hacking xbox

(2003) by bunnie huang

_________

(2013)

i

No Starch Press and I have decided to release this free ebook version of Hacking the Xbox in honor of Aaron Swartz. As you read this book, I hope that you’ll be reminded of how important freedom is to the hacking community and that you’ll be inclined to support the causes that Aaron believed in.

aaron

I agreed to release this book for free in part because Aaron’s treatment by MIT is not unfamiliar to me. In this book, you will find the story of when I was an MIT graduate student, extracting security keys from the original Microsoft Xbox.

[..]

A few years ago, I started rebuilding my life overseas, and I find a quantum of solace in the thought that my residence abroad makes it a little more difficult to be served.

While the US legal system strives for justice, the rules of the system create an asymmetric war that favors those with resources. by far one of most effective methods to force a conclusion, right or wrong, against a small player is to simply bleed them of resources and the will to fight thru pre trial antics.. your entire life feels like it is under an electron microscope w every tiny blemish magnified into a pitched battle of motions, counter emotions, discovery, subpoenas, and affidavits and each action heaping tens of thousands o f dollars onto your legal bill.. your friend, co workers, employers and family are drawn into this circus of humiliation as witnesses.. worse, your’e counseled not to speak candidly to anyone , lest they be summoned as a witness against you. isolated and afraid it eventually makes more sense to roll over and settle than to take the risk of losing on a technicality vs a better funded adversary, regardless of justice

huge.. aaron.. kalief.. et al

[..]

ii

The US government is far and away the best-funded and fearsome enemy in the world, and copyright law has some unusually large, if not cruel, penalties associated with it. I never knew Aaron, but I feel that the magnitude of the bullying he was subjected to is reflected in his decision to end his life.

[..]

this system of incentives contributes to the shameless bullying of individuals and small entities who have the guts to stand up and do something daring.. individuals are robed of the will and strength to fight for what they feel is rights as the mere act or persecution can be as much a punishment as the verdict.. as a result.. i fear that the era of civil disobedience may be coming to a close

zinn obedience law.. forbidden research.. et al

socrates supposed to law

As people, as individuals, as hackers, we need to oppose this trend and continue to do what we feel deep down in our hearts is right. While Aaron’s story came to a tragic end, I hope that in this book you will find an encouraging story with a happy ending. Without the right to tinker and explore, we risk becoming enslaved by technology; and the more we exercise the right to hack, the harder it will be to take that right away.

bunnie
Singapore, March 2013

notes/highlights from hacking the xbox (1st read copied from bunnie huang‘s page.. adding page w new notes/quotes during reread):

p 4

this is a book about hacking in the traditional sense: about the process and methods of exploration. ….. in the beginning, a hacker was someone who worked passionately for the sake of curiosity and exploration.

hacker ness

p 5

quit often early hackers engaged in all of these activities.. hackers would share their findings or results (hacks) with each other freely, as their rewards were not financial, but came from satisfying heir intellectual curiosity and from the enthusiasm of their peers. as a result, hackers tended to form into meritocratic groups where membership and advancement were base entirely upon a person’s ability to hack.

as tech evolved… hackers found that the effort involved in hardware hacking was not worth the benefits…… by the 80s, the term hacker had grown to imply someone who could write volumes of c code in their sleep…old hardware hackers… converting to software hackers, or retreating to uni labs and corps that could afford their expensive hobbies.

[..]

hollywood helping w/stereotype of: teens bringing world to brink of annihilation.. toward.. dark impression of hackers.. dominant…. to crackers..

p 6

tech grown so complex.. that beginners (hackers) are increasingly like the parable about the 7 blind men and the elephant.. some via internet others via os.. other via hardware/computer.. each could spend a year exploring their facet.. yet each will have a distinctly diff view about computer tech at end of day

it is very difficult today to convince people that i hacked the xbox solely because it was there to be hacked: it was challenging, and it was new. likewise, it is difficult for people to understand why i haven’t worked on the xbox since. after hacking the security on the xbox, all that is left is a standard pc – which, to me, is not that interesting to work on, and definitely not worth the risk of a lawsuit from microsoft

p 7

the most alarming aspect of the cmca for hackers in that it embodies the fallacy that the only sources of innovation of benefit to society like within the halls of research institutions and corporations. suddenly it is a crime to explore.. restricting research of tech to only established institutions disallows the possibility of tech development by unaffiliated individuals..

to pass laws that reg research of tech measure that protect copyrights and the dissemination of such results is to concede that copyright tech is broken and can never be improved.. that the only possible outcome of allowing common people to understand copyright control tech is the demise of the tech.. i offer a counter to that mindset: some of the best peer review that i received on my xbox hacking work did not come form the academic community.. it came from individual hackers around the world.. esp in foreign countries.. who have been free to explore and understand access control techs. the stricter laws in the us and the litigious nature of corps has already negatively affected the us’s standing in electronic security..

