(2003) by bunnie huang
No Starch Press and I have decided to release this free ebook version of Hacking the Xbox in honor of Aaron Swartz. As you read this book, I hope that you’ll be reminded of how important freedom is to the hacking community and that you’ll be inclined to support the causes that Aaron believed in.
I agreed to release this book for free in part because Aaron’s treatment by MIT is not unfamiliar to me. In this book, you will find the story of when I was an MIT graduate student, extracting security keys from the original Microsoft Xbox.
A few years ago, I started rebuilding my life overseas, and I find a quantum of solace in the thought that my residence abroad makes it a little more difficult to be served.
While the US legal system strives for justice, the rules of the system create an asymmetric war that favors those with resources. by far one of most effective methods to force a conclusion, right or wrong, against a small player is to simply bleed them of resources and the will to fight thru pre trial antics.. your entire life feels like it is under an electron microscope w every tiny blemish magnified into a pitched battle of motions, counter emotions, discovery, subpoenas, and affidavits and each action heaping tens of thousands o f dollars onto your legal bill.. your friend, co workers, employers and family are drawn into this circus of humiliation as witnesses.. worse, your’e counseled not to speak candidly to anyone , lest they be summoned as a witness against you. isolated and afraid it eventually makes more sense to roll over and settle than to take the risk of losing on a technicality vs a better funded adversary, regardless of justice
The US government is far and away the best-funded and fearsome enemy in the world, and copyright law has some unusually large, if not cruel, penalties associated with it. I never knew Aaron, but I feel that the magnitude of the bullying he was subjected to is reflected in his decision to end his life.
this system of incentives contributes to the shameless bullying of individuals and small entities who have the guts to stand up and do something daring.. individuals are robed of the will and strength to fight for what they feel is rights as the mere act or persecution can be as much a punishment as the verdict.. as a result.. i fear that the era of civil disobedience may be coming to a close
As people, as individuals, as hackers, we need to oppose this trend and continue to do what we feel deep down in our hearts is right. While Aaron’s story came to a tragic end, I hope that in this book you will find an encouraging story with a happy ending. Without the right to tinker and explore, we risk becoming enslaved by technology; and the more we exercise the right to hack, the harder it will be to take that right away.
Singapore, March 2013
notes/highlights from hacking the xbox (1st read copied from bunnie huang‘s page.. adding page w new notes/quotes during reread):
this is a book about hacking in the traditional sense: about the process and methods of exploration. ….. in the beginning, a hacker was someone who worked passionately for the sake of curiosity and exploration.
quit often early hackers engaged in all of these activities.. hackers would share their findings or results (hacks) with each other freely, as their rewards were not financial, but came from satisfying heir intellectual curiosity and from the enthusiasm of their peers. as a result, hackers tended to form into meritocratic groups where membership and advancement were base entirely upon a person’s ability to hack.
as tech evolved… hackers found that the effort involved in hardware hacking was not worth the benefits…… by the 80s, the term hacker had grown to imply someone who could write volumes of c code in their sleep…old hardware hackers… converting to software hackers, or retreating to uni labs and corps that could afford their expensive hobbies.
hollywood helping w/stereotype of: teens bringing world to brink of annihilation.. toward.. dark impression of hackers.. dominant…. to crackers..
tech grown so complex.. that beginners (hackers) are increasingly like the parable about the 7 blind men and the elephant.. some via internet others via os.. other via hardware/computer.. each could spend a year exploring their facet.. yet each will have a distinctly diff view about computer tech at end of day
it is very difficult today to convince people that i hacked the xbox solely because it was there to be hacked: it was challenging, and it was new. likewise, it is difficult for people to understand why i haven’t worked on the xbox since. after hacking the security on the xbox, all that is left is a standard pc – which, to me, is not that interesting to work on, and definitely not worth the risk of a lawsuit from microsoft
the most alarming aspect of the cmca for hackers in that it embodies the fallacy that the only sources of innovation of benefit to society like within the halls of research institutions and corporations. suddenly it is a crime to explore.. restricting research of tech to only established institutions disallows the possibility of tech development by unaffiliated individuals..
