. Why not just allow consumers to slap the SATA drive of | their choice into the 360? Bigger drives = more room for | games = customers theoretically buying more games. | favorited wrote: | > a disk is the only thing that "regularly" fail | | You must not be familiar with Xbox 360 failure rates. The | solder in your GPU was going to fail long before the hard | drive. | | https://en.wikipedia.org/wiki/Xbox_360_technical_problems | ska wrote: | > It's idiotic MS took this route. | | According to article, it let them sell commodity hard drives | with 3x markup. There are words for that, but "idiotic" | probably isn't one of them. | LesZedCB wrote: | stuff like this is outrageous. i got a steam deck a few weeks ago | and decided to grab the base model and an $80 512GB NVMe drive on | newegg. the install was easy and i saved a ton of money. that's | how hardware should work, especially stuff as easy as drives/RAM. | fnimick wrote: | Similarly this is the approach Sony took with the PS5. It | accepts any sufficiently fast nvme drive via the standard | connector - just plug it in and it works. No proprietary | expansion card like Microsoft and Seagate are selling for the | new Xbox. | izacus wrote: | Steam Deck is pretty much the spiritual opposite of everything | the console makers and the DRM industry stands for. I'm just | waiting for big DRM publishers to start blocking it with excuse | of poor DRM security and lockout. | smoldesu wrote: | It's fascinating to think that larger, more expensive machines | find it acceptable to omit replaceable storage. | robotnikman wrote: | I love how hackable they made the Steam Deck, you can easily | find replacement parts as well. I even remember someone got an | external graphics card working on one by using the NVME slot | and an adapter to connect it. Of course, that kinda defeats the | whole purpose of the Steam Deck lol | TAForObvReasons wrote: | Repairability and general hackability are core design goals | of the Steam Deck compared to other devices. On the software | side, they don't hide the desktop Linux core. | [deleted] | everyone wrote: | I will never understand why people buy that locked down, | proprietary, DRM infested shit (gaming consoles, "smart" | appliances, smartphones, apple stuff etc.) in the first place. .. | I would rather have nothing. | haunter wrote: | Life is too short to not enjoy things. Sure I can choose to | have nothing either but personally to me that's not fun. | alerighi wrote: | The fact is that you don't enjoy these things. These things | generate only frustration, its more the time you want to | throw these things out of the window than the one you enjoy | them. A console that you have to mod just to upgrade/replace | its internal hard drive? What the hell? Just because | Microsoft can sell you a normal SATA disk for double the | price? | jaywalk wrote: | > The fact is that you don't enjoy these things. | | I definitely enjoyed my Xbox 360 and didn't give a single | damn about not being able to use a non-Microsoft hard | drive. I doubt I ever really thought about the fact that I | couldn't, it just wasn't an issue. | Lammy wrote: | It's possible to enjoy something like a game console while | also being aware of their role in the elimination of general- | purpose computing. These kind of platforms are where they | farm us for technologies like hypervisors, signed-everything, | e-fuses, always-online, etc. Consent is easily manufactured | when enough people believe that media """needs to be | protected""" to exist at all. I still love my 360 though :) | everyone wrote: | Yeah consoles indoctrinated people and opened the way for | stuff like the BMW with the DRM heated seats. I think | similarly, micro-transactions and DLC in games, digital | goods, rare loot in WoW, led the way for stuff like bitcoin | and nfts becoming relatively popular, and not just being | utterly ridiculed by everyone. | deely3 wrote: | What model of phone your using? Tv? Laptop? Bank card? Car? All | these stuff contains "locked down" or "proprietary" or "DRM | infested" shit. | beardog wrote: | People want products that "just work" and I don't think it is | fair to blame them for that. The problems mainly arise when the | locked down stuff breaks or treats the user badly in some way, | but even if stuff were not locked down the average person would | just sell or throw out their device when it no pleased them | anyways. | everyone wrote: | I'm not blaming users for something. I said "I will never | understand". Though I can hypothesize. I think in some cases | due to deceitful marketing, users think "This thing will be | great! It will do X,Y and Z for me.".. Then they buy it and | realize that X is forbidden, Y requires a subscription, and Z | is not available in their region or whatever. They are | disspointed but they've already bought the thing at that | point and make do rather than return it. I have seen this | happen to people I know for sure. | | I definitely blame the corporation for unethically making | products like that in the 1st place, and then also | deceitfully marketing them. There should be much stricter | laws and severe punishments in place to protect the public. | ddoolin wrote: | The