p 8

during course of my work on xbox.. i had good fortune of meeting brilliant hackers across the globe.. hackers in america were some of the most fearful of the group.. even though they were talented engineers, they were loath to apply their skills to such problems for fear of persecutions..

safety addiction and fuller too much law.. and too much of aaron.. and the need for gershenfeld something else law

ie: drafting letters to be able to research/publish.. funded out of pockets.. done after hours.. hoop jumping.. et al

freedom of speech should not require a lawyer, and free thought should not involve letters of authorization for research.

what we need is a means to undo our hierarchical listening

9

in particular, reverse engineering is only allowed for interoperability.. where interoperability means ‘the ability of computer programs to exchange info, and of such programs mutually to use the info which has been exchange’.. but this defn contains 2 potential land mines: 1\ circumventing hardware/software security diff.. 2\ purpose not really to exchange info w hardware security measure.. it is to bypass them

11

in general, i hack because it is quite satisfying to know that somebody’s life was made better by something i built.. i feel it is my obligation to apply my talents and return to society what it has give me.. i also enjoy the challenge of exploration.. i want to understand electronics as deeply as i can.. black boxes frustrate me; nothing gets my curiosity going more than box that i’m not allowed to open or understand.. as a result, i have a fiduciary interest in cryptography and security methods..

i hack hardware because i enjoy the aesthetics of electronics; there is something satisfying about having a tangible artifact at the end of the day, as opposed to ephemeral bits of software code.. it may sound a little bit silly, but one of my pastimes is taking apart electron devise and ‘reading’ the circuit boras.. there is something exciting aobu the smell fo brand new electronics equipment.. i thin it is the smell of a new adventure unfolding.. it is inviting….. like a stack of blank paper: i wonder wha ti will do w those blank pages.. a stack of blank white paper stands there and challenges me to fill it w useful info..

my inquisitive nature stems from my childhood.. when i was about 7 my father bought an apple 2 clones.. just the motherboard.. no case..

p 13

my best advice to aspiring hardware hackers it to be persistent and to be thorough.. significantly.. persistence and thoroughness come naturally if you love what you are doing.

p 15

ch 1 – voiding the warranty

hacking x box

p 31

ch 2 – thinking inside the box

tools of reverse engineering: intuition; pattern recognition; experimentation

52

on security thru obscurity (talking of gamecube rom hidden in one of chips of motherboard)

p 101

ch 7 – brief primer on security

who needs security anyways?.. understanding the motive of the securer is helpful in finding weaknesses that you can exploit..

cryptograph is not security.. cryptography is a means to an end for security, but real security involves the entire system architecture, including the end users.. as kevin mitnick (slashdot): ‘security is not a product that can be purchased.. but consists of policies, people, processes, and tech’.. i believe that security is fundamentally a social concept.. in practice, you can open windows and leave front door locked and people won’t just walk in thru window or pick your doorlock, even though both are relatively easy.. locked doors and open window work because a locked door is mostly a symbolic measure.. it forces an intruder to make a conscious act of violation in order to enter ah ouse.. and that alone is enough to separate criminals from well doers..

security as a distraction.. as irrelevant.. as a red flag.. we’re doing life wrong

huang job security law

102

why then would microsoft risk investing in such a complex security scheme on the xbox? is it really to quell piracy? it is quite possible that in fact the primary reason.. lies not in anti piracy measures.. nor in preventing the use of xbox console for any purpose other than gaming.. (money loss there not significant to deep pockets of microsoft).. perhaps real reason for the complex security of xbox is to ensure the success of xboxlive.. microsofts gaming services.. betting on the success of xbox live to drive hardware sales.. and subscription monthly fees..

103-104

on security, cryptography, trust, man in the middle….. a single packaged silicon chip is probably good enough, as it is typically easier to intercept and spoof the measurement data going past on a printed circuit board than it is to penetrate the epoxy package of a chip and modify the chip’s circuitry.

104

a brief primer on cryptography

cipher: 1\ zero, has no weight, worth, influence.. nonentity 2\ method of transforming text in order to conceal its meaning.. compare to code

ciphers provide no security on their own.. only if key is secure and algo is strong and no back doors..

117

the moral of this chapter is that security requires a well design system.. although cipher have become strong enough to make brute force attacks moot, systems have grown in complexity.. this complexity increased the likelihood of viable protocol or back door attack, yet does little to save users form the more traditional eavesdropping, rubber hose and user error attacks..

begs we let go of any form of m\a\p.. and try ie: gershenfeld something else law for safety/security

p 134

hacking the xbox was less challenging technically that it was socially and legally.

free speech applies to all, not just to those who are lucky enough to sit in the ivory towers of esteemed academic institutions.. there are countless others who were also working on the xbox w excellent results.. but their voices shall remain forever silent behind the curtain of the dmca..

p 144

(andy) profile: i was offered scholarship .. but turned it down and instead left school at 16 w no further ed.. i was quite content to teach myself anything that interested me

145

(andy): i discovered that hardware and software are two sides of same coin.. although they are treated completely separately in ed..

in dec 2001 i discovered that integrity was more important than money, resigned, and decided to go back to working for myself..