to pass laws that reg research of tech measure that protect copyrights and the dissemination of such results is to concede that copyright tech is broken and can never be improved.. that the only possible outcome of allowing common people to understand copyright control tech is the demise of the tech.. i offer a counter to that mindset: some of the best peer review that i received on my xbox hacking work did not come form the academic community.. it came from individual hackers around the world.. esp in foreign countries.. who have been free to explore and understand access control techs. the stricter laws in the us and the litigious nature of corps has already negatively affected the us’s standing in electronic security..
during course of my work on xbox.. i had good fortune of meeting brilliant hackers across the globe.. hackers in america were some of the most fearful of the group.. even though they were talented engineers, they were loath to apply their skills to such problems for fear of persecutions..
ie: drafting letters to be able to research/publish.. funded out of pockets.. done after hours.. hoop jumping.. et al
freedom of speech should not require a lawyer, and free thought should not involve letters of authorization for research.
what we need is a means to undo our hierarchical listening
in particular, reverse engineering is only allowed for interoperability.. where interoperability means ‘the ability of computer programs to exchange info, and of such programs mutually to use the info which has been exchange’.. but this defn contains 2 potential land mines: 1\ circumventing hardware/software security diff.. 2\ purpose not really to exchange info w hardware security measure.. it is to bypass them
in general, i hack because it is quite satisfying to know that somebody’s life was made better by something i built.. i feel it is my obligation to apply my talents and return to society what it has give me.. i also enjoy the challenge of exploration.. i want to understand electronics as deeply as i can.. black boxes frustrate me; nothing gets my curiosity going more than box that i’m not allowed to open or understand.. as a result, i have a fiduciary interest in cryptography and security methods..
i hack hardware because i enjoy the aesthetics of electronics; there is something satisfying about having a tangible artifact at the end of the day, as opposed to ephemeral bits of software code.. it may sound a little bit silly, but one of my pastimes is taking apart electron devise and ‘reading’ the circuit boras.. there is something exciting aobu the smell fo brand new electronics equipment.. i thin it is the smell of a new adventure unfolding.. it is inviting….. like a stack of blank paper: i wonder wha ti will do w those blank pages.. a stack of blank white paper stands there and challenges me to fill it w useful info..
my inquisitive nature stems from my childhood.. when i was about 7 my father bought an apple 2 clones.. just the motherboard.. no case..
my best advice to aspiring hardware hackers it to be persistent and to be thorough.. significantly.. persistence and thoroughness come naturally if you love what you are doing.
ch 1 – voiding the warranty
hacking x box
ch 2 – thinking inside the box
tools of reverse engineering: intuition; pattern recognition; experimentation
on security thru obscurity (talking of gamecube rom hidden in one of chips of motherboard)
ch 7 – brief primer on security
who needs security anyways?.. understanding the motive of the securer is helpful in finding weaknesses that you can exploit..
cryptograph is not security.. cryptography is a means to an end for security, but real security involves the entire system architecture, including the end users.. as kevin mitnick (slashdot): ‘security is not a product that can be purchased.. but consists of policies, people, processes, and tech’.. i believe that security is fundamentally a social concept.. in practice, you can open windows and leave front door locked and people won’t just walk in thru window or pick your doorlock, even though both are relatively easy.. locked doors and open window work because a locked door is mostly a symbolic measure.. it forces an intruder to make a conscious act of violation in order to enter ah ouse.. and that alone is enough to separate criminals from well doers..
why then would microsoft risk investing in such a complex security scheme on the xbox? is it really to quell piracy? it is quite possible that in fact the primary reason.. lies not in anti piracy measures.. nor in preventing the use of xbox console for any purpose other than gaming.. (money loss there not significant to deep pockets of microsoft).. perhaps real reason for the complex security of xbox is to ensure the success of xboxlive.. microsofts gaming services.. betting on the success of xbox live to drive hardware sales.. and subscription monthly fees..
on security, cryptography, trust, man in the middle….. a single packaged silicon chip is probably good enough, as it is typically easier to intercept and spoof the measurement data going past on a printed circuit board than it is to penetrate the epoxy package of a chip and modify the chip’s circuitry.
a brief primer on cryptography
cipher: 1\ zero, has no weight, worth, influence.. nonentity 2\ method of transforming text in order to conceal its meaning.. compare to code
ciphers provide no security on their own.. only if key is secure and algo is strong and no back doors..
the moral of this chapter is that security requires a well design system.. although cipher have become strong enough to make brute force attacks moot, systems have grown in complexity.. this complexity increased the likelihood of viable protocol or back door attack, yet does little to save users form the more traditional eavesdropping, rubber hose and user error attacks..
hacking the xbox was less challenging technically that it was socially and legally.
free speech applies to all, not just to those who are lucky enough to sit in the ivory towers of esteemed academic institutions.. there are countless others who were also working on the xbox w excellent results.. but their voices shall remain forever silent behind the curtain of the dmca..
