hckrnws
> Whether PC users, our core readership, will be interested in actually emulating Xbox One, looks unlikely. The 2013 system’s game library is largely overlapped in better quality on the PC platform.
And this explains why it's stayed unhacked so long. There was very little incentive to hack the system when the games are all playable on a PC. Pirates, cheaters, archivists, and hackers could just go there. Microsoft's best security measure was making something nobody cared enough about to hack in the first place
The other major incentive for hacking the console Microsoft removed was for the first time on a modern mainstream home console to allow side loading of homebrew code/emulators etc. The console supported a developer mode that allowed side loading of third party applications, so folks could get emulators and other traditionally "banned" content on the console through an officially supported route.
There's a great presentation by Tony Chen on the Xbox One's security features:
> https://www.platformsecuritysummit.com/2019/speaker/chen/
Examples of the kinda software you can put on the Xbox One in developer mode:
"side loading", I know this term is the one used but I think should be pushed back against with just using the standard "installing"/"install". It makes the control point clearer and (should be) unsettling when you can't "install" software on hardware you own.
I think sideloading is a fine term when it is a consumption device. No one buys a video game console expecting to be able to install anything they want. As a matter of fact, there is an argument that restricting what can be installed is a feature. By maintaining control of the hardware, they can eliminate entire classes of problems that someone might run into. That is to say, when you let your kid play on the switch, you don't want to have to troubleshoot how they got the thing borked from installing malware.
That said, I do think words matter and I always point out that the reason these systems are locked down is because of Digital Restrictions Management. I also refuse to buy anything from Sony because they changed their mind about letting me install linux on the PS3.
I just think side loading is good way to describe installing custom software on a non-general purpose computer, and that not every computer needs to be general purpose. It's significantly better than the previous terms of hacking, cheating, stealing, and voiding your warranty.
Agree. I recommended Stremio to a friend on an iPhone and it turns out it has to be "side loaded". My response is "so you can't install it?"
It's a great point. As a geek I used to think those details don't matter, but it turns out language shapes society and how humans think way more than I understood.
We need to catch up on this because the people who know how to use language for propagandizing don't have the best intentions in mind.
But using the original term is not enough. We need to combat their word-twisting by upping them. We need a way to convey "their way of installing stuff by default is inferior and an attack on liberty".
Something like:
- direct install: installing as we always did
- caged install: installing through a locked store.
Maybe somebody better at marketing can find a good way to do this. In fact, we should have a whole site and community to organize together and shift the narrative on all nerdy things: formats, open web, DRM, patents, etc.
We have been weak on these points for so long because we care much more about solving tech problems than selling them. But openness is being eaten away under our noses. Has been for years.
Sideloading should be called installing, and installing from the store should be called jailloading.
Jailoading is quite catchy, although it does have a "Micro$oft" and "Microslop" feel. Like more an insult than a word made to be used daily.
Yeah I listened to a podcast with Corey Doctorow (inventor of the term "enshittification") and he made this point quite well, to the point where I have completely removed "side loading" from my vocabulary. It's installing software on the computer I own.
I'm very much of the opinion that PS3's linux support massively delayed its exploitation. And not just because it provided a path for homebrew/linux.
A lot of the early hacking focused on trying to breach the hypervisor from otheros. The hypervisor turned out to be quite secure, people smashed their heads against it for years until it finally fell to a memory glitching attack.
But turns out it was so much easier to just attack gameos with a USB exploit. The hypervisor did nothing to prevent it, and would then just decrypt games for you (because gameos was trusted)
You are 100% correct but they started clamping down on people using Dev mode strictly for emulators and homebrew. So here we are.
In their defense, they clamped down following lobbying (and pressure) from Nintendo IIRC.
Part of me also thinks that Microsoft were so forward with offering what was basically a test kit because they were confident in their security.
Why Nintendo? Far as I know, they've never released anything on an xbox console.
Nintendo doesn't want users emulating Nintendo systems in the Xbox is my guess.
Nintendo is notoriouslg very aggressive with their IP. I bet they weren’t happy you could emulate a switch or something.
No, and theyd like to keep their games off of any Xbox.
This is what killed Linux support on PS as well, Sony was disappointed with what was being done with PS2Linux, instead of indie titles.
Hence why PS3 Other OS no longer did hardware acceleration.
The PS3 was incredible value dollar-to-flop, given that it was sold at a loss. This resulted in universities and other research institutes buying them en masse to create supercomputer clusters. Naturally buying thousands of consoles but not a single game puts sony in a difficult position. Although I think it's sad the hardware got locked down in later revisions, I fully understand why they did it.
The US Department of Defense went quite a bit further. They created the Condor Cluster in 2010 which was comprised of 1760 PS3s. At the time it was placed 33rd worldwide for a supercomputer.
https://phys.org/news/2010-12-air-playstation-3s-supercomput...
At the time, entire PS3s were cheaper than what it cost to get the CPU from IBM.
they couldn't have gone for 1776 of them?
at some point it was claimed that the reason sony removed the ability to run linux was because, literally, Saddam Hussein (maybe not) was using them to pilot jets or somesuch.
I haven't looked, but I am pretty sure that Saddam was dead before the ps3 launched. At the very least, his 2003/2004 ouster was before the ca 2007ish (I think) launch date.
Ok, I looked it up; Saddam Hussein was executed on December 30, 2006 and the ps3 launched on Nov 11, 2006 in Japan and Nov 17, 2006 in the US. So, technically, he was alive for the launch.
That factoid has the ingredients for an awesome conspiracy theory ;-)
in case you don't check up again, i did find this https://web.archive.org/web/20041120084657/http://arrakis.nc...
And in my mind the whole story was a publicity stunt, considering the political wind at the time and the place that broke the story; which was then quoted at me in college.
I said the word claimed. in the past. And it was more like: thousands of PS2 because sony/japan marked them dual use because they "were so powerful." So probably astro-turfed or even native advertising (considering the place that "broke" the story.)
buuuuut https://en.wikipedia.org/wiki/PlayStation_3_cluster the US government went ahead and did make a supercomputer out of PS3s.
anyhow thanks for helping me confirm my memory is functioning perfectly.
ETA: https://web.archive.org/web/20041120084657/http://arrakis.nc... probably where this "wacky" idea came from...
I would be curious to know more precise numbers. My intuition suggests that when Sony sells millions of them, the number diverted for non-gaming purposes is maybe thousands or tens of thousands.
Nearly 90 million units by the time it was discontinued, but I'm not sure how many were sold at the point they removed Linux support.
> Although I think it's sad the hardware got locked down in later revisions, I fully understand why they did it.
The PS3 was coincidentally locked down after it was jail broken (broken in Jan, otheros patched out in Mar.
The marketing win of being able to say "these are so poweful, the military literally uses them in supercomputers" certainly more than makes up for a hundredth of a percent of consoles having a zero attach rate.
Linux on playstation was a play by Sony not to have customs like on a toy but as a more favorable computer merchandise. They didn't care.
Linux on Playstation was the final hubris of Ken Kutaragi to have his insane CPU design take over computing. Kutaragi envisaged the PS3 becoming a standard hardware platform similar to the PC but fully controlled by Sony. That was their goal with the PS3, they said so themselves time and time again. The second Kutaragi was removed from power over at Playstation, they closed the Other OS function.
It was the last time that a Japanese company made a fundamentally Japanese move.
> It was the last time that a Japanese company made a fundamentally Japanese move.
What do you mean by this?
It's certainly an extremely bizarre and false statement. Curious what he meant as well.
> fully controlled by Sony.
And Toshiba and IBM, it was a three-way collab. There was even a second-generation Cell (PowerXCell 8i) released in IBM Q Series blade-servers.
Yeah. pretty much PowerPC part two. PowerPC the business move, like the oroginal one.
Nope, that was with YA BASIC.
There were different customs for different countries targetted with different tactics.
Ya basic was only one front in that war.
Sure, if we disregard that PS2 Linux came almost two years later, was only sold via Internet, added an extra 500 euros on top, although it got discounted into 300 euros at the end of PS2 lifetime.
I own one such kit.
That doesn't factor into it, because the tariffs, bans, etc they were trying to circumvent weren't dependent on the software shipping with the device in that case, nor the separate price of the software, nor were they even necessarily primarily targeting Europe.
Each of these schemes had different sets of regulatory checkboxes they were trying to tick, and so had very different end products.
Sure as you wish, I was a PlayStation fanboy back then, since Yaroze, and surely remember YA BASIC for PS2 and Other OS for PS 3, being the only ones.
