Free60 Project Aims for Linux on Xbox 360 511
BlueMoon writes "The Free60 Project wiki and developers mailinglist has been launched. The project aims to port open source operating systems like GNU/Linux and Darwin to the Microsoft Xbox 360 gaming console.
The site already contains some interesting details about the Xbox 360 security: per-box key stored on CPU, boot ROM will be on CPU too and a hypervisor verifies the running state of the kernel."
*click* (Score:5, Funny)
Re:Nice try (Score:5, Insightful)
There is no absolutely unhackable security model. Even if there is absolutely no bugs in XBOXs software (which I find highly unlikely - this is Microsoft we're talking here), you can always modify the hardware until the code you want to pass passes. Simply replace every single part if nothing else helps.
The real questions are: is there a hack that requires so little effort from the part of the user that it is worth the trouble, and if so, how long until it is discovered ?
Security isn't about perfection (Score:5, Insightful)
If it takes 50 solder points and a week of effort, 99.9% of your users won't modify their consoles and your software sales won't be negatively impacted. If it takes a complete code re-write then finding a hash collision to get a modified console online, nobody will do it. Heck, Nintendo found that adding 2 little plastic tabs to the SNES was sufficient to greatly reduce the scope of the import market.
Security is about dissuading people from doing things, not preventing them.
Re:Security isn't about perfection (Score:5, Insightful)
If it takes 50 solder points, somebody in China will figure out a way to make the work go quickly, and people will import them from Lik-sang. And we're nowhere near the 50-solder-point mark yet. And granted, if it got to the point where modifying it took more than $50-100 of work, people would just buy the nearest-priced open media portal device instead.
Ultimately, technical security is completely different from physical security. Developers can do things in their home that's not detectable anywhere, and once things are broken once, they can easily be broken everywhere.
Re:Nice try (Score:3, Insightful)
Re:Nice try (Score:4, Insightful)
After that, rename your Xbox to "Ship of Theseus [wikipedia.org]".
Re:Nice try (Score:5, Funny)
After some analysis, I've already discovered what appears to be a critical vulnerability already in the 360's chain of trust.
The approach will not be easy. You are required to maneuver straight down this trench and skim the surface to this point. The target area is only two meters wide. It's a small thermal exhaust port, right below the main port. The shaft leads directly to the reactor system. A precise hit will start a chain reaction which should destroy the station.
Re:Nice try (Score:3, Funny)
Re:Nice try (Score:3, Funny)
Re:Nice try (Score:5, Informative)
Re:Nice try (Score:5, Insightful)
I know games programmers, and while many are competent, they rarely care/have time to audit their code for security bugs.
Er... say wha? (Score:5, Insightful)
Once you get into hardware probably very few people will attempt it. Too risky.
I don't know what circles you travel in, but I don't know *anyone* who owns an Xbox that is not modded, and that is out of about 20 to 30 Xbox owners.
The benefits of modding (namely, XBMC and the ability to play backups) are just too great to *not* do it.
It will be the same for the 360 - a hardware mod chip will be out in a matter of weeks, and everyone and their dog will have one.
Re:Nice try (Score:5, Informative)
Please improve your pitiful knowledge.
http://www.xbox-linux.org/>
Softmodding (modding with no hardware modification) is possible based on a few different methods. There are at least three games for which a savegame buffer overflow exploit is known. You can download a malicious savegame, load it from within the game, and linux boots. From there you can ftp anything you like to your hard drive. (This is the method I chose.) No hardware modification is required. Getting the savegame available to the XBOX can bit tricky. You can either buy an xbox memory card with one installed, or use a standard USB memory drive connected to the controller port -- the controller ports are standard USB with a different connector, but commercial USB adapters are available from real companies (i.e., companies with interests other than assisting you in softmodding).
Among the popular "permanent" softmods you can install onto the harddrive are font mods (buffer overflow in the font file that loads with the splash screen) and sound mods (buffer overflow in the sound processing code, for playing ripped tracks - the original MS software includes a CD ripper for inserting your own soundtracks into games that support it). (I chose the font mod).