(andy) profile: i was offered scholarship .. but turned it down and instead left school at 16 w no further ed.. i was quite content to teach myself anything that interested me
(andy): i discovered that hardware and software are two sides of same coin.. although they are treated completely separately in ed..
in dec 2001 i discovered that integrity was more important than money, resigned, and decided to go back to working for myself..
my mit advisor to knight once told me: ‘there are two kinds of design in this world: those that are useful and those that you can formally prove to be correct’.. to some extent, the only way to ensure the security of real world system is to make its details open ( no security thru obscurity) and subject the system to analysis from all angle.s. in a way, a thorough analysis of xbox security is being conducted at no expense to microsoft.. thanks to the hacker community
my final thought (andy profile) is to encourage people, especially young people, to listen to their brain when it comes to things that interest. them. don’t be afraid to dig around and try to learn about things that snag your attention. that feeling you get when you wish you understood something, a kind of yearning, is your brain’s way of telling you that it thinks the knowledge might be useful later. if you listen to it enough, you stand a good chance of knowing the right thing at the right time to make some small difference.
begs a means to detox us.. to undo our hierarchical listening
like most things in life.. the first step is education
notes from ipad:
12 – caveat hacker
competitive marketplace required to preserve innovation and to ensure fair markets.. so .. intellectual property law..
electronic frontier foundation provided me w legal council.. internet.. power to connect us all.. and future developments in tech will enable us to access info and communicate w others in even more powerful ways.. but only by fighting for our rights to speak freely whatever the medium. can d we protect/enhance the human condition.. eff was created to defend our rights to think, speak and share our ideas, thoughts and needs using new techs
eff.. defends court cases preserving rights.. launches global campaigns.. intros leading proposal and papers.. hosts frequen ed events..
congress/constitution.. to secure authors/inventors exclusive right to their writings/discoveries
any form of m\a\p is killing us..
in us authors/inventors don’t have ‘natural right’.. instead their rights are based on notion of public welfare.. society will benefit if authors/inventors get some protections.. because they won’t have adequate incentive to create if others can freely use their work
oi.. again.. there are no single authors.. if say so.. violating cr laws from prior/others that are tied to ‘invention’ or discovery/writing or whatever ..
so copyright law is quite complex..
the bargain here is that in return for the patent, the inventor must provide enough info in the patent application to enable one ‘skilled in the art’ to create the invention w/o much experimentation.. by making the info public the patentee contributes to society’s store of knowledge
oi.. oi.. oi..
intellectual property rights are a means to an end.. to promote the progress of knowledge and tech..
interestingly, concern about monopolies is historically linked ot hte concern for free speech..
the freedom to tinker should also include the right to talk about tinkering.. but as we’ve seen, many of the new intell property rules limit the right of reverse engineers to share what they learn from tinkering.. these limits.. serious 1st amendment free speech issues.. and go to heart of constitutional basis for copyright and patent law: progress in arts and sciences.. on of the major issues raised by the dmca is its chilling effect on scientists
oi – we have no idea the chilling effects any form of m\a\p is doing to us.. has done to us
13 – onward
the hacking community: xbox hackers are an anarchistic community that works mostly underground.. most keep a low profile.. hackers are more inclined to share results/findings if they know they can back away unscathed in case things get ugly.. use of pseudonyms also levels playing field.. for young et al..
appendix e: debugging: hints and tips
thus.. real art of debugging is in tracing a set of symptoms to a root cause despite a lack of visibility and total system knowledge..
we need a means to listen deeper.. to get to root.. root/essence that 8b people would resonate w today..
observe symptoms.. buts manifest selves thru symptoms.. and it is up to you to deduce root cause by observing several symptoms and deducing culprit.. keep in mind that the most telling symptoms are often not outwardly obvious.. and will require a measurement or an experiment to find them..
there are some symptoms that are often time incorrectly interpreted as causes..