Yaroze and PS2 Linux never had anything to do with tariffs.
I've seen this argument, but I strongly suspect that it's a cope argument. "We couldn't get in... because... we didn't care to! Even though we've hacked literally every other object on the planet just because."
The proof in the pudding of this will be when the Nintendo Switch 2 reaches 2035 with no cracks. That's my prophecy; that this time around the cat actually will catch the mouse. Between NVIDIA's heavily revised glitch-resistant RISC-V security architecture and Nintendo's impeccable microkernel, there's nowhere left to hide. DRM may turn out to have been a very slow long battle to "victory," not a "this will always be defeated."
I have my doubts. I suspect that Nvidia have made mistakes.
Anyway, situations like the one you describe are one to be solved by legislation requiring certain devices be sold as open devices that put power in the hands of the owner.
my nintendo switch is "rootable" by shorting two pins in the controller interface, with a previously set up SD card inserted with the homebrew bootloader.
My PS3 and PS4 were both jailbroken/rooted. I don't remember the ps3 routine, but the PS4 was loading the "system -> help" page while connected to a ESP32 wifi AP running a simple web server that replied to requests with the jailbreak for PS4.
I give it about a year, especially if nintendo has to change the specs or otherwise tampers with customer expectations. there's bound to be some way to reload firmware on a "dead" device without pulling chips, and that's all it takes.
The shorting two pins is a heavy oversimplification of what happened.
The two pins were installed by design from Nintendo to activate the Tegra RCM mode. RCM mode meanwhile has a USB buffer overflow which is the real bug.
In modern NVIDIA chips, this RCM mode no longer exists. The new recovery modes meanwhile are running across multiple physically separate CPUs verifying each other (glitch one, the other notices), all running formally verified firmware written in SPARK (the thing you use for nuclear reactors and avionics).
As for the OS itself, according to a maintainer who rewrote the kernel twice for open source, it has zero bugs. None. The microkernel is tiny, has no drivers, and almost no attack surface. This is born out by WebKit exploits being a dime a dozen on Switch, but all of them are useless.
> it has zero bugs. None.
This is hyperbole. We have 1 switch that routinely "won't power on" without a ritual of button holding & timing. My original switch used to hard lock, but i stopped trying to play the sorts of games that were causing the OS to crash.
Both of these disprove the zero bugs claim, unless we move the goalposts.
> In modern NVIDIA chips, this RCM mode no longer exists. The new recovery modes meanwhile are running across multiple physically separate CPUs verifying each other (glitch one, the other notices), all running formally verified firmware written in SPARK (the thing you use for nuclear reactors and avionics).
I guess that, when you absolutely want zero surprises, Ada is the language of choice.
Well, and these systems are also designed with ratchet-type measures in place from the get-go, where holes are plugged, fuses are burned, and newly released titles will only decrypt/run on the latest OS.
So even if Switch 2 doesn't make it all the way to 2035 with zero cracks, there's a strong likelihood that any exploits found will be short-lived.
Which incentivizes people to hold on to exploits for as long as possible, ideally past the console life cycle, just to make sure it can be used, which already is a thing
2035 for Switch 2 piracy to get started sounds nice, as someone invested in the platform.
Maybe we should think about this like the concept of public domain. Locked down for X years in order to protect the artist, then opened up for everyone to benefit society.
When you extrapolate out the political economy consequences of your hypothesis being correct the future looks very dark indeed. If you can make an unhackable game console it should be obvious to people on this site what sorts of dystopias you could also create.
unhackable subscription ignition interlock device?
unhackable brain-computer interface required for most daily activities (like phones are today) and with a killswitch "for the public safety" and 24/7 cloud monitoring. Obviously this is pretty out there science fiction today but will it remain so in a century? And if it doesn't, what kinds of political systems are likely to dominate? What will happen to those political systems that for one reason or another decline this capability? I leave these questions as an exercise for the reader.
Before we even get there, within 5-7 years new PCs will be Xbox-like, locked down devices. Only approved OS and apps may be installed, as it is a felony to run an OS that doesn't meet federal and state KYC ID requirements or even own a copy of one without a license, and no PC manufacturer wants the liability risk of being found complicit in the commission of such crimes. General purpose computing will be a thing of the past for the masses (who didn't really want it anyway). Server hardware will be exempt from these requirements, but to purchase it you need a D-U-N-S number and a statement of intended use in the purchase agreement.
Even if it were possible to find a vulnerability in the hardware, doing so without attracting the attention of law enforcement will be profoundly difficult, as Windows sends telemetry back to Microsoft about every instruction that runs on your hardware. Apple will claim to be more privacy-focused, at least for a year or two, but the M9 chip's NPU will just perform local inference on your activity and report you to Apple and the FBI if it detects attempts to break security.
Now if only Sony would let us even have a smidgen of our own code on our Playstations. But nope, Sony would rather gatekeep that one to Hell and back.
Instead, they keep stripping stuff off the console. I'm still so annoyed that PS5 doesn't even have an integrated web browser anymore (especially trying to troubleshoot network issues from the console itself).
But hey, Sony can leave bullshit exploit vectors open like PPPoE clients on the console itself (why? just use a router?)...
There is this general vibe online that the newer generation xboxen are either bad, worse than playstation, or a straight up failure.
My series x, combined with gamepass, is by a very large margin the most at-home-entertainment bang I have gotten for my buck.
Before then I had what could be regarded as a "vintage" gaming PC: 1st gen i7 (nehalem?), a gts 450 and some amount of ram. An upgrade (read: full replacement) was desperately needed. This was in the middle of the crypto gpu boom, so a decent GPU alone would've wiped my budget. I settled for an xbox as it was cheaper than a ps5.
I've always seen myself as part of the pc master race, and thought consoles to be very limited. But man, it just worked, the games just worked, and gamepass made it all a total steal.
Even now, when our 3 month old baby is settled for the night, me and my wife's preferred entertainment is a session of bg3 over watching tv.
> gamepass made it all a total steal
Doing the math i can't find this to be true. As some one that has honed my taste in games, and have a large steam library, I don't spend as much money on games as game pass cost.
I ended up cancelling gamepass after the subscription increase. I already own most of the games they offer, so it was really the odd AAA or indie release I'd play on it.
Indie games are cheap and most AAA titles go on sale within six months, which is fine because I usually don't play them day of launch.
Then there's the issue with gamepass games not working on my system. It's the only platform where I've had consistent issues getting games to run. Even free games like fortnite, were bundled with the wrong anticheat.
With the recent price changes the calculus changes for sure. Even though I live in Europe now, my subscription is stil set up in South Africa. So I used to pay the equivalent of €10 per month for Ultimate, now it's €18/mo.
I think if I were forced to relocate my subscription and pay the full real price (€30/mo), I will probably cancel and buy a €90 game evey quarter or something.
Series X is a premium experience. Walmart delivered one for $350 at 4am with Diablo 4. Still feels like robbery a couple of years later.
> when our 3 month old baby is settled for the night
Seemed a credible comment till that point! (/s)
Congrats :-)
Thanks, we are definitely in the 'if it's this easy we should have another one!'. She's been a treat so far and from what I've heard from other parents, very easy.
This is true, but it is also true that the Xbox One's security architecture and mitigations were ahead of its time. It would've taken a while to hack even with stronger incentives to hack it.
True, I'm not trying to diminish this guy's efforts to defeat all the obstacles MS put in his way.
>The 2013 system’s game library is largely overlapped in better quality on the PC platform.
I get what this essentially means, but for those of us with a certain amount of love of language (or pedantry), it's fascinating to try and parse this literally because I don't quite think it works as intended.
Clearly the intended meaning is something like eclipsed in quality. And it may be overlapped in the sense that the same games are separately available on PC. But overlap isn't a relation of quality; quality is generally better or worse when it's comparative. So it's like a smushed together way simultaneously saying the selection of games on Xbone overlaps with what's available on PC and is also better quality on PC.
It's clear it means that there's a large overlap in titles and they are available in better quality on the PC platform?
I already acknowledged that part several times?
Yes, but the grandparent poster and I would agree that the parse is not that ambiguous/the meaning is easily inferred. The sentence states that the library is overlapped _and_ that overlap is available in better quality: it may seem contrived, but it reads as a rather natural collapse of an implicit conjunction to me.
I think they could have used some punctuation.
examples:
The 2013 system’s game library is largely overlapped, in better quality, on the PC platform.
The 2013 system’s game library is largely overlapped (in better quality) on the PC platform.