Now that you have a mod on your hard drive, you can run unsigned code, including linux itself, alternate dashboards, or (my favorites) Xbox Media Center (not to be confused with the Media Center package Microsoft sells for Xbox) or Xbox-MAME.
A totally different way to go involves opening the XBOX, connecting its hard drive to a PC, loading linux on it, and putting it back in the XBOX. That could be considered "hardware modification" but it requires nothing more than guts and a few screwdrivers.
Re:Nice try (Score:5, Interesting)
Done and done. [cdfreaks.com]
It involves getting in through a savegame. I had this done to my XBox; it has something to do with FTPing in and replacing boot files.
Hopefully the new system gets cracked quickly; an XBox with XBox Media Center is very useful!
Re:Nice try (Score:3, Interesting)
There's a simple, Free exploit that uses a buffer overflow in MechAssault to run unsigned code under the security restrictions of the game itself; one of the things it can do is write files to disk. Appropriate files can replace or modify the Dashboard, allowing unsigned code to run with no restrictions and act as an operating system. Such code exists Freely for older Xboxen; for newer ones, there is
os x? (Score:5, Interesting)
Re:os x? (Score:5, Interesting)
Re:os x? (Score:3, Insightful)
Besides, at this point all we could hope for is to be able to unlock the region code bullshit and to allow copied DVD's to run. I think this in itself will be a very daunting task - although invariably there's always some weakness in the system somewhere that allows
My Thoughts Exactly (Score:3, Interesting)
I suggest that correct this problem that you transform your "XBox" into the form it should have originally been in:
1) Buy MicroATX case (with powersupply)
2) Rip apart XBox
3) Rebuild your computer. err XBox.
Done Right? [slashdot.org]
and I suppose:
4) Install Linux and stop buying those ridiculously priced games.
Re:My Thoughts Exactly (Score:3, Funny)
Because it's there (Score:5, Interesting)
An Indian Psycologist (whose name went something like Sikh Sent Mahalia - but I'm sure I totally mangled it, and can't lay my hands on the book) identified the necessary components of "flow" as skills, rules, goals, and feedback. For any activity, whether work or play, if you lack the skill, or if the activity is too easy or too hard, you are frustrated and unhappy. If you can't discern the rules (or meta rules), you are frustrated and unhappy. If there is no goal, you are frustrated and unhappy. If there is no feedback on your progress, you are frustrated and unhappy.
Sports like football have all the components (for those with the skill), and there is "flow". Putting linux on machines designed to prevent that very thing is like a game of football for geeks. It requires skill (is not too easy), but has been and probably can be done (is not too hard). The rules are those of logic and electronics. The goal is clear, and there is feedback along the way as you (carefully arrange to) see evidence of the system running your code further and further along in the boot process.
It can get frustrating if there is a lack of feedback - you can't find a visible bit to twiddle to show the code has gotten to a specific point.
holy mangled facts, batman (Score:5, Informative)
Re:holy mangled facts, batman (Score:3, Funny)
Re:holy mangled facts, batman (Score:4, Funny)
Seriously, I was this close to mod you funny...
Re:Because it's there (Score:3, Interesting)
How he defines flow: being completely involved in an activity for its own sake. The ego falls away. Time flies. Every action, movement, and thought follows inevitably from the previous one, like playing jazz. Your whole being is involved, and you're using your skills to the utmost.
The quinessential example that would accurately describe "flow" for the slashdot crowd would be the lost sense of time, sort of euphoric feeling that
Re:My Thoughts Exactly (Score:5, Funny)
Re:My Thoughts Exactly (Score:3)
yes, I love nethack too.
Re:Other than M-rated first person shooters? (Score:3, Informative)
And there's always WINE (or one of the commercial mods of it, like Cedega). Most games (about 2/3rds of the ones I've tried) run on it just fine, though a lot of 'educational' titles run very poorly because of shoddy programming (not that they run too great on native windows either). Heck, with the Caillou games, there's plenty of older kid
Re:My Thoughts Exactly (Score:3, Insightful)
Yep, who needs good games anyway? Much more fun to play a poorly done version of some 10 year old PC game.