146

my mit advisor to knight once told me: ‘there are two kinds of design in this world: those that are useful and those that you can formally prove to be correct’.. to some extent, the only way to ensure the security of real world system is to make its details open ( no security thru obscurity) and subject the system to analysis from all angle.s. in a way, a thorough analysis of xbox security is being conducted at no expense to microsoft.. thanks to the hacker community

147

my final thought (andy profile) is to encourage people, especially young people, to listen to their brain when it comes to things that interest. them. don’t be afraid to dig around and try to learn about things that snag your attention. that feeling you get when you wish you understood something, a kind of yearning, is your brain’s way of telling you that it thinks the knowledge might be useful later. if you listen to it enough, you stand a good chance of knowing the right thing at the right time to make some small difference.

begs a means to detox us.. to undo our hierarchical listening

149

like most things in life.. the first step is education

oi.. whalespeak

notes from ipad:

173

12 – caveat hacker

competitive marketplace required to preserve innovation and to ensure fair markets.. so .. intellectual property law..

ownership – intellectual property laws only to (seemingly) protect market.. not being/fittingness.. let go

174

electronic frontier foundation provided me w legal council.. internet.. power to connect us all.. and future developments in tech will enable us to access info and communicate w others in even more powerful ways.. but only by fighting for our rights to speak freely whatever the medium. can d we protect/enhance the human condition.. eff was created to defend our rights to think, speak and share our ideas, thoughts and needs using new techs

life not about rights.. but is about legit diff tech.. for communication.. as it could be

175

eff.. defends court cases preserving rights.. launches global campaigns.. intros leading proposal and papers.. hosts frequen ed events..

this is why we haven’t yet gotten to global equity (everyone getting a go everyday) .. too much ness..

congress/constitution.. to secure authors/inventors exclusive right to their writings/discoveries

there are no single authors/inventors.. beyond monastic self ness.. in/out body ness..

any form of m\a\p is killing us..

176

in us authors/inventors don’t have ‘natural right’.. instead their rights are based on notion of public welfare.. society will benefit if authors/inventors get some protections.. because they won’t have adequate incentive to create if others can freely use their work

oi.. again.. there are no single authors.. if say so.. violating cr laws from prior/others that are tied to ‘invention’ or discovery/writing or whatever ..

177

so copyright law is quite complex..

whole page loaded.. no single write et al.. if see/grok thurman interconnectedness law.. can let go of money/profit/ego.. any form of m\a\p

178

the bargain here is that in return for the patent, the inventor must provide enough info in the patent application to enable one ‘skilled in the art’ to create the invention w/o much experimentation.. by making the info public the patentee contributes to society’s store of knowledge

oi.. oi.. oi..

179

intellectual property rights are a means to an end.. to promote the progress of knowledge and tech..

oi.. such whalespeak.. ip rights for intell/tech advance.. oi

180

interestingly, concern about monopolies is historically linked ot hte concern for free speech..

what we need is a means to undo our hierarchical listening.. free speech (aka: whalespeak) is killing us

191

the freedom to tinker should also include the right to talk about tinkering.. but as we’ve seen, many of the new intell property rules limit the right of reverse engineers to share what they learn from tinkering.. these limits.. serious 1st amendment free speech issues.. and go to heart of constitutional basis for copyright and patent law: progress in arts and sciences.. on of the major issues raised by the dmca is its chilling effect on scientists

oi – we have no idea the chilling effects any form of m\a\p is doing to us.. has done to us

193

13 – onward

the hacking community: xbox hackers are an anarchistic community that works mostly underground.. most keep a low profile.. hackers are more inclined to share results/findings if they know they can back away unscathed in case things get ugly.. use of pseudonyms also levels playing field.. for young et al..

247

appendix e: debugging: hints and tips

thus.. real art of debugging is in tracing a set of symptoms to a root cause despite a lack of visibility and total system knowledge..

we need a means to listen deeper.. to get to root.. root/essence that 8b people would resonate w today..

248

observe symptoms.. buts manifest selves thru symptoms.. and it is up to you to deduce root cause by observing several symptoms and deducing culprit.. keep in mind that the most telling symptoms are often not outwardly obvious.. and will require a measurement or an experiment to find them..

our short findings restate

249

there are some symptoms that are often time incorrectly interpreted as causes..

ie: wrong basic needs; climate; tragedy of the non common;

_________

___________

___________