Comment was deleted :(
One thing PC does not have are the Xbox/Xbox 360 updated games. Microsoft did a great job of making the old games playable on Xbox One with better resolution, performance, etc. It would be nice to play the exclusive games of those consoles on PC through this.
It might be coming as per GDC news, lets see.
They're not going to bring over Xbox 360 emulation. This thing is dependent on the specific CPU and GPU of the Xbox One and Series consoles. They've lost their appetite for emulation and have reassigned the whole team dedicated to it.
They announced a new effort at GDC.
Yeah, you couldn't be more wrong here. The exact same people who thoroughly destroyed the 360 badly wanted to attack this system - they were just outgunned.
The security was way better with the Xbox One, but also no one cared about the Xbox one. The 360 was the last successful Xbox.
There was a time when it would have been a hot target, but everything the original modded Xbox could do could be done easier elsewhere.
I know that's been dropping my level of interest for hacking consoles farther and farther. Why hack a console when it has almost no exclusives, even fewer of which I personally care about, and having a real computer hooked to a TV is no longer weird or difficult? I could fight to put an emulator on some locked down console or I can just install an emulator for almost everything ever made in like 10 minutes on my Steam Deck, so the choice is pretty obvious.
Most of what was done on an original modded Xbox can be done on a retail stock Xbox One/Xbox Series with the exception of pirated Xbox games. Kodi (formerly known as XBMC) is just in the Xbox store, emulators and homebrew can be setup through dev mode with a little effort and $20. It's really just pirated versions of Halo 5 and a few others missing.
Pretty much, if you provide what people want elsewhere you will reduce the demand to crack the original system.
One of the reasons the Wii U was slow to be hacked was because Android TV boxes had come along plus things like Ouya/Nvidia shield, and it basically took away a lot of demand for a console turned into TV unit to use hacked software.
It still happened but not so quiclkly. Not like the original Wii which didnt really have much similar to it at the time.
This is not the reason, the reason is that the security is very strong. It's explained in the video.
No it doesn’t explain it. This is legitimately a difficult target. Did you watch the talk?
The people that MS hired to make and break this were top notch, and there is definitely incentive to maintain control over a content platform. This dude has been at this for /years/. I’ve been a fly on the wall on all sides to observe this.
There has been a lot of interest in underground / pirate communities to hack this, but that’s not the only reason why people hack things.
> Microsoft's best security measure was making something nobody cared enough about to hack in the first place
Maybe that's what they're trying to achieve with Windows as well.
The Xbox One has been emulated though (well not emulated, it's a compatibility layer like Wine). Before this hack, there was Collateral Damage. We were able to dump games with the exploit.
Minecraft: Xbox One Edition (the Legacy version) was of keen interest to our community as it would be playing LCE natively on a PC if you used a compatibility layer which never happened before.
So a few of my LCE cult friends contributed to WinDurango which was pretty much dead before they joined, and got Minecraft: Xbox One Edition to work.
Of course, you'd ask "why don't you just play Minecraft on PC normally?" Legacy Console Edition has so many minute differences and details that it's impossible to discuss all of them--things as big as the Minigames and as small as the mipmaps.
And then LCE source code from 2014 got leaked and that had a native PC port. Oh well.
> The Xbox One has been emulated though (well not emulated, it's a compatibility layer like Wine).
The parenthetical is not needed. It is OK to call Wine an emulator. The "Wine Is Not an Emulator" thing came about later and was essentially a marketing change. How it came about is interesting.
The first suggestion to change the meaning of the word from a shortening of "windows emulator to the not an emulator backronym was in 1993 over concern that "windows emulator" might run into problems with Microsoft trademarks, but no action was taken.
Over time the not an emulator usage became an accepted alternative. The Wine FAQ in late 1997 for example said:
The word Wine stands for one of two things: WINdows
Emulator, or Wine Is Not an Emulator. Both are right.
Use whichever one you like best.
This is release 981108 of Wine, the MS Windows emulator.
This is release 981211 of Wine, a free implementation of
Windows on Unix.
1. Wine was useful for more than just running Windows binaries on Unix. It could also be used as a library you could link with code compiled on Unix as an aide to porting Windows programs to Unix.
2. Hardware emulators that emulator old systems like GameBoy or Apple II had become popular. Many people were only familiar with that kind of emulator, and those (the emulators, not the people!) tended to be slow.
That was fine when your emulator is running on a machine with a clock speed 300x that of the machine you are emulating and that has a much more efficient CPU, but when you tried to use a hardware emulator for something comparable to your machine it was usually unbearably slow.
People only familiar with such hardware emulators might see Wine described as a Windows emulator and think it was doing hardware emulation and not even give it a try. By dropping calling it an emulator Wine sidestepped that problem.
Maybe cheaters want to cheat somewhere nobody else cheats. Idk if these games do online cross platform nowadays.
Helldivers 2 is cross platform (pc, sony, xbox all in same game at same time, doesn't matter who "hosts.") So it does exist in practice.
Definitely there's some truth to it
the main value is that it's way easier to make an emulator of a console than some point-in-time windows PC.
Also getting a dev account and loading up RetroArch/emulators in general is trivial. Best use of an Xbox one for sure. Well documented and exploited at this point.
Not the same as emulating its titles, but a lot of interest in the Xbone/series line (outside of actual console users) is the dev accounts. So I imagine a lot more effort went there first.
I was vaguely aware this is possible although the "sign-up for a dev account and boot it in dev mode all the time", even if free, was still enough of a barrier that I haven't done yet. I'm hoping this hack eventually leads to a simpler "one-click" way to run emulation, home brew and mods while still maintaining full original game and media playing functionality.
Then I'll finally hook up the XBOne I have again and put it to some use on the downstairs TV. I already have a 'retired' PS4 filling similar role on the upstairs TV (although it must stay offline to remain 'liberated').
How is this the first I’m hearing of it? Looks like I finally have a reason to own an x-box, aside from the best version of Perfect Dark (the HD release of the original with modern controls, I mean) being on the 360.
Perfect Dark works on newer Xboxes too. For Xbox One X and Series X it runs at 9x the res of the 360 version. It's included in Rare Replay which also includes Goldeneye 007 if you get it digitally.
They used to charge too but now it’s free. I got mine set up after about 30min of work a few weeks ago just need to actually load it up now. It’s tedious and you have to share your personal ID but it’s not difficult.
Created a voltage drop that exactly occurred to be timed to the key comparison, then a spike at the continuation.
Irl noop and forced execution control flow to effectively return true.
B e a utiful
No? It is crowbar voltage glitching, but you're significantly underselling it here. The glitching does not affect key comparisons.
It's a double-glitch. The second glitch takes control of PC during a memcpy. The first glitch effectively disables the MMU by skipping initialization (allowing the second glitch to gain shellcode exec). (I am also skipping a lot of details here, the whole talk is worth a watch)
It's fascinating - how does one defend against an attacker or red-team who controls the CPU voltage rails with enough precision to bypass any instruction one writes? It's an entirely new class of vulnerability, as far as I can tell.
This talk https://www.youtube.com/watch?v=BBXKhrHi2eY indicates that others have had success doing this on Intel microcode as well - only in the past few months. Going to be some really exciting exploits coming out here!
> how does one defend against an attacker or red-team who controls the CPU voltage rails
The xbox does have defences against this, the talk explicitly mentions rail monitoring defences intended to detect that kind of attack. It had a lot of them, and he had to build around them. The exploit succeeds because he found two glitch points that bypassed the timing randomisation and containment model.
I hope Apple is paying attention, since their first gen AirTags are vulnerable to voltage glitching to disable the speaker and the tracking warning.
I don't see much motivation for fixing that when I can purchase a nrf52xx Bluetooth Beacon on aliexpress for €4 and flash it with firmware that pretends to be 50 different airtags, rotating every 10 minutes, and therefore bypassing all tracker detections.
What's the battery life like on one of those?
Months if the firmware properly sleeps.
They're also, as it turns out, vulnerable to a drillbit
It's pretty trivial to just open it up and disconnect the speaker too. I took one apart to make a custom wallet card out of it and broke the speaker in doing so; the rest of it worked perfectly fine (though obviously the warning would still work).
Apple has a team that works on glitching protection for their phones. Disabling the speaker on AirTags is a very different threat model.
Isn't airtags completely and utterly broken, or has anything changed?