Re:My Thoughts Exactly (Score:3, Informative)
Re:My Thoughts Exactly (Score:3, Informative)
The PSP... who knows. The PS3 will be sold at a loss for some time, but will likely start turning a profit after a while.
The XBOX is the only console to lose money over its entire lifespan. It remains to be seen if MSFT can contract the cost of manufacturing enough to bring unit production cost under sale cost and turn a profit on the XBOX360. Since they own the rights to everything in the system, it's entirely possible.
Re:My Thoughts Exactly (Score:4, Interesting)
What would be cool is if somebody would port the BOINC distributed computing client, and put together a bootable CD for xBox. If you know you're not going to be using your console for a while, just put the CD in and reboot it, and it crunches numbers until you're ready to play again. If you think of the numbers of game consoles that are sold, and the number of hours that they're probably used per day (after the initial fascination wears off), that's a lot of idle CPU time. Now that consoles are getting comparable to computers in power, and have network connections and attached disk storage, I don't think it's that ridiculous an idea.
They should probably wait... (Score:4, Funny)
At least (Score:5, Funny)
Re:At least (Score:3, Funny)
Not too quick! (Score:3, Interesting)
Hypervisor (Score:5, Informative)
Re:Hypervisor (Score:5, Informative)
Also, if you read on the Free60 documentation site, it's apparent that the factoids being discussed, including the only mention of the hypervisor, are being attributed to "someone on the IRC" -- not exactly a reputable source.
are there any non-gaming applications to this (Score:5, Interesting)
Re:are there any non-gaming applications to this (Score:5, Interesting)
Re:are there any non-gaming applications to this (Score:3, Insightful)
So for high performance computing, I don't see how networking a bunch of XBoxen together is going to deliver anything that couldn't be achieved by networking a bunch of beige boxes. With a custom-built solution, you
Source (Score:5, Interesting)
The biggest thing I wonder about in "The key is stored inside the CPU". This adds cost, but it is possible [intel.com]. It means that to execute your own code, the serial number must be determined so that a replacement flash chip can be properly encrypted. I'm betting it's pretty hard to find this number out without taking apart the processor.
Re:Source (Score:3, Interesting)
IIRC, there's an extention to the JTAG specification for in-system programming of devices, such as programmable logic or flash memory.
I don't think it would be too cheap to store the unique per-console key in a few bits of flash memory in the chip die. Then all CPUs would be identical, and during the normal testing phase they could program the flash. And God knows we have flash memory technology issues down these days.
There's other ways too; fuseable links to make it perma
Re:Source (Score:5, Insightful)
This ID can probably be accessed through the JTAG port, or accessed internally - the data is going to be in a certain format (Lot #, wafer #, x coord, y coord, or something similar) that would be easy to verify...
You could also make it so reading the id from one place and writing it to another was part of the reset sequence on the chip...
WRT getting the serialid out of the processor, you should be able to read it out through a simple JTAG instruction
Re:Source (Score:5, Insightful)
Furthermore if it follows the MS TC model then the CPU's crypto store will also have MS X-Box boot and app signing Root certs. All code, especially the boot process will have to be signed by something that will pass a check against those Root Certs. At a guess I'd say they have more than one of each type and they can be revoked via firmware (ie over XBox live, or via code distributed in games) just in case their primary leaks. Finding buffer overflows or figuring out how to code the instructions for an alternative boot firmware wont help unless you can figure out how to sign the code you feed into CPU. If the hardware design is properly secure then that will require breaking a strong crypto system equivalent to that used in X.509 certs in order to compromise those MS owned signing keys. This is a much much harder problem than compromising the original X-Box (which only used software based crypto so it could be subverted by replacing the boot code) or the PSP (which seems to rely on no secure execution model at all). MS certainly know how this should be done, the question is did they actually try to do it and if so did they succeed. That is the main reason I'm interested in this X-Box 360 hacking attempt, it's success will show how serious MS actually are about extreme DRM.
