Hackers Dodge Xbox Live Shutout

An Ars Technica post at their games column Opposable Thumbs points out that, despite Microsoft's best efforts, hacked Xbox 360s are once again playing on Xbox Live. "Steadfast in their pursuits, the hackers of the Xbox 360 scene have managed to best Microsoft's Xbox Live Banning protocol: a system of checks in place to identify hacked Xbox 360s and deny them access to the Xbox Live Network. The current method of hacking the 360 involves exploiting the firmware of the DVD drive (the preferable method), and this latest patch does just that. In fact, the creators are so confident in their breakthrough that the info file remarks that the new firmware 'defeats all current and some future Xbox Live detection attempts.'"

How long until....

[Maverick390]

The person you are about to shoot may be playing on a hacked xbox, Do you want to continue?

Re:

[Kiba Ruby]

Why does everyone assumes hacked xbox as bad? They might simply be hacked to add more features and play homebrew video games.

Re:

[Rude Turnip]

It's bad if they're on Xbox Live, which is a private, paid for network where the users are paying for reliability and consistency in a level playing field (ie no wall hacks). No one is going to go through the time or expense to look into the intended use of every hacked console. If a hacked console doesn't go on Xbox Live, then there is no issue.

Re:How long until....

[StikyPad]

Actually, the hack in question only allows the use of copies. There is an exploit which allows the execution of unsigned code, but it only works on a specific version of the kernel. Connecting to Live would automatically update the kernel (dash console), which would patch the exploit. So any claims that they are protecting against bots and cheats is pure FUD, since bots and wall hacks *do not exist* on the 360 (at this time); at least none that would work on Live.

Eventually another unsigned code vulnerability may be found (which is what you would need to run a modfied client), but this will almost definately not be a result of modifying the DVD-ROM firmware.

Re:

[DrSkwid]

I definitely agree.

Re:

[Drantin]

Are all the data files used by the signed executable signed as well? Can those be modified?

Re:

[twistedsymphony]

BZZZZT sorry, try again, thanks for playing though

Sorry, I didn't mean to come off like a jack-ass but this is a very common misconception. You're absolutely right that they can't run unsigned code, but unfortunately most games only sign the executables... This leaves some games VERY open to things like wall hacks or other modifications of the content itself.

Why don't you ask Bizarre Creation how they liked trying to deal with the people racing the neon green 600HP E class cars with infinite lateral g

Re:

[Ewan]

Hacked XBox 360s can only play copied games, there's no other additional features and no homebrew games exist, as the hack still only lets you run signed code from Microsoft.

Re:

[prockcore]

Textures aren't signed.. you can still do wall hacks by changing the wall textures to be transparent.

Re:

[baadger]

Are you saying that after almost 2 years the 360's code signing hasn't been cracked?

Re:

[Abcd1234]

Meh, it took nearly three years for the DS cart encryption protocol to be broken. These things take time.

Re:

[C.]

The person you are about to shoot may be playing on a hacked xbox, Do you want to continue?

Maybe not, but I wouldn't be surprised by:

The person who just shot you may be playing on a hacked xbox, Do you want to continue?

Once again...

[dteichman2]

The hackers have more manpower than Microsoft. It's also worth noting that they're probably more skilled than the XBL engineers.

Even if Microsoft had 1000 people working on this, the hackers would still be ahead. It's impossible to estimate how many people take a shot at console hacking just for the hell of it.

Inevitably, the hackers dominate just about any platform. That's just the way it works.

Re:

[Phil246]

not necessarily. It would be reasonable to assume microsoft has a log of which xboxes were hacked, and xbox live is a client-server based system no?
All they have to do is block them on the server instead of telling the console to block themselves and the hackers are at step 0 again.

Re:

[Wicko]

If this is true, why hasn't it been done already? I imagine there is some way to edit whatever ID's your xbox as yours.

Re:Once again...

[Drogo007]

Not necessarily true. Hacking can get you a long way, but eventually it usually breaks down.

