MIT grad student shows how to read Xbox security key
He did it legally too, apparently. Isn't that clever?
An MIT graduate student has successfully dismantled Xbox's security system and published (after what appears to have been some discussion with Microsoft and EFF lawyers) the results. Bottom line - Xbox security relies on a "chain of trust" built on a "seed of trust" key that is included in a physically secure, secret boot block and which is identical in all shipped hardware.
So if you've got one, you've got them all and Andrew "bunnie" Huang's paper explains how he was able to get them. You can get full details of what he did here, in the academic version submitted to MIT, and bunnie also publishes an entertaining and knockabout history of his Xbox activities here. The Register is particularly taken with his happy announcement "hey! I'm finally done with my PhD thesis on supercomputer architecture...I can finally spend some more time playing with the Xbox" before he gets down to tearing it apart. Most definitely, a crazy guy.
Where Microsoft goes wrong in the Xbox security system is that although it camouflages the existence of the secret boot block via a not secret boot block, and makes it very difficult and expensive to access the secret block (it's hard coded into the southbridge system ASIC, which is built in 0.13 micron), the block itself is sent in clear over the HyperTransport northbridge-southbridge bus. Thus, by monitoring and analysing this traffic (bunnie tells how, it involves a belt sander, don't ask) you get the key.
It doesn't take expensive hardware to do so, matter of fact it can be done with the kind of hardware an MIT grad student has lying around after doing his PhD thesis on supercomputer architecture. Once you've done so you then have the ability to investigate the bootloader and kernel further, as bunnie says he's doing, and opening out the Xbox for standard peripherals and other operating systems. As he says, "if you ship your secrets in your hardware, it is a good assumption that the users will eventually - and perhaps quickly - know your secrets."
On an individual console basis his work suggests that it will be simple enough to be able to run what you want on Xbox hardware as currently constructed, and there are obvious implications for Microsoft as it begins to turn Xbox into a connected device. Xbox machines each have a unique ID, you could no doubt get access to these if you circumvented the security, so there is both a privacy issue and a threat to Microsoft's revenues from online services.
The paper offers Microsoft some suggestions as to alternative and more viable security approaches, and no doubt The Beast is working on updates even as you read. As for you conspiracy theorists about to mail us suggesting it's all a plot to get you to buy Xboxes before they put on a better padlock - just don't, OK? ®