My guess on that is that the answer is very interested indeed, if they can successfully implement a popular consumer device with a hard TC architecture then there are a lot of people out there who will want them to share it with them - the Cellular Telco's in particular love this stuff and will happily get into bed with MS if they can sell them a proven TC architecture that is resistant to attack.
First step! (Score:5, Funny)
1, Attach your XBox on a string so it can be c00l enough
Well, in regards to piracy... (Score:5, Interesting)
Re:Well, in regards to piracy... (Score:3, Interesting)
Re:Well, in regards to piracy... (Score:4, Insightful)
heat, power, shock, size, noise (Score:3, Informative)
That doesn't really make any sense. More likely: heat, power consumption, shock resistance, noise, and physical size. Especially heat/power/size, which are critical for a "console" game; just look at the problems with the overheating power adapters...
Good idea (Score:5, Funny)
Obligatory PA (Score:4, Funny)
http://www.penny-arcade.com/comic/2003/06/30 [penny-arcade.com]
Sounds like a good warm up (Score:5, Insightful)
Question (Score:3, Interesting)
But is it not possible to modify a distro for specifically that set of hardware that comes with, say, the Xbox 360? Would the gain in performance not be equal to that of games software written for that set of hardware?
Re:Question (Score:5, Funny)
3 x 3.2Ghz Power PC CPUs, 512MB memory, high-end GPU, 20GB HDD & wireless.
I see what you mean. It's hardly worth bothering with really is it?
This is not the slashdot I once knew (Score:5, Funny)
As the Executive Sales Manager for Microsoft XBox 360 I don't see this as news but a direct
illegal action against the Microsoft corporation. Hacking the XBox hardware which the machine was
not originally intended for will be further looked into by the FBI and CIA as it is considered a
hostile Terrorist action against the United States of America's privatly owned enterprises. We
have the governments full support to fight this Communist plague and any attempt to interfere or
hinder this investigation will result in an immediate hostile response.
this is good for microsoft (Score:4, Insightful)
when 360.0 is cracked, they'll learn how it was done, and make 360.1 more secure. same when people crack 360.1 etc. all the xbox linux code will be open source so they can have a good look at the methods used.
this is all good practice for them so that oneday they'll be able to make a computer that will only run windows and signed code. then they'll claim that anyone not using their secure platform must be a hacker or software/music pirate. then they lobby the
But they do care if.. (Score:3, Insightful)
Remember they are gambling on game sales to make a profit on these things.
Re:But they do care if.. (Score:3, Informative)
But so will the price of the Xbox. Especially in probably about 3-4 months when the PS3 is released.
Re:this is good for microsoft, so what? (Score:3, Insightful)
TCPA (Score:5, Interesting)
This is (as far as I know) the very first Trusted Computing platform that we can put our hands on. Very, very interesting. And it is well done (no obvious flaws).
If somebody can break that, we may be safe! That or they may build a more secure one, but we'll be safe for more time anyway.
FAQ (Score:5, Funny)
Q: Have you guys modded the Xbox360 yet?
A: No, not yet.
Don't shut it down (Score:4, Interesting)
Everyone expects that Microsoft would want to shut such a site down. Believe it or not, if the Trusted Computing Machine paradigm is to really take hold, Microsoft is going to have to wait it out. Lots of companies have worked on other tamper-proof technology. If this platform can withstand a very large portion of that attack, then they will have a reputation to be proud of - from a security perspective.
Bruce Schneier [schneier.com] reminds us of several attributes in his book Secrets and Lies.
For the record, I have no interest in playing on a 360, much less compromizing one, but if Microsoft can apply the above principles, then they will have a reputation and platform other non-gaming industries can embrace. Even Sony couldn't buy that with money. I do, however, have my doubts that Microsoft has focused on security robustness because their first and formost motto should be "It's all about the gaming experience." Fail that and the thing dies anyway.
The name (Score:3, Funny)
Let's get hacking. (Score:5, Insightful)
Speaking of crashes... (Score:4, Insightful)
It was very easy for me to kill a devkit as it fell laterally while the console was on.