Case Study: A game I was part of the dev team for held an online, sponsored tournament. The four finalists were flown to Hawaii where they competed head to head on rigs provided by the company for the championship. One of the final four had been playing phenominally online, yet once he got to Hawaii, his game fell completely apart. He complained endlessly about how the computer he was playing on was different from what he was used to at home. Yet the other three players didn't complain at all. This guy got completely, embarassingly destroyed in the finals. And we eventually patched the hole he'd used to cheat his way to the finals.

But don't miss the fact that only 1 out of the 4 finalists was a cheater (I believe first place won $50,000 with a shot at a million-dollar challenge). The other three were simply legitimately good players.

Re:

[dteichman2]

A determined hacker could have still broken your game (disassembly, DLL-injection, etc).

It's just a matter of the amount of effort someone is willing to put forth.

Re:

[hidannik]

The point was that the game was broken, but that didn't help the cheater in the end, when he had to play on someone else's (the sponsor's) PC under supervision.

Re:

[sonamchauhan]

... play on someone else's (the sponsor's) PC under supervision.

Heheh... the XBox360 is feels a bit like this too... public key crypto, CPU Efuses, mandatory updates....

Re:

[Anonymous Coward]

If you start modifying files on a rig provided to you by the competition(one on which you may not have administrative access), you're taking a much larger risk than by simply cheating on Internet games.

If you're caught by some automated detection system, you can always have plausible deniability, even if you're still banned: automated detection systems sometimes have false positives, viruses can install questionable software on your computer without your consent, etc. As far as reputation goes, this is stre

Re:

[bubblejet]

So the cheater didn't win, but he still got a free trip to Hawaii. Sounds to me like he did pretty well.

Re:

[Guppy06]

"Not necessarily true. Hacking can get you a long way, but eventually it usually breaks down."

Only for those who are later required to play on somebody else's hardware.

"But don't miss the fact that only 1 out of the 4 finalists was a cheater"

Oh, I don't miss it, I just wouldn't use the adjective "only." It suggests that at least 1/4 of the players in your game were cheaters, potentially as many as 100%-3. It also suggests that your security was so slipshod that you allowed a cheater to get so far as the f

Re:

[cgenman]

Yup. Cheaters never win. Poor guy had to console himself with the notoriety, the excitement of competition, a free trip to Hawaii...

Re:

[rtechie]

Not necessarily true. Hacking can get you a long way, but eventually it usually breaks down.

99% of players do not, and will not, compete in tournaments. Perhaps 10% engage in online tournaments. From what I have seem (I don't play XBOX live that much), cheating is insanely rampant in online shooters like Halo and Ghost Recon. I've played maybe about 50 games of Halo and 100 of Ghost Recon, and I would say there was some sort or cheating or "griefing" (if the host was losing he's quit, etc.) in at least hal

Re:

[badboy_tw2002]

Its also worth nothing that I can make up any "facts" I want and assert them as true, but that doesn't make them so.

Re:

[Khyber]

Nope, because 360s use a few different brands of optical drives, each with their own firmware. Ban one, the hack for another pops up. Lather, rinse, repeat.

Hmm

[JMZero]

As far as I know, the mod in question only allows users to play "backups" of games - not to run arbitrary code (including cheats). So the concerns of people cheating are a little off the mark. As is the idea that the detection could really be moved to the server side - any detection regimen is going to have to look at the drive's firmware or some characteristic of the disk and this looking is going to be done at the client end.

Re:

[hidannik]

Could not a backup have modified game assets on it, such as (also noted elsewhere) transparent textures allowing the hacker to see opponents behind walls?

Re:

[JMZero]

I hadn't thought of that - it should be doable assuming the content isn't signed as well (and I wouldn't think it would be). This sort of cheating should be reasonably easy to detect via forced updates (easier than the drive firmware sneakiness at least), but it's sad anyway.

Re:

[Rayonic]

Apparently there is an array of cheats you can do in Gears of War if you edit come .cfg files on your pirated copy of the game. Probably lots of other stuff possible too, in general.