It's not new - fault injection as a vulnerability class has existed since the beginning of computing, as a security bypass mechanism (clock glitching) since at least the 1990s, and crowbar voltage glitching like this has been widespread since at least the early 2000s. It's extraordinarily hard to defend against but mitigations are also improving rapidly; for example this attack only works on early Xbox One revisions where more advanced glitch protection wasn't enabled (although the author speculates that since the glitch protection can be disabled via software / a fuse state, one could glitch out the glitch protection).
Just so you know, hardware hackers have been doing this for 20+ years. Hacking satellite TV (google smart card glitching) was done the same way.
Its more that its really hard to do security when the attacker has unlimited physical access.
> It's an entirely new class of vulnerability, as far as I can tell.
It is know as voltage glitching. If you're interested our research group applies to Intel CPUs. https://download.vusec.net/papers/microspark_uasc26.pdf
The microcontrollers I worked on 15 years ago had low voltage detection:
Glitching attacks are typically performed by switching the supply voltage at quite high frequencies, a typical low-voltage detection won't trigger a reset under such conditions. And this is also why glitching attacks are often performed by spiking higher voltages, not lower. See for example Joe Grant's latest video on breaking crypto wallets [0].
Low-voltage detection is usually implemented as simple comparator which should trigger instantly, but often only on a single Vcc pin, and due to the decoupling caps found on a typical circuit design there is effectively an RC circuit that filters short fluctuations of supply voltage. So most low-voltage detection implementations only trigger on 'longer' periods of low voltage.
Traditionally low-voltage detection features (like brown-out detection) are there to guarantee functionality of the uC itself or the device the uC controls. It is typically not intended as a defence measure against these types of attacks. In fact, 15 years ago it may not have been much of a concern.
Could a chip detect this and reset?
I'm not at all familiar with the Xbox One, but this is a feature that's generally available if you're designing "closed" hardware like a console. Most SoC these days have some sort of security processor that runs in its own little sandbox and can monitor different things that suggest tampering (e.g. temperatures, rail voltages, discrete tamper I/O) and take a corrective action. That might be as simple as resetting the chip, but often you can do more dramatic things like wiping security keys.
But this exploit shows that it's still almost impossible to protect yourself from motivated attackers with local access. All of that security stuff needs to get initialized by code that the SoC vendor puts in ROM, and if there's an exploit in that, you're hooped.
Yes, and the Xbox One has mechanisms to do just that. But they turned out to not be fully sufficient.
This attack is on the early models that didn't have those protections enabled. The researcher surmised that later models do indeed have anti-glitching mechanisms enabled.
You can't. Console makers have these locked-down little systems with all the security they can economically justify... embedded in an arbitrarily-hostile environment created by people who have no need to economically justify anything. It's completely asymmetrical and the individual hackers hold most of the cards. There's no "this exploit is too bizarre" for people whose hobby is breaking consoles, and if even one of those bizarre exploits wins it's game over.
And if you predict the next dozen bizarre things someone might try, you both miss the thirteenth thing that's going to work and you make a console so over-engineered Sony can kick your ass just by mentioning the purchase price of their next console. ("$299", the number that echoed across E3.)
> You can't
It's a moot point, they are not trying to prevent it. They only need to buy enough time to sell games in the lifespan of the hardware, which they did.
> all the security they can economically justify...
It seems like they did a perfect job, it lasted long enough to protect Microsoft game profits.
Well, they had better hope nobody notices how to use this flaw to chain into another one in the current generation.
not a new vulnerability class.
Extremely impressive feat nonetheless!
Voltage glitching is an old technique. Here's a paper about it from 2 decades ago https://ieeexplore.ieee.org/document/1708651 but it is at least another decade older as an attack vector.
Defend against it one way by voltage monitoring or physical intrusion detection, and another way by droop and such detection and countermeasures on the device. Both probably just increase the cost of hacking it by some orders of magnitude, but that may be enough.
Basically if someone has physical access to device, its game over.
You can do things like efuses that basically brick devices if something gets accessed, but that becomes a matter of whether the attacker falls for the trap.
> Basically if someone has physical access to device, its game over.
It took more than a decade to exploit this vulnerability and even then there are fairly trivial countermeasures that could have been used to prevent it (and that are implemented in other platforms.)
Nothing is unhackable, but it requires a very peculiar definition of "game over".
(And as others have pointed out: only early versions of this Xbos One where vulnerable to this attack.)
The incentives to hack the XOne were few. Easy sideloading. No exclusives. Not a great performance per dollar ratio either. It is the opposite of Nintendo consoles if you think about it, and nintendo consoles are notorious for having a really quick homebrew scene.
Every time a console gets hacked, the checklist of SOC security architects grows a little longer. Boot ROMs are written in formally verifiable language, there are hardware glitch detectors, CPUs running in lockstep to guard against glitches, checks against out of order completion of security phases, random delay insertion, and so forth.
When it comes to SOC security, the past is not a good predictor of the present. The previous Nintendo SOC was designed 15 years ago. A lot has been learned since. It's become increasingly harder to bypass these mechanisms.
The fact that it took 13 years to hack the Xbox One is not because it's not an attractive platform: because of its high profile, it has been a popular subject for security research grad students from the moment it was released. And if anything, the complexity of the current hack shows how much SOC security has progressed over the years.
This hasn't been true for the time a typical American high school senior has been alive. Please stop repeating things people said years ago.
Only if they leave a door open, which they did here.
If your argument is that you can't hope to close every door, then AI will make it easier to close all the doors in the future.
>then AI will make it easier to close all the doors in the future.
AI could also make it easier to open the doors too.
The Xbox 360 was hacked in a simpler but nearly identical way [1]! Amazing that despite the various mitigations, the same process was enough to crack the Xbox One.
But it took them 4x as long to be successful against the xbone.
I think the security team would call their mitigations a success.
The earliest example I know of for this is CLKSCREW, but security hardware (like for holding root CA private keys) was hardened against this stuff way before that attack.
Has anyone heard of notable earlier examples?
In terms of fault injection as a security attack vector (vs. just a test vector, where it of course dates back to the beginning of computing) in general, satellite TV cards were attacked with clock glitching at least dating back into the 1990s, like the "unlooper" (1997). There were also numerous attacks against various software RSA implementations that relied on brownout or crowbar glitching like this - I found https://ieeexplore.ieee.org/document/5412860 right off the bat but I remember using these techniques before then.
This sounds like a way less crude version of the way many unlicensed NES cartridges got around the lockout chip. Just charge a capacitor and blast it at boot time.
I think it counts as effectively unhackable since it remained unhacked until five and a half years after its successor went on the market.
I wonder if, assuming they continue making Xbox, they find a way to mitigate this in the next generation.
The presentation notes that this hack currently only works with the first revision of silicon. Later variants have more protections, like some anti-glitching tech that wasn’t quite debugged for the early units being enabled for later runs, and further changes with the security / reset subsystems being split into two separate cores with revised consoles like the the One X. So these would be more of a challenge, even if there’s now an angle of attack to investigate.
> assuming they continue making Xbox
It sounds like that's the plan:
https://news.xbox.com/en-us/2026/03/11/project-helix-buildin...
The new Xbox is going to be a specialized PC running Windows with full access to third party game stores (Steam, Epic, etc). It won't need to be "hacked" because anyone will already be able to run any software they want on it.
A conversation for another day and I can't wait to have it, but something about this seems seriously doomed, because Steam already owns this lane, owns it well, and these days I think Linux is objectively the better desktop for most personal, PC-style use cases.
Windows stopped feeling like it meant PC a long time ago, and there's a major risk of the whole Xbox identity disappearing into the PC computing. Probably a conversation for another day but when everything is an Xbox, nothing is an Xbox, and when an Xbox is a PC it might as well be fading away Marty McFly style from our plane of existence.
I suppose what would really impress me is a Roku-style omnivore approach that gives a first class console-style experience and interface to Epic, Steam, Itch.io, GOG and of course Xbox.
You can run steam in big picture mode, and there are ways to add links to games from other game stores to steam such as https://github.com/PhilipK/BoilR
It's not automatic or perfect but it does work.
I'm aware, but that is indeed a great thing Steam offers. I think it's janky enough that if there's one way to out-steam Steam it might be making the broader PC gaming universe as plug-and-play into a console experience as possible.
Agreed. I have a steam deck and my wife uses big picture mode on a PC. And both are full of jankiness that you don't get with something like the Switch. I actually bought a steam deck expecting a Switch-like experience, and man was I disappointed. Even the streaming is lacking compared to what Sony offers on the PS5.
I do wish Valve would spend some of their infinite money on sanding off the rough edges of Steam.