irony of your username isn't lost on me. | extasia wrote: | What's the alternative? Rub sticks together? | wronglebowski wrote: | I honestly prefer banging rocks together vs sticks but that's | just my opinion. | fnimick wrote: | It can be nice. It takes mental effort to manage an open system | and make sure you don't run anything malicious - a limited, | sandboxed environment you can always rely on to work is much | easier by comparison. | | I do miss the PS3 linux option though. It would be great to | have console hardware that boots in two modes - a console mode | for playing games, and an open x86 mode for doing general | compute. This is especially relevant now that current console | are effectively PCs with custom software rather than having | specialty instruction sets. AMD even already sells broken PS5 | chips as barebones systems! | https://www.youtube.com/watch?v=9h08cMFwqRc | forgotpwd16 wrote: | >I do miss the PS3 linux option though. | | Still possible with a CFW. | p1necone wrote: | > I would rather have nothing. | | Nothing can't play Halo. | NavinF wrote: | > I would rather have nothing. | | Then I think you know exactly why others buy consoles lol. Even | the most hardcore PC gamers would prefer a console over nothing | ct0 wrote: | If only every child would rather have nothing than a "locked | down" Xbox. When I was 13 I didn't really care if it was locked | down, but as an adult it matters a bit more. | ascagnel_ wrote: | As an adult, I don't want to have to manage a thing that I | would normally use for leisure. Thankfully, we're starting to | see devices released that point in that direction -- the | Steam Deck is an open device (users can install an M2 SSD if | they're willing to open the device, or they can use a | standard SD card if they're not), has a full desktop | environment available, yet can be entirely used in the | device's "game mode" that abstracts and hides the bulk of the | device's complexity. | jhoechtl wrote: | #metoo | progbits wrote: | I couldn't find what is the size of the RSA key used. Any chance | it is small enough to be broken today with bunch of cloud | instances and few $100 [1] to spare? It was almost 20 years after | all. | | Of course cloning another disk is simpler and more practical, but | it might be fun to eg. have custom logos on unmodded console. | | [1] https://arstechnica.com/information- | technology/2015/10/break... | beardog wrote: | Eaton, if you are planning to write more interesting posts like | this, please consider adding RSS/Atom (or making it more obvious | if it is already there). | xavdid wrote: | +1 RSS. | | In the meantime, you can use https://kill-the-newsletter.com/ | to get an RSS for newsletter items. | EatonZ wrote: | I have received other requests for this. I thought about it | when I redesigned the site, but didn't think people really used | RSS that much anymore. I have it on my list to implement (: | nfriedly wrote: | I use RSS, so you'd have at least two subscribers :) | robotnikman wrote: | I thought I remember there being adapters which allowed you to | use regular 2.5inch hard drives on the xbox 360. Maybe my mind is | just tricking me again though. | scintill76 wrote: | It seems to me they could MITM the SATA link and effectively do | the "HDDHackr" method to make that work. I don't know though. | xen2xen1 wrote: | There was the USB official setup later, but you could also find | a hard drive of the same model and flash firmware from a 360 | drive onto it. So yes, but not just any drive. | easton wrote: | I did this, I remember there being some fairly common laptop | hard drive on the list because I found it laying around at | home. There was a live cd to boot off of to format it and | everything. Memories... | Lammy wrote: | That was possible over USB later on in the life of the console: | https://www.se7ensins.com/forums/threads/complete-history-of... | | - 2.0.9199.0 -- April 6, 2010 -- Allows up to two USB flash | drives or external hard drives to be used for storing profiles, | game saves, demos and more up to 16 GB each, 32GB combined. | | - 2.0.16197.0 -- October 16, 2012 -- Added support for up to | 32GB USB drives. | | - 2.0.17349.0 -- April 30, 2015 -- Added: Able to use USB | Storage up to 2TB for Xbox Content. | | There was also the "Hard Drive Transfer Kit" SATA-USB adapter | that became available alongside the 120GB HDD: | https://www.engadget.com/2007-04-26-xbox-360-hard-drive-tran... | Graziano_M wrote: | It's possible that the adapter MITM'd requests for this | security sector and would return a valid blob. | fredoralive wrote: | You might be thinking of the PlayStation 3 / 4, they do use | standard 2.5" drives without artificial lockouts. | wkat4242 wrote: | I still have one of those hacked WD blues. Always served me very | well though I no longer have a 360. It serves out its live now as | a 320 gb even though it's a 500 because I couldn't find a working | 500 firmware at the time and I couldn't manage to get the | original firmware back. But it's ok, I'm mainly doing ssd these | days anyway. | nywles wrote: | May the logo have been included so that the security sector could | not be distributed under copyright law? | Operyl wrote: | The modders