Only a Half-Win

[schoolisdeath]

People with hacked Xbox 360s still need to buy a new system in order to play online. So it's really not all that bad for Microsoft. When they defeat _this_ hack, then all people with those hacked boxes would have to buy yet another Xbox. What would really screw up Microsoft's banning efforts is if people managed to change their console IDs. Then banning a console ID would put a regular Xbox 360 out of commission, and the banned one would just change to a different good ID again.

Re:

[Ponzicar]

Remember that Microsoft sells 360s at a loss, making up that loss with game sales and live accounts. If someone buys a new 360 and only plays pirated games on it, Microsoft would only make money from the live subscription. Thus it's still bad for Microsoft.

Re:

[cbackas]

Note that the selling for a loss thing is no longer true [techspot.com], hasn't been since late November. Costs may even have come down more since then.

Re:

[Slashcrap]

PS3 - free online, dedicated servers, 32, 40 player games

I assume that this will remain a theoretical maximum until such time as the 32nd PS3 is actually sold?

Re:

[antiseptic_poetry]

what's the 32 player PSN download game? I live in Europe, so we're a bit behind on PSN content.

Re:

[catprog]

According to vgchartz the ps3 is on track with the ps2 (http://vgchartz.com/hwcomps.php?cons1=PS&reg1=All &cons2=PS2&reg2=All&cons3=PS3&reg3=All&align=1) I wouldn't joke about Backward compatibility on either the PS3 or XBox360(I am a pal gamer). Neither has the full range of games playing like the wii(gc)

Re:

[svendsen]

Huh weird my GoW multiplayer perfect...my Cod3 (24 people) no issues...so either your connection sucks or you are talking out your ass.

Re:

[Kalriath]

You must be the same guy as the one from up above.

Take the stick out of your ass, slashbot.

Re:

[Mishotaki]

so you're basically saying: PC - lots of games PS3 - lots of games Xbox360 - only one game and it's not even out yet...

Re:

[yoprst]

I mostly play on a server that's aggressively monitored for cheaters, so when a cheater's caught (happens almost daily) a can see how good I am comparing to him. The cheaters routinely get owned by me, and I'm just a mediocre player. Perhaps if you move from mindless shooting to more advanced tactics you'll experience the same effect?

Re:

[Lost Engineer]

Oh, man, we clearly play different games. I only play team tactics games (mostly team skirmish in the Halo 3 Beta lately), but the fact remains that you can't tell an aimbot from world's best players. I don't mind getting owned by the latter, but the former really pisses me off, because the cheaters are also the most annoying teammates and opponents.

I'll pay 50 bucks for the network with no cheaters. As others have said, I really wish they'd host the games themselves, but at least you can filter people b

Re:

[yoprst]

I play Call of Duty. First of all, PunkBuster does a good job on catching an aimbot, and second, aimbot users are so naive that you're almost always behind their back... unless you run around mindlessly shooting anyone on sight...

Re:

[fimbulvetr]

Most of these arguments are bogus.

Complaints of them being laggy are anecdotal at best, exaggerations in general. I've played XBL since crimson skies was available on the original - normally on a comcast or better connection. Sometimes I have a laggy connection, but that's only if the game I'm playing uses a wrong/bad algorithm for picking a host or if the host becomes laggy after it's been picked.

Instead, a large portion of the games I play have so much going on, lag is the last thing I'm thinking about.

In

Re:

[Broken scope]

Actually games have had dedicated servers. Battlefield modern combat comes to mind specifically.

Re:

[catprog]

I found 10 pages of games at http://www.xbox.com/en-US/games/catalog.aspx?WT.sv l=nav [xbox.com]

Excellent

[Rev Jim (AKA Metal F]

It's good to read the hackers are continuing to fight for our rights to not only pirate (yeah, I know there are a lot of anti-pirate people here, I don't blame them one bit for being steadily opposed) games, but get access to the online community through a modded system. I've always wanted a modded console, but I know if that were to happen I would end up buying pratically nothing brand-new other than like maybe one or two games a year total across my systems, and I own every sytem except the wii. Even if I

Trusted Computing

[ADRA]

We're seeing Trusted Computing at its finest.