I can't imagine the retail system being less sensitive to that, as it's only normal for an HD to get damaged that way.
The problem is that the thing is meant to stand up, but it's light and it doesn't have a wide base.
Watch out.
It's just a ploy from MS to make Linux crash... (Score:5, Funny)
Now if these buggers over heat and die regularly what do you think GENTOO is going to do to it with all that compiling?!?!
It's going to set fire to houses and KILL PEOPLE!!
Then MS can sit back and let the marketing dogs of war loose, and Linux will be branded as the child killing OS for ever and a day.
so.. which of you genius Judas will be nailing Tux to a dead tree first??
Some team at M$ is watching (Score:3, Funny)
This must be a great story (Score:5)
must.. have.. slashdot.. story.. (Score:5, Informative)
faaaaaaaaaaarrrrrrrrrrrrrrkkkkkkkkkkkk!!!!!!
Re:Why would you need it on a three 3.2 GHz proces (Score:5, Funny)
Re:Why would you need it on a three 3.2 GHz proces (Score:5, Funny)
Re:Why would you need it on a three 3.2 GHz proces (Score:5, Interesting)
Re:Yay (Score:5, Funny)
Re:Yay (Score:5, Funny)
Then it becomes a warm fuzzy feeling.
Re:Yay (Score:5, Interesting)
If only we could port Vray, Mental Ray and PRman to it.
Cheap renderfarm networked together. Need lots of cooling though from what I understand about the 360
Re:Yay (Score:5, Funny)
You must be new here...
Re:Easier option... (Score:3, Funny)
Odd Timing (Score:3, Interesting)
Re:Odd Timing (Score:3, Insightful)
Mobile computing is critical to Apple's strategy (indeed - mobile PCs are going to seriously erode the desktop market), where the PowerPC had few viable options. Mobile computing doesn't really matter much to the gaming console market.
Re:Odd Timing (Score:3, Interesting)
Sure it does. GameBoy* and PSP* are profitable, and will continue to be profitable as they gain enough processing power to run re-releases of current console games in the next five years or so. A self-powered X-Box that fits into a discman-size form factor would be a killer app, and is close to being achievable today.
Re:Odd Timing (Score:3, Informative)
Yeah, but the power supply is the size of a mini-fridge.
Re:Easier option... (Score:3, Insightful)
Re:About that Mac Mini (Score:3, Informative)
For signal processing applications, and stuff that's compiled with an intelligent compiler, the cores are pretty powerful. For desktop apps the CPUs will suck, but for 3D rendering and video encoding/decoding (oh yeah, audio processing too), the 360s triple-core CPU is going to be pretty amazing, especially for things that can be split into multiple threads easily.
The 360 will definately eat the Mac Mini for lunch in numerous applications, and is pro
Re:About that Mac Mini (Score:3, Insightful)
That's a pretty good incentive to get Linux running on them. Having a handful of them as rendernodes would be a great application, and would be great to have Microsoft sponsoring the independant Australian film industry to the tune of $US170.00 per node...
Re:Consoles are not general computing platforms (Score:5, Interesting)
One box to do it all. You get a lot by being able to run your own OS on the box. Don't troll with unintelligent comments, it's not worth it.
Re:Consoles are not general computing platforms (Score:5, Funny)
Geeks don't need a "why." (Score:5, Insightful)
Re:Geeks don't need a "why." (Score:3, Insightful)
So what I'm trying to say is that somebody needs to stand up an say that Linux could just be an excuse for hardware hackers looking to crack the Xbox and play gamerips.
I've got Karma to burn & nobody has brought it up yet.
Re:Consoles are not general computing platforms (Score:4, Insightful)
To quote A Canticle for Leibowitz, "How did that heresy get into the world after all these years?" Anything with a standard CPU inside it is general purpose. The Xbox 360 is a Turing machine...with great graphics and an overheating problem, but that doesn't affect its Turing-completeness. Your Linksys router, your graphing calculator, probably your digital clock, are all general-purpose too, if you can find how to reprogram them. This world has very few special-purpose devices left in it. The point of things being Turing-complete is so that they're not special-purpose.