could have just as easily decided to go the "you | must find the logo on your own" route and written a "select the | logo" file prompt into the tools. I find the "they intended to | let others sell HDDs" then changed their minds later route more | plausible, especially since they never went after the "hacked" | drives with bans or anything. | anamexis wrote: | However, it would have been effective at preventing people | from selling modified HDDs commercially. | EMIRELADERO wrote: | It really wouldn't. Courts don't like it when you misuse | copyright like that. | anamexis wrote: | It would seem so. But, it doesn't cost anything to try. | EMIRELADERO wrote: | Sega tried and lost in court, so in that sense it _did_ | cost them to try as they had to pay for counsel which | ultimately wasn 't even successful. | anamexis wrote: | Right, but it doesn't cost Microsoft anything to add | their logo as an additional check. If laws or court | precedent change, it's already there. (For example, the | DMCA came long after the Sega decision) | anamexis wrote: | That was my thought upon reading that as well. I think Nintendo | pioneered this strategy with the Gameboy - if the cartridge | didn't start by showing the Nintendo logo, the Gameboy would | not boot. And if you used the Nintendo logo without licensing | it, it was trademark infringement. | | Clever way to prevent un-licensed third-party cartridges. | Drakim wrote: | Funny enough, it only checked about half the logo, meaning | you could change the bottom half to something else. | [deleted] | dividuum wrote: | That was (of course?) eventually defeated: | https://dhole.github.io/post/gameboy_custom_logo/ | goosedragons wrote: | According to legend at least this was defeated pretty early | with Argonaut Software submitting a GB proof of concept | that bypassed the boot screen (and was also 3D!). This | ended up becoming the game "X". | EMIRELADERO wrote: | This didn't work though, as courts don't like it when you | (ab)use copyright/trademark like that. | morcheeba wrote: | That was a tactic Nintendo used with the gameboy. The courts | eventually decided that the logo, when used as an access token | like that, no longer qualified for the creative component | required for copyright protection. | devwastaken wrote: | That case was 1992, which today would not hold up due to the | political shift of corporate power. Same as how in the 90's | Microsoft couldn't monopolize with internet explorer, yet | mobile devices are doing it every day in even worse fashion. | JohnBooty wrote: | yet mobile devices are doing it every day in even worse | fashion. | | Which mobile browser has 90%+ market share ala "peak" | Internet Explorer? | | I hate being limited to Safari on iOS, but iOS has < 30% | market share worldwide. | | Additionally, browsers are (highly unfortunately IMO) less | relevant than in ~2004 when IE had a stranglehold on | things. | kmeisthax wrote: | Strictly speaking, the logo bit wasn't about copyright, but | trademark. Specifically there was certain territories that | Japan had trademark treaties with, but not copyright | treaties. Taiwan if I remember correctly. | | So you could legally make unlicensed copies of Super Mario | Bros but they couldn't be called Super Mario Bros. This is | why a lot of old bootleg games change the titlescreen to say, | say, "7 GRAND DAD[0]" instead of "Super Mario Bros". This | behavior actually seems to persist to the present day despite | these copyright loopholes having long since been fixed. | | Of course there were companies that got around the logo check | with custom hardware[1]. And Nintendo themselves got lazy and | didn't check the whole logo on the Color. So it's possible to | change the boot logo on basically every Game Boy. | | The court case you're thinking of has to do with SEGA's | Trademark Security System (TMSS) for the Genesis. Sega v. | Accolade to be specific. The broad strokes are similar, | though - small bits of copying to sell an original unlicensed | work are acceptable because console hardware is not | copyrightable just because you worked on it real hard. | | [0] Fleenstones? Aaaaugh... | | [1] The Game Boy BIOS has a TOCTOU bug. AFAIK this is also | how Argonaut Software managed to get an in with Nintendo to | publish X in Japan. | anamexis wrote: | Interesting, I was not aware of this. It appears this was the | case: | | https://en.wikipedia.org/wiki/Sega_v._Accolade | error503 wrote: | Seems plausible, since otherwise it would be fairly simple for | a third-party accessory vendor to create compatible drives that | could legally sell in all the usual places you can buy console | accessories. | | Trademark isn't going to stop modders, but it would have been | effective against legitimate accessory vendors and retailers. | Jerrrry wrote: | Regular blog posts about x360? | | The statute of limitations is over, it's time to revel in | nostalgia :D | | Eaton's gonna be spoiling us, dude has always been an | overachiever. | | By the way, you DID save my original 20gb security partition - I | never told you, I don't think, but I had the original MS backup | cable and your software right as that was figured out. | | Can't wait for the ultimate "KV.bin" write-up... | | >>:"Why would MS add over 4 magnitudes of cryptographic checks to | a damn virtual serial number....?" | [deleted] | cheeseomlit wrote: | [flagged] | kevingadd wrote: | People want these kind of security measures when they buy a | game console, because the alternative is easily-modded consoles | that people use to cheat in online games. Lots of online games | are also not well engineered so cheating can cause crashes and | save corruption - for example, modders constantly find bugs in | GTA V that can be used to crash GTA Online sessions or even | _crash single-player sessions where you 're playing offline by | yourself_ as long as you're online. | EMIRELADERO wrote: | I would prefer that platforms are fully open because it would | force game studios and app developers to implement good | security that doesn't rely on the client being unhackable. | dontlaugh wrote: | That doesn't work for low latency games like shooters. | Jerrrry wrote: | so you want an unhackable, but fully open, client. | | zero sense. | EMIRELADERO wrote: | No, I want the client to not be able to hack the game | experience for other users. | infotogivenm wrote: | Not disagreeing but remember | | > Microsoft Corp., the world's largest software maker, loses at | least $153 (U.S.) on each Xbox 360 video game console it sells, | based on just the cost of components and assembly, a research | firm says. Parts such as processors and manufacturing cost | $552.27 for each machine that retails at $399, El Segundo, | Calif. | | With this context it doesn't surprise me they try to recoup | something on each optional hardware upgrade. | chronogram wrote: | When was that? Because at the start of the console your chip | might be a cutting edge and incur massive costs, but cost a | tenth to produce once it goes from cutting-edge to practiced. | Someone1234 wrote: | Right, but the above figure is under-shooting if anything | since it budgets $0 for software development. Microsoft | definitely charged a premium for accessories, seems like a | classic price discrimination, wherein the richer consumers | were subsidizing the cost of the console (and its | development) for poorer ones. | nottorp wrote: | Why would they care if my hard drive is genuine? | | For the PS3, PS4 and PS5 i just bought a hard drive (ssd for the | ps5) matching their specs, installed it inside and gamed on. | | For the xbox you have to buy hard drives from Microsoft? | | Edit: please don't tell me about usb drives hanging off your | console. I don't like stuff hanging off my console. | meibo wrote: | The article leads with this, the drives from Microsoft had a | massive upcharge compared to regular HDD rates at the time. | They were making a pretty penny with these. | Gigachad wrote: | This is pretty similar to how Nintendo validates game cartridges. | They all contain a unique signed header. If you connect to an | online game and your game serial number is being used by hundreds | of other users, Nintendo can see its a pirated copy and you get | console banned from online for all games. | jchw wrote: | Microsoft really seemed to be ahead of the curve with console | security. They really thought this through back in 2005 or so, to | the point where clearly, they knew people would hack the drives | to rewrite the serial number. It's probably for the best that | they never actually did anything about the knowledge that gave | them, but they clearly stayed a step ahead of the game. As much | as I hate it, their actions show a great deal of respect towards | the ingenuity of console hackers, because if they didn't, they | would've never bothered to do such an effort thwarting them. | Compared to the Nintendo Wii, which had a decent security model | that was ultimately ill-fated due to several fatal flaws in both | hardware and firmware, and the PlayStation, where Sony seems to | have a continual problem developing security measures that | hackers and modders can just completely ignore, Microsoft really | pulled it off. I still wish game consoles would allow you to just | run your own code. Xbox has dev mode, which I haven't ever used | since I generally do not buy game consoles, but it does seem like | the absolute best option that's been available to consumers | lately. Before then, it was OtherOS (ill-fated,) PS2 Linux (cool | but kinda limited,) and Net Yaroze? Which seemed awesome to me, | but unfortunately was a relatively uncommon good. Beyond that, | official escapes from the walled garden are truly scarce. A sad | reality that will get worse when measures like remote attestation | finally make their way to general purpose computers. Remember: | you can never have nice things. Ever. | | Thanks for FATXplorer BTW, it is very useful. | stefan_ wrote: | This was not a security feature at all, it wasn't securing | anything? This is purely a feature to allow Microsoft to resell | hard drives at 3x the price. | RandomBK wrote: | Every time I hear about the XBox's platform security, I think | back to this talk [1] about how Microsoft protected the XBox | One. A lot of it boils down to clear requirements and good | engineering, and many of these technologies are now showing up | via Project