What is the point of a device like this if the only difference is form factor? Why wouldn't someone just buy a pre-configured gaming PC?
Every PC I’ve ever tried to repurpose as a gaming console of any sort has had way more jank to it than I’d ever tolerate in a console, in the 25ish years I’ve been hooking computers up to TVs. Even the Bazzite box I’ve got is pretty bad by comparison. Hell, my actual Steam Deck has a lot more undesirable “enthusiast” behavior to it, let’s say, than I’d want out of a Nintendo product for example, even though it’s just about the best I’ve seen (the actual best is Retroarch with a skin mimicking the PS3’s menu, on a dedicated distro that could take it from cold boot to interactive in like three seconds flat even on an rpi2… but that won’t play actual modern PC games, just emulated consoles and such, so it’s not a fair comparison)
A common failure is the controllers. It’s hard to get a combo of OS stack, Bluetooth chip, and controller that Just Works like they do on consoles. Something always needs fiddling-with.
Video or audio out are also often a problem. Glitched audio or audio mode-switching, trouble switching video modes, screwed-up HDR, all kinds of stuff. Maybe fine on your monitor with headphones. Not fine on a TV or projector with 5.1+ audio receiver.
The UIs also bug out or crash more often, and usually aren’t that great at being a TV UI in the first place (even Steam IMO is worse than most consoles, as far as the Big Picture UI)
It also gives devs a stable target with a known market, which is nice for both the devs and the owners of the devices.
There's something to be said for having a standard, known SKU, both as something for developers to target if enough people own it, and for users to troubleshoot if they're e.g. having an issue running X game.
This kind of already exists with the "Deck Verified" label on Steam games.
That said, this sounds similar to Valve's upcoming Steam Machine and I'd much prefer that to be the standard console/PC hybrid to keep the Linux gaming momentum going, and perhaps one day I can ditch Windows for good.
The main goal is money, an Xbox branded windows PC has potential to drive sales.
Microsoft can also hopefully target a smoother user experience than a typical windows PC provides. They want this to be a valid console competitor, but just slapping xbox brand on a windows PC isn't enough to do that.
Having a first party hardware device to target for PC games can also help devs with having a clear performance target for PCs, similar to how the Steam Deck is currently a minimum spec performance target for a lot of games.
Microsoft are in a tough spot (as far as Xbox hardware goes at least). PlayStation is selling much better on the console side, and Valve with the Steam install base has a good shot at making a non-Windows OS a serious platform for gaming.
Their hand was forced in the end. They have to consolidate PC and Xbox users to compete.
The idea of a machine with a locked down mode that can boot legacy Xbox titles and probably run competitive games with very little chance for cheating is interesting. But given Microsoft's track record with consumer devices I await to be convinced.
Valve should be worried if they do turn out something good, maybe this will mean the Steam machines are pushed more aggressively price wise. We can hope...
If this is true then the reason that a console would be better than a custom PC is that it would also be designed to work better for that purpose. Turning on the device when the controller turns on and sending CEC commands are two huge things that aren't well supported outside of the console space. Also it would likely run a trimmed down version of Windows and would be set up to "just work" in a way that a system that can have any arbitrary set of hardware will never be able to do.
But the really nice thing about the concept of treating a PC and console as the same platform is that you don't have to worry about why people might prefer to go the route of buying the console. You can go with a regular gaming PC if that's what you prefer and your library will have all the same options.
It's a device with a fixed, known-good set of hardware for developers to target, which is all that any of the major consoles is. Your question applies just as much to the Steam Deck and upcoming Steam Machine.
Let's speculate that they need a carrot for Windows developers when they attempt to use a monopoly stick on the Steam Deck.
I mean, at that point it is a pre-configured gaming PC. Hardware that's uniform across millions of units provides advantages, both for developers and users. IMO that's a big part of why the Steam Deck outsells more powerful competitors: there are so many of them that it gets targeted by developers, so more people buy them, in a virtuous cycle.
There are a few points I can see
1. Console-like living room ready experience. It's surprisingly hard to get a PC made with off-the-shelf parts to integrate cleanly with a home theater system (think features like HDMI CEC, One Touch Play, etc). A custom SoC can solve this, something we are seeing Valve also do with the Steam Machine.
2. As the target hardware for basically all Xbox games, end-users who don't want to fret over system specs can easily just buy this and know they are getting the intended experience.
Whether that's enough to move units remains to be seen.
> It won't need to be "hacked" because anyone will already be able to run any software they want on it.
The software that I want to run on it is a modified hypervisor. :-)
Voltage glitching attacks are pretty brutal to defend against because you're essentially fighting physics, not software. You can write perfect code and still get bypassed by someone manipulating the electrical signals at the right microsecond..
Note this only affects the very first original 2013 "VCR" hardware. Newer revisions and variants are still unaffected.
They're pretty common and cheap on the used market, though. I bought mine from a thrifts store for $30, and the console itself regularly goes for ~$50 on eBay.
I would imagine jail breaking modern PlayStations and Xboxes would not be as interesting as the PS3 or Xbox 360. The modern generations are too close to PCs. I miss the time when console makers were also making interesting CPUs and, sometimes, GPUs.
BTW, what would be the specs for a Xbox 360? I remember the PS3 was a rather limited Linux workstation because it lacked RAM (and tge hypervisor limited access to the GPU - a limitation gone when jailbroken), but I haven’t read much about the 360 and its own weird PowerPC.
He is one of us :)
Interesting to see how "unhackable" claims almost always get broken eventually. It feels like security is more about raising the cost of attacks rather than making something truly impossible to hack.
Well, nobody talks about "unhackable" platforms that never get hacked. And you can't prove a negative.
The xbone's weakest security lasted nearly double the product's market life, and that's several times longer than security on the 360 lasted, if you don't count DVD firmware attacks, (which was also several times longer than the OGXB security lasted)
Xbox security has gone from lasting months -> years -> decade+. On top of that, the later revisions with better security have not been cracked.
Why do you put 'unhackable' within quotes, like it would be a direct quote from Microsoft? I can't find any record of them using that word.
I interpreted it as scare quotes in general. Like "previously thought unhackable Xbox One has been hacked"
This is great news. Hopefully this opens the floodgates towards emulation and homebrew. Not that there are really any exclusives, but it would be interesting.
Xbox One homebrew has effectively always been supported. Anyone can register a development account and boot the system into dev mode. IIRC in a talk about console security, a Microsoft developer noted that this was an intentional deterrent against hacking. An effort to split the community so that pirates and homebrew enthusiasts wouldn't have a reason to collaborate.
They did dumb things like limit memory availability in dev mode, though. Also they require a government ID to enable dev mode (but at least the quit charging $100 for it!). And they made it so you can't enable dev mode on consoles that are banned from Xbox services.
I understand it's still more than most console makers do, having dev mode at all, but it's maddening to me that Microsoft made dev mode so annoying and limited. I'd honestly just rather a hack be available so we have the option of using the entire memory or repurposing banned consoles.
Seems unlikely. Someone would have to turn this into a modchip, set up physical distribution networks (all very illegal under the DMCA), and it'd only work on the 2013 machines - Chen's team clearly anticipated this type of attack and were already working on mitigations around the time the Phat released. So as he says at the end, later silicon already has more glitch mitigations built in and has done for a long time. Current gen Xbox isn't even investigated but we can assume it's even harder. They were clearly paying for red teaming. Remember: ZERO software bugs in the boot rom.
I had a friend who ran a side business installing mod chips on the original Xbox in the early 2000s. There was a robust community around it, and you could buy chips easily.
This was all after the DMCA was in effect. I don’t think that will stop this sort of activity.
Very few exclusives. Couple of Forzas? Halo 5? Practically everything else available elsewhere in similar quality.
360 emulation?
They are on PC afaik?
Forza Motorsport 5 & 6 and Halo 5: Guardians all Xbox One exclusives, I think.
i don't know forza very well, but those two are older, right? because there's a motorsport 7 as well as a "Motorsport" that is between releases of Horizon 5 and 6.
seems like everyone that made racing games went a little nuts around the same time...
Simplifying here, but Motorsports is Forza's sim-style racing game, while Horizons is more of a arcade-like open world experience.
Some people like trying to perfect their technique running the same track over and over, while others just want to drive cool cars really fast. So MS wisely split the game to address those two core markets.
Rare Replay is another exclusive that comes to mind.
I'm just excited at the opportunity to re-purpose my old launch day XBone as some kind of little homelab linux box.