Trusted Computing: noun
The act of trusting that any possible attack vector against a computers expected behavior will be done so by those that have nothing better to do than to game the system.

Deja vu

[RiskyChris]

I've heard that line before. Weren't the last firmware hacks designed to be "undetectable by Microsoft"?

Re:

[Akrat]

The last firmware mods were advertised as fully detectable by Microsoft. That was said from the beginning, so it's no surprise by these people that they were finally banned.

Please stop saying cheating is impossible

[xtieburn]

It is _not_ impossible to cheat, you can modify ini files to do it.*

I know that PGR3 and Gears of War being hacked in such a way its quite possible there are many more games.
Now this still may just be an excuse from MS though quite frankly they dont really need one, virtually the only other purpose of a modchip is piracy.

Either way cheating _is_ possible it _has_ been done and banning the modders _will_ stop it regardless of why you really think they have started the bannings.

*There may be other files you c

Can I

[Vexor]

do this [penny-arcade.com] with the hack?

Clearing up some FUD

[BenJeremy]

A couple of things:

1) To re-iterate what others are saying, the firmware hack does not defeat executable signatures, so the integrity of game code has not been compromised, however, game data files can be, and have been, compromised (Exo's GoW hacks). The simple solution is to update the executable with hard-coded data file checksums to go along with their weak signature security (in this case, on the GoW data files). So it's not entirely true that the firmware hack doesn't allow cheaters - but Microsoft has other avenues they can pursue in preventing cheaters. This wave of bannings represents an escalation in Microsoft's policy toward modders.

2) Something that many here miss, is that Microsoft has no direct access to the firmware for some models of the DVD drive they are using. Toshiba-Samsung MS28 drives, for example, have "Firmguard" - an attempt to thwart modders that has backfired on Microsoft. Why? Because powercycling the DVD with the correct VIA SATA chipset bypasses Firmguard as part of it's "Bad Flash" recovery mode. Microsoft cannot do this on the 360. This means they cannot read, nor write firmware to these drives.

There were several techniques Microsoft employed against modders in this last wave, verified by special debugging firmware employed - Microsoft was using an anomaly in the firmware's fetch of special sectors to determine if backups were employed (moddded Hitachi drives gave up the goods on this one), as well as more strict checking of those sectors (catching non-"stealth" backups), and finally, using Challenge/Response commands to do threshold timing (many used slower or faster timings on the firmware, which was detectable as being outside of thresholds).

There are still less reliable checks Microsoft may employ, but that dragnet will scoop up some legitmate users, too (No DVD Error code check, used to see who's been using their Xbox 360 as a power supply for the drive as they flashed it). If I was on the team, I'd rule that one out. There are a few other techniques, which I won't mention, since they haven't been discussed publicly, as the others I mentioned have (besides, Microsoft KNOWS how they are checking currently) - which have been identified and "fixed" in the current iXtreme 1.0 firmware.

For what it's worth, many, many 360 modders have NOT been banned. It may be these checks were only performed when they were actively playing a backup on Live... no pattern has emerged, and much of the data is suspect (panicky users, usual liars, etc...).

If Microsoft wants to defeat cheaters, all they need to do is employ a couple of interns to surf the scene sites for hack news, then simply order up special bannin' updates for those hacked games, to detect cheater's data files and ban those specific machines. Future game releases could incorporate some security libraries to make data files more secure (the code currently cannot be hacked).

Re:

[Beefysworld]

For what it's worth, many, many 360 modders have NOT been banned. It may be these checks were only performed when they were actively playing a backup on Live... no pattern has emerged, and much of the data is suspect (panicky users, usual liars, etc...).

I'm curious now - from what you are saying, it's only when you play a backup on Live that it performs the check? So either playing a backup offline or playing a legitimate game online is fine?