Pluton. | | [1] https://www.platformsecuritysummit.com/2019/speaker/chen/ | airstrike wrote: | This is what I found on "Project Pluton" | https://www.microsoft.com/en- | us/security/blog/2020/11/17/mee... | Jerrrry wrote: | >their actions show a great deal of respect towards the | ingenuity of console hackers, because if they didn't, they | would've never bothered to do such an effort thwarting them. | | dude. The irony. They bricked our machines and joked about it. | They had a fellowship with the FBI. | | They (MS and EA) threw OP, the author of this fkn submission, | in jail. | | Their own Terms of Service and Policy Enforcement page still | brags about "pwning the pwnrs" - to this day. | | Make no mistake, MS and Xbox still hate us. It's just from a | capitalist perspective, its hard to compete with losing PC | audience. | | Their only selling point is itself, an unhackable console. | | They did have restraint. There is a list of console ID's | hardcoded in every NAND because originally a few souls had | reversed the NAND enough to RSA-sign CON files - they were just | gonna ban everyone who had made modified content, but didnt... | because of Halo3's File Share incidentally preserving personal | RSA keys, making it difficult to reconcile modified content, | once spread. | | Regarding hacked DVD drives....they did the math and banned | millions when it was profitable, ironically. | jchw wrote: | Yes. I agree. | | > Make no mistake, MS and Xbox still hate us. | | I should point out that I was not suggesting there was a good | relationship between console hackers and Microsoft. Quote | from me again: | | > respect towards the ingenuity of console hackers | | I did not say they had respect for the _people_ , or that | what they were doing was good, or anything like that. I'm | claiming that from a security standpoint, they took the | threat very seriously. | | Microsoft legally bullying people is bad, but it's nothing | new from Microsoft. Hell, it's nothing new from the console | industry either. I actually was not aware of Microsoft | putting anyone in jail over the Xbox homebrew/modding scene, | but it does not surprise me. I remember what happened with | Sony and Geohotz. | | Still, from a sterile, technical point of view, I do think | that in 2005 they were way, way ahead of keeping their | console "secure" according to their threat model. I am never | going to be particularly fond of a threat model where the | adversary is the customer, but that's not really the point. | Jerrrry wrote: | > I do think that in 2005 they were way, way ahead of | keeping their console "secure" according to their threat | model. | | I agree, see my other comment re: KV.bin | | They built the x360 with layers, upon layers, like an | onion. | | Two exploits (JTAG and RGH), and a few forever-unspeakable | social engineering incidents aside, they did great work. | | Until Mw2 came out in 2011. | alexklarjr wrote: | Xbone is not hacked because nobody care about essentially a | boring pc without any memorable games. It will remain in | history as another Microsoft marketing disaster. One day it | will eventually and silently destroyed to be emulated like all | ancient arcades and microcomputer games protections. Every | protection can and will be broken. Regarding unsuccessful money | grab, Idea that Microsoft minds forsaw that people will want to | upgrade their boxes with cheap generic parts and that must be | punished is indeed new, no car manufacturers never did anything | like that since 90s. | EMIRELADERO wrote: | I wonder what would have happened if someone tried using | antitrust laws to defeat this. Seems like there was a quite alive | market for "third-party HDDs compatible with Xbox 360s" and | Microsoft effectively tried to monopolize it. Plus, it seems to | me like it could have passed the test of the modern Sherman Act | interpretation. MS's actions directly reduced output and | increased prices. | imadr wrote: | The articles says that the security sector is RSA-signed using a | private key only Microsoft possesses, what if you also change the | public key used for verification that is stored in the console? | fredoralive wrote: | You'd need Microsoft's private key to sign the system firmware | with a changed HDD verification public key in it (or an exploit | undermining the general security chain of the system). | imadr wrote: | If everything is verified locally couldn't you also change | the firmeware verification key, and whatever verifies the | firmware verification..etc ? Isn't it turtles all the way | down? | izacus wrote: | The Xbox 360 security is a lot of turtles and the last | turtle is actually baked into the SoC itself so it's | impossible to modify. That firmware verifies the next stage | and establishes the chain of verification that's very hard | to break. | | It did get broken eventually (after years of trying!) by | figuring out that the CPU stops being reliable at very low | clocks, but it was not even remotely easy. | AceJohnny2 wrote: | At that level you're already hacking the console firmware. | Easier then to just patch out the check as they've done. ___________________________________________________________________ (page generated 2023-01-24 23:00 UTC)