Amazing talk. Here's a quick writeup if you don't want to watch the full hour or don't have enough hardware knowledge to follow what Markus is talking about, as he goes very fast, in some cases too fast to even let you read the text on his slides. It's mandatory to use the pause key to understand the full details even if you have a deep understanding of every relevant technology, of which he explains none.
The Xbox uses a very advanced variant of the same technologies that also exist on smartphones, tablets and Secure Boot enabled PCs. When fully operational the Xbox security system prevents any unsigned code from running, keeps all code encrypted, proves to remote servers (Xbox Live) that it's a genuine device running in a secure state, and on this base you can build strong anti-piracy checks and block cheating.
The Xbox has several processors and what follows applies to the Platform Security Processor. When a computer starts up (any computer), the CPU begins execution in a state in which basically nothing works, including external communication and even RAM. Executions starts at a 'reset vector' mapped to a boot ROM i.e. the bytes are hard-wired into the silicon itself and can't be changed. The boot ROM then executes instructions to progressively enable more and more hardware, including things like activating RAM. Until that point the whole CPU executes out of its cache lines and can't use more memory than exists on-die.
Getting to the state where the Xbox can achieve all its security goals thus requires it to boot through a series of chained steps which incrementally bring the hardware online, and each step must verify the integrity of the next. The boot ROM is only 19kb of code and a few more kb of data, and can't do much beyond just activating RAM, the memory mapping unit (called MPU on the Xbox), and reading some more code out of writeable flash RAM. The code it reads from flash RAM is the second stage bootloader where much more work gets done, but from this second stage on it can be patched remotely by Microsoft. So if bugs are found there or in any later stage, it hardly matters because MS can issue a software update and detect remotely on Xbox Live servers if that upgrade was applied, so kicking out cheaters and pirates. The second stage boot loader in turn loads more code from disk, signature checks and decrypts it, sets up lots of software security schemes like hypervisors and so on, all the way up to the OS and the games.
Therefore to break Xbox security permanently you have to attack the boot ROM, because that's the only part that can't be changed via a software update. It's the keys to the kingdom and this is what Markus attacked. Attacking the boot ROM is very, very hard. The Xbox team were highly competent:
• Normally the bringup code would be written by the CPU or BIOS vendors but MS wrote it all in house themselves from scratch.
• The code isn't public and has never leaked. To obtain it, someone had to decode it visually by looking at the chip under a scanning electron microscope and map the atomic pictures to bits and then to bytes.
• Having the code barely helps because there are no bugs in it whatsoever.
So, the only way to manipulate it is to actually screw with the internals of the CPU itself by "glitching", meaning tampering with the power supply to the chip at exactly the right moment to corrupt the state of the internal electronics. Glitching a processor has semi-random effects and you don't control what happens exactly, but sometimes you can get lucky and the CPU will skip instructions. By creating a device that reboots the machine over and over again, glitching each time, you can wait until one of those attempts gets lucky and makes a tiny mistake in the execution process.
Glitching attacks predate the Xbox and were mostly used on smartcards until the Xbox 360, which was successfully attacked this way. So Microsoft knew all about them and added many mitigations, beyond "just" writing bug free code:
1. The boot ROM is full of randomized loops that do nothing but which are designed to make it hard to know where in the program the CPU has got to. Glitching requires near perfect timing and this makes it harder.
2. They hardware-disabled the usual status readouts that can be used to know where the program got up to and debug the boot process.
3. They hash-chain execution to catch cases where steps were skipped, even though that's impossible according to program logic.
4. They effectively use a little 'kernel' and run parts of the boot sequence as 'user mode' programs, so that if sensitive parts of the code are glitched they are limited in how badly they can tamper with the boot process.
And apparently there are even more mitigations added post-2013. Markus managed to bypass these by chaining two glitch attacks together, one which skipped past the code that turned on the MMU, which made it possible to break out of one of the the usermode 'processes' (not really a process) and into the 'kernel', and one which then was able to corrupt the CPU state during a memcpy operation, allowing him to take control of the CPU as it was copying the next stage from flash RAM.
If you can take control of the boot ROM execution then you can proceed to decrypt the next stage, skip the signature checks and from there do whatever you want in ways that can't be detected remotely - however, the fact that you're using a 2013 Phat device still can be.
Thanks for this writeup as I haven't had time to review the video yet :)
So, the only way to manipulate it is to actually screw with the internals of the CPU itself by "glitching", meaning tampering with the power supply to the chip at exactly the right moment to corrupt the state of the internal electronics. Glitching a processor has semi-random effects and you don't control what happens exactly, but sometimes you can get lucky and the CPU will skip instructions. By creating a device that reboots the machine over and over again, glitching each time, you can wait until one of those attempts gets lucky and makes a tiny mistake in the execution process.
Considering that the PSP is a small ARM processor that presumably takes up little die space, would it make sense for it to them employ TMR with three units in lockstep to detect these glitches? I really doubt that power supply tampering would cause the exact same effect in all three processors (especially if there are differences in their power circuitry to make this harder) and any disrepancies would be caught by the system.
The Nintendo switch 2 uses DCLS (Dual-core lockstep) in the BPMP and PSC (PSC is PSP-like but RISC-V). So yes, it helps - I'm unsure if/where msft uses it on their products.
DCLS actually makes sense for this scenario as the fault tolerance gained from having three processors isn't needed here. The system can halt when there's a mismatch, it doesn't have to perform a vote and continue running if 2 of 3 are getting the same result.
Also I just thought of this but it should be possible to design a chip where the second processor runs a couple cycles behind the first one, with all the inputs and outputs stashed in fifos. This would basically make any power glitches affect the two CPUs differently and any disrepancies would be easily detected.
You could glitch both processors?
I think the idea is they both hang off the same voltage rail.
yeah give the man more ideas, smart
> It's mandatory to use the pause key to understand the full details
I was going to say I disagreed but the rest of your comment reminded me that I've accumulated a lot of domain-specific knowledge.
What I meant is that at points he skips past slides so quick even very fast readers can't absorb every bullet point. I read at ~2-3x the average speed, have lots of domain knowledge and couldn't read fast enough to get every word on every slide. So the pause key is very useful for that even if you know what's coming.
I read at Normal speed but I didn't feel that way when watching. I believe you though, I was just having an XKCD 2501 moment.
Just wanted to say this is an amazing technical writeup, thanks for sharing.
Thank you, sincerely. My main question now is, what degree of repeatability has Markus achieved so far?
On Phat consoles? You could turn it into a modchip, if for some reason you wanted to. It'd be repeatable on every boot but might take a while.
The hard work comes after this though. There are lots of software level mitigations MS could use to keep the old devices usable with Xbox Live if they really wanted to. Just because you can boot anything you want doesn't mean you can't be detected remotely, it just makes it harder for MS to do so reliably. You'd be in a constant game of catch-up.
The "unhackable" label has always been a liability, not a feature. In my experience, the moment a vendor publicly declares something unbreakable, they've handed researchers the most compelling motivation possible. It's less a security posture and more a recruitment poster.
Hardware you own should be yours to understand.
I don't think the vendor ever said "unhackable" in this case, though. At least not publicly.
Physical possession of a machine is pretty hard to make secure. It's a different level of secure, an order of magnitude less secure than remote attackers. This is expected?
Tony Chen from Microsoft gave a talk called "Guarding Against Physical Attacks: The Xbox One Story" and he explains that they want any sort of physical attack to cost at least the price of 10 games ($600 at the time).
Depends on the size of the system you need to secure.
If kilobytes of storage and very limited computing power works for your use case, you can get very secure (smartcards and secure elements remain essentially undefeated at the hardware level; all attacks I know happened via weak ciphers).
For an entire current-gen gaming console, you'll have a much harder time.
Comment was deleted :(
Someone posted here a more technical version: https://thecybersecguru.com/news/xbox-one-hacked-boot-rom-ex...
"more technical"... funny, after watching that video...
I guess OP meant in a written form? maybe?
This just again shows that given enough time skill, and resources, any security is pointless if the attacker has physical access to the device.
I think this might be a good example of the fundamental misunderstanding of what "security" even is. It is never a binary state. Never was. And I think a lot of people don't really grok that and think that if a security block can be overcome in some manner then the thing is not secure.
Eventually Fort Knox will succumb to the unrelenting arrow of time and some future visitors will simply step over the crumbling wall and into the supposedly "secure" area.
I see security as a stopgap measure when there's no peace. The best "security" is not to need any in the first place.
I never hear about Grok being used over Codex or Claude on this site, I don't really hear about new Grok models or updates yet people love using Grok as a way to communicate meaning, are you guys just on Twitter too much?