Remember that anything with a microcontroller can have that chip reprogrammed. The only special-purpose chips left are probably in heavily-embedded systems like the chip inside your optical mouse or something. For most applications it's cheaper to program a general-purpose microchip in software, instead of making your own logic circuits.
Re:Consoles are not general computing platforms (Score:3, Interesting)
Re:Consoles are not general computing platforms (Score:3, Insightful)
Re:Erm why? (Score:5, Insightful)
Ooo! Ooo! And a cure for cancer too! (Score:5, Insightful)
I consider this the logical equivalent of the question, "Couldn't they be working on a cure for cancer instead?" I cannot abide this sort of arrogant stupidity.
1) All programmers/scientists/etc. are not equivalent. Life is not some computer strategy game. You can't just wave your mouse around, pull a person off one project, put them on another, and expect the same level of productivity. Maybe the Xbox 360 project will attract people with good hardware hacking skills that aren't really applicable on anything you care about.
2) What interests you may or may not interest people of technical aptitude. Sure, a cure for cancer would be really great, but not everyone is interested in whatever field of research will finally result in it. Some people might be more interested in entomology than oncology, and some people might be more interested in getting a cheap, powerful Linux home entertainment computer than whatever makes you happy. Your desires are not everyone else's desires.
3) What doesn't interest you isn't necessarily useless. An Xbox is a very powerful multi-processor system perfect for hooking up to a home entertainment system and well suited for light distributed processing tasks. It's also fantastically cheap for what it's capable of. There are numerous potential uses for it.
4) Not everything has to be useful to be worth doing. Surprise, surprise -- the people working on this might be doing it for fun! Even if it didn't have a lot of utility, that doesn't mean it isn't worth doing if it brings someone enjoyment to do it.
In short, stuff it. You're not the dictator of the world, so quit discouraging people from pursuing interests that you don't share.
</frothing at the mouth>
Nitpick (Score:4, Insightful)
Well, a theoretical dictator of the world not have to "discourage" people. He'd just send in the shock troops and put an end to whatever the rablle was doing. :)
And the OP's attitude wasn't *that* horrible. Things should have their value questioned at all times. The lack of questioning things leads to most of the messes we have in the world today. Watch a politician give an interview thse days. I don't think "follow up question" is even in the cirriculum of journalism schools these days.
And, yes, "doing it for fun" is a perfectly valid answer, but there's no need to Bakersfield chimp on the OP. ;-)
Re:How To (Score:5, Funny)
1. Get modified Xbox with Linux installed
2. Suspend on a piece of string
3. Spin 360 degrees on piece of string
4. ???
5. Profit!
Re:Why? (Score:4, Insightful)
That's doubletalk for "you must use MS ______ to view this content".
Enough! (Score:3, Insightful)
But enough already!
Look, it's reall simple... and I'm going to spell it out for you. Ready?
Microsoft makes a product (Windows) that, in most of its incarnations, basically blows. We all know that. Every day, I promote Linux to as many of my clients / customers as I can. I sell new and refurb boxes with (k)Ubuntu installed. I build low-mid range servers running Gentoo and occasionally
Re:Enough! (Score:5, Insightful)
The real danger is that the 360 represents some of the first real shooting in the DRM wars: a large-scale deployment of hard-wired cryptographic restrictions with the sole purpose of locking consumers out of their own property. Running Linux on this hardware is just a fun side effect of the very important and immediate need to defeat trusted computing and digital restrictions technology -- and to defeat it soundly and rapidly.
Re:Lies! All of it Lies! (Score:4, Informative)
bbs --> newsgroups --> IRC --> the internet
somewhere in there are mailing lists
I'm not sure why you (an AC) is badmouthing IRC, but lots of serious conversation happens in various 'official' channels. Not everyone has left IRC.
A lot of exploits for the original Xbox were worked on in IRC channels... just because you don't know about it doesn't mean it ain't happening.