"grok" in that sense is from a novel, i think Stranger in a Strange Land by Heinlein. i heard it before i read the novel, i'm sure, but i didn't notice it until afterward.
it means like "full understanding", like complete.
Does the name now make sense, considering!?
i find this statement is often used as an excuse to not think about security at all. which is probably not what you intended here (i hope, although you did say "pointless"...), but some people parrot it for that purpose.
a) this was a security win. millions and millions of people had physical access to the device for over a decade
b) as others have said, security is not all-or-nothing. the xbox one is extremely secure, despite not being perfectly secure.
c) just because something eventually gets hacked does not mean security was pointless. delaying access is a perfectly reasonable security goal. delaying access until the product is retired and the successor is already out on the market is a huge win.
One of the DRM circumvention methods for the Xbox 360 involved precision drilling a specific depth into one of the chips on the board. Microsoft was very aware of the nature of physical access while designing this, haha.
I had many Xbox 360s with flashed DVD drive firmware back in the day. But as I never owned a slim console I had no idea the drill/Kamikaze hack was a thing until now.
This seems like an unqualified win for the security measure. The future value of Xbox One DRM is probably close to zero. They already got what they wanted out of it.
At this point the blip of free media coverage possibly makes this a net positive for XBox.
In the talk that the security guy gave, he said it just had to cost more than 10 games for a user to enable piracy
I can give you a piece of paper with a one time pad encoded secret, where the one time is physically destroyed. You can take all the time you want but you will not crack anything…
You don't need to attack the math, if you can attack the sender or thr receiver ['s hardware].
Good luck If I burnt the one time pad.
Give me enough time to reverse entropy
'pointless' is doing a lot of heavy lifting there.
This console went completely unhacked for 12 years, with this coming a solid 4 years after the hardware was discontinued. They kept piracy off the console for its whole lifespan, which was the entire point of these security measures. This is a massive success for the Xbox security team.
I’m pretty skeptical of that lesson. This took 13 years and it’s cheap mass-market hardware.
I suppose, but I'd argue it's effective security if it took ten years.
Better stop locking your doors, then.
You do have a credit card, right?
The RE//verse conference has very high signal to nosie for reverse engineering content and attendees. I'd highly recommend it if it's an area you're interested in.
Comment was deleted :(
Good think MS had a fallback to the RSA encryption if that ever failed, lol
I would like to try running linux on an xbox series-x (but thought it wasn't in the cards), it might make for a decent openclaw setup.
I wonder... if microsoft can't secure a gaming console which they have full control on, from top to bottom, how do they secure "Azure Government"?
When your hardware is in the physical custody of the attacker, the threat model changes significantly. Designing a console that takes years for attackers to crack is an impressive feat of engineering.
That game console isn't in a data center with CCTV coverage, mandatory access control, guards, and employees with background checks. If somone is soldering wires to your server and doing fault injection something has gone very wrong. Azure Government customers also don't have to worry about the NSA demanding access.
I don't believe servers actually have this level of hardware protection to be honest. Physical protection, as someone else pointed out, on the other hand.
If hacking the xbox goes wrong, the hacker will short out the console. If hacking Azure goes wrong, the hacker will get shot.
Azures physical servers actually use a similar technology apparently. They both have some kind of proprietary HSM module that stores keys on the device and is resistant to tampering. I've read that Azure servers actually break this protection when removed from the rack so the server is made entirely useless if it's removed.
This is not just Azure (although the proprietary bit is true, that's basically souped-up Pluton), but basically most high-end HSMs deployments, including at major could providers (Google Titanium, AWS CloudHSM). There is even a built-in battery to ensure this happens (https://docs-cybersec.thalesgroup.com/bundle/v2.21-cdsp-cm/p... https://nshielddocs.entrust.com/security-world-docs/hsm-user...).
I have even heard of a major cloud service mandating absurd earthquake-proofing (to prevent any movements inside the datacenter and triggering an HSM reset) but I cannot find any verification regarding this (maybe this is ultimately an urban legend).
The point of the gaming console is to get hacked, because that's how they develop the security techniques that metastasize over to strangle general-purpose computing, which is the real goal. Device attestation is a perfect example of this.
Could this technique be used to reverse-engineer end-of-life Nvidia GPUs to improve Noveau on them?
Surely it would be easier to do research on a normal Nvidia GPU in your computer?
Can someone answer yes/no to the question ; is this the cheap steam box now ?
No.
Marcus used to work for Microsoft, in the MSRC. I wonder if he used insider knowledge for this hack.
Microsoft released a video that covers effectively all of the Xbox One security system, and it's referred to extensively in the talk. The specific methods of glitching don't require any insider knowledge.
They also told everyone they added more anti glitching to later hardware revisions; which by the process of elimination tells everyone they thought this was possible. The whole initiative was a success when it gave them a year; an unqualified triumph when it gave them the whole generation; they really are not going to be to sad after 12 years.
Right, as Markus says - even gods can bleed. And he's right: Tony Chen's team did god-level work with the Xbox One security system, so what must have followed in the Xbox Series S is truly unknowable. I don't think there's even a tech talk on it. This talk is probably the most elite hacking talk I've ever watched. Everyone who worked on this stuff at MS can and obviously should be very proud of what it took - especially as this probably won't have any commercial impact on Xbox game devs or multiplayers.
I really wish I could root my series x -- especially in this age of RAM and GPU scarcity.
This is great news. I’ve actually been spending my weekends learning how to modify my old 360 and play great games to relive some of those younger days, while my Series X gathers dust.
Is there any better format article or writeup? I couldn't find anything.
has there ever been a modern game console post 90s, that's really unhackable?
There's no such thing as unhackable, only "not yet hacked".
xbox is always trying to limit the users, when a person buys something, he clearly gets the ownership of the thing yet companies nowadays are trying really hard to sell some subscription while giving the illusion that the owner of the product is in control all the while keeping him in control. is there anyone else who feels the same way?
Where are the slides at?
Don't ever call a thing "unhackable", because every single human creation is imperfect
Nobody was calling it that, which is why the title is in 'quotes'.
> Microsoft's 'unhackable'
Who believes that ?
Not calling something un(bad thing)able is a lesson we learned back from the Titanic
It had those e-fuses in it right? *Seriously* it should be illegal to sell anything with those.
Basically all computers use efuses, otherwise it would be possible to rollback the firmware to a previous, insecure version.
For something like a game console, that’s annoying, for a phone or laptop, that’s highly desirable if something like a TPM bug is fixed, without efuses the system would forever be vulnerable.
What a huge sin. God forbid I could install whatever the version I want on the device I paid for.
E-fuses are just write once memory with limited reads ability 10e6-10e7 read cycles after which it becomes unreliable.
Secure boot that can't be controlled by the user should be illegal, though. You should get some secret code along with a device, that allows you as the buyer to tamper with it. So much hardware out there can just serve as something else, or can be supported by people on a voluntary basis, sans the completely arbitrary lockdown of ability to install your own code to the device.
It wasn't unhackable and decrypted versions of games already have been dumped. There was even a public exploit published years ago.
https://github.com/exploits-forsale/collateral-damage
What's new here is that this compromises the entire system security giving access to the highest privilege level.
Thanks for the mention! I helped with the collateral damage exploit (wrote the PE loader).
I didn't ask but Emma -- who wrote the kernel-mode exploit -- and I would probably agree that Collat is not really what we would consider a proper hack of the console since it didn't compromise HostOS. Neither of us really expected game plaintext to be accessible from SRA mode though.
And the plaintext stuff by the way was a great effort by some other folks running https://xboxoneresearch.github.io/
I think it was tuxuser, Torus, and Billy(?) who accomplished that. Hopefully not forgetting anyone critical.
[flagged]
lol
One of the two of you who narrowly avoided arrest going on to be worthwhile isn’t that bad, I guess.
lol. I wish you good health and best of luck Sanad.
[dead]
One should never call something "unhackable" ...
Given that it held up against 13 years of dedicated efforts by people with physical access to the device, many years after its successor was launched, it seems merited in this case.
This talk about some of what went into it is fascinating: https://youtu.be/quLa6kzzra0
"Extremely hard to hack" or "Hackable only after it's retired" don't exactly roll off the tongue, but they are not synonymous with "Unhackable".
In many cases the truth is simply that its not worth the time/effort to hack it, so only the most dedicated perverts(with a positive connotation) keep trying.
It literally got hacked, that's what the article is about. It is NOT unhackable.
Microsoft stopped manufacturing in 2020. It was not hacked in its lifetime.
I agree, but also find it funny that by that standard the DRM in the original Google video streaming product was not hacked before the service was shutdown, after about 2 years :)
And to think that sometimes people doubt the wisdom of Google’s product-lifecycle decisions!
It was unhackable while it mattered. It was hacked 5 years after it no longer mattered. And all but the effectively beta release remain unhacked even now.
To the community it was unhackable, until very recently. It's security measures held up so long that it appeared to be unshakable. There were no obvious flaws. In hindsight it was hackable, but keep in mind how long it took. This console has long been obsoleted.
I wish people would take statements in relative terms along with the whole context before attempting to refute them with a quick gotcha in absolute terms.
Obviously nothing is ever unhackable, not even Fort Knox, given infinite time and resources, and Microsoft never made such claims, this is just media editorializing for clicks and HN eating the bait, but Xbox One was definitely the most unhackable console of its generation. Case in point, it took 13 years of constant community effort to hack a 499$ consumer device from 2013. PS4 and iPhones of 2013 have also been jailbroken long ago.
Therefore, even the click-bait statement with context in relative terms is 100% correct, it truly was unhackable during the time it was sold and relative to its peers of the time.
This goes against information theory as a whole, and the point of words. How are you going to convey all this extra context to people who don't follow the space, and what word(s) do we use for something that is actually unhackable?
Literally unhackable? XD
Firstly, who made the claim that it was guaranteed to be "unhackable"? Was it Microsoft themselves when they sold it, or slop journalists looking to create false contrarianism in order to legitimize their own PoV and drive traffic to their articles? If it's the latter the we're just wasting our breath ehre over made up BS.
Secondly, this is HN, not some generic town corner shop newspaper. It's assumed the readers who come here often and comment with no green profiles, have at least some basic technical know-how that nothing is ever unbackable, least of all a console from 2103, and therefore process information through that context lens, instead of feigning complete ignorance and arguing from the false pretext they gobbled up from editorialized titles created by slop journalists.
> Case in point, it took 13 years of constant community effort to hack it.
Can you attempt to quantify this effort in comparison to other game consoles? I'm not very familiar with the Xbox scene, but I would assume that there was a lot less drive to achieve this given that Xbox has never really had many big exclusive titles and remains the least popular major console (with an abysmally tiny market presence outside of the US).
As an aside, I wonder if Microsoft's extra effort into securing the platform comes from their tighter partnership with media distributors/streaming platforms and their off-and-on demonstrated desire to position the Xbox as a home media center more than just a gaming console.
> Can you attempt to quantify this effort in comparison to other game consoles?
The person who hacked the original Xbox wrote a book on the topic, which they've since made free: https://bunniefoo.com/nostarch/HackingTheXbox_Free.pdf
Oh that’s the best source I could ask for, thank you!
Comment was deleted :(
I too forget sometimes that Wii U existed.
Wow. I really did forget it existed. I was still thinking of the Wii.
I forgot that my Wii U existed until I remembered, hooked it up, and the NAND had gone bad.
So I replaced the NAND by soldering in an SD card, got it working again, and put it back in its box until I decide I need to play Wind Waker again.
>and remains the least popular major console (with an abysmally tiny market presence outside of the US).
TF are you on about? The xbox one of 2013(competitor of the PS4 who got hacked long before) had a ~46% market share in the US and ~35% globally. Hardly insignificant. And any Microsoft Product, even those with much lower market share, attracts significant attention from hackers since it's worth a lot in street-cred, plus the case of reusing cheap consoles as general PCs for compute since HW used to be subsidized. And of course for piracy, game preservation and homebrew reasons.
I again tap the sign of my previous comment, of uring people to stop jumping the gun to talk out of their ass, without knowing and considering the full context.
Can you provide a source for those statistics? They don’t match up with any numbers I’ve seen, and in fact look ludicrously unrealistic.
>Can you provide a source for those statistics?
Google Gemini
> They don’t match up with any numbers I’ve seen, and in fact look ludicrously unrealistic.
Well can you post your numbers and sources, or are we supposed to read your mind?
In the very strict interpretation probably nothing is unhackable, just not hacked yet. But one should also be pragmatic about what "unhackable" means in context. Without the power of hindsight, a consumer device that stayed unhacked for ~13 years can be reasonably called unhackable during this time.
We don't need to contribute to word inflation. There's "really hard," there's "nearly impossible," there's even "impossible – as far as we know." I don't think it shows a lack of pragmatism to assume a technological claim, made by a technology company, should't be taken at face value. On the contrary, I'd advise more pragmatism to anyone failing to disregard an "unhackable" claim made by Microsoft specially even after fixnum years without known exploits.
Calling something 'unhackable' because it survived 13 years is like calling a safe uncrackable because nobody showed up with the right tools. Time isn't proof.
Most hacks are about cost, not possibility, and the economics for attacking consoles change when resale value, nostalgia, tooling, or side projects make the upside worth the work. People overestimate the "nobody succeeded" part and underestimate the "nobody cared enough yet" part.
People should use their smarts and common sense to qualify statements. LLMs need a page of context, explanation and disclaimers so they maybe understand the meaning and intention.
> calling a safe uncrackable because nobody showed up with the right tools
The tools used for the hack (like voltage glitching) were there since before the first Xbox but nobody had the skills to apply them in a way that defeated the protections. There was a lot of interest in doing it but everyone who tried even just for the fame failed. I wouldn't fault anyone for calling it uncrackable, same as if a safe stayed impossible to open for decades or more.
If you want the "strictest interpretation", the useless one if you ask me, then only universal laws are immovable (maybe?), everything else is a matter of cost, time, etc. An entire category of words and expressions would have to be wiped from the vocabulary unless their meaning can be proven all the way to the heat death of the universe.
The pragmatism is that when someone calls a console unhackable, they mean it today, within a reasonable timeframe, for all intents and purposes. I don't think anyone realistically expects the "unhackable" console to stay so forever, only in the reasonable proximity of when it was said.
> Most hacks are about cost, not possibility
What about the other hacks which are about possibility? How would you go about proving something is hackable without hacking it? Is something "hackable" if you haven't proved it?
The distinction between "possible" and "economically viable" tends to collapse in practice. For hardware like this, people usually mean something closer to "no known attack within a realistic budget and skill envelope."
Voltage glitching has been around for a long time, but applying it against a tightly constrained boot chain with limited observability is a different class of problem. You are essentially searching a high-dimensional timing space with very little feedback. That is where most prior attempts seem to have failed.
What changed here is less the existence of the technique and more the instrumentation and persistence. Once you can reliably characterize the system’s behavior at that level, "unhackable" turns into "not yet mapped."
I think the safe analogy still holds if you interpret it as "no one had a stethoscope sensitive enough until now." The underlying weakness was probably always there, but practically inaccessible.
I think it's like calling a ship "unsinkable". Yes, you engineered it to not sink, in accordance with strict maritime standards no doubt, but just don't call it unsinkable. If you call it unsinkable you're just begging for a century of snickering at your hubris.
It has no relation to hubris whatsoever if the "unhackable" label is not something self-proclaimed at launch but something descriptively applied by other people who were unable to hack it. Nobody would have snickered if the Titanic were described as unsinkable by people who had been trying to sink it for 10 years.
> Nobody would have snickered if the Titanic were described as unsinkable by people who had been trying to sink it for 10 years.
Pedantic: I'm sure somebody would have snickered about "unsinkable" if the Titanic sank after 10 years. Pragmatic: if the "unsinkable" Titanic lasted 10 years (or at least to profitability) before being sunk by people intending to sink it, that might certainly count as being "unsinkable" for the time it hadn't sunk.
Hubris: Titanic was claimed to be unsinkable before it was launched.
And they believed their own bullshit.
So, they are spending like billions and they are the top tech company in the world, still not able to make a thing unhackable?
When there's physical access to the device it's nearly impossible to make any system unhackable I think, at least with current tech. In this case it's a deliberately injected (twice!) hardware fault, and requires intervention at the hardware-level to reproduce the privilege escalation.
Yeah Apple does have "secure enclave" on some devices, and maybe in many cases it would wipe itself before you got in, but maybe that just means a more careful-hand is needed? (Again, physical access and extreme care/caution when debugging/investigating the chip should work eventually I think!) - I am not a hardware hacker, just have read about it quite a bit!
I mean, considering that it's been 13 years since the release, I think they did pretty well!
Crafted by Rajat
Source Code