Xbox Linux Made Possible Without a Modchip 996
An anonymous reader writes "Free-X have released an exploit for the Xbox that will let you get Linux on the machine without any hardware mods at all... Microsoft is already threatening them with legal action. Here's the Free-X statement. Free-X say they had been trying to contact MS for a month but were ignored, which is why they've released the exploit. Should be interesting to watch this one."
After reading the articles... (Score:5, Interesting)
As far as the team... I think they should have submitted their findings to a legal firm of some kind instead of this not-so-holy covert behavior. Their behavior will only lead to troubles in court.
Atleast they'll have $100,000 to help them out, I think they'll need it.
Rob
Too Late for Microsoft (Score:5, Interesting)
Too late. Just ask AOL at trying to stop WASTE when it came out. Up for a day, and mirrored more times then they will ever be able to count.
Microsoft lost right at the point they decided to not talk to them beforehand. They can shut these people down, but it's out there now, game over.
You're seeing history here, folks! (Score:3, Interesting)
In short, we're even more screwed than we were before!
Increasing weirdness (Score:5, Interesting)
Since our attempts to contact Microsoft have become public knowledge our team has been accused of attempting to extort or blackmail Microsoft, this is not true as we have made every attempt possible to make contact with Microsoft to offer the following:
- A complete summary of all hacking technologies (many of these technologies have not been released).
- Source Codes.
- All attacks which have been developed but not yet released.
- To sign a Non-disclosure Agreement regarding our discoveries.
- Further research on exploits, which would be exclusive to Microsoft.
- Full names of all hackers involved upon agreement of legal protection from Microsoft.
- Assistance in the development of future security for the XBox by working with Microsoft.
For the exchange, we were requesting but not demanding the following:
- Complete access to all documentation (chipsets, video etc.) to assist in developing a better Linux for the XBox.
- A signed Linux loader.
- Protection from Microsoft or support if any organisation/government attempted to prosecute members of our team.
- Refunding of the cost occured during the agreement period.
Disclaimer, until a few weeks ago I was very active in Xbox Linux.
This just seems to me to be a cheap attempt to chisel money and personal advantage under the cover of pretending to be doing it for the benefit of Xbox Linux. "Assistance in the development of future security for the XBox by working with Microsoft" indeed!!!!
Anyone who has spent any time with the Xbox Linux project will immediately recognize the author of the "statement" by its novel spelling and tone. It'll be interesting to see just how what goes around is going to come around.
Looks like they weren't bluffing (Score:5, Interesting)
Looks like a different situation now that they've laid their cards on the table.
Good work guys.
Re:honestly... (Score:4, Interesting)
To sell more xboxes?
Think about it, even if MS lost money on every one sold they would have bragging rights. They could go araound saying that the Xbox is most popular game system and spread FUD around like peanut butter on rye toast.
They have 40 billion in the bank and can afford to lose tens (if not hundreds) of millions dollars to gain a monoply on the game console market.
Also with each passing day the cost of a Xbox goes down and eventually they will actually make money on the thing.
Re:Full text of article in case of /. effect (Score:5, Interesting)
This is not a step forward for the Linux community. It is an embarassing set back that could further strengthen arguments against using Linux and supporting the Linux community. It's just damn irresponsible of them.
Re:After reading the articles... (Score:1, Interesting)
Re:Increasing weirdness (Score:1, Interesting)
how Bill could force a "fix" down your throat (Score:5, Interesting)
Re:I think this will make Xboxen much more popular (Score:5, Interesting)
It seems that eventually the modded exploit will become available as well. So you'll have Linux plus the ability to play Xbox titles.
As far as cheaters go, yes they suck.
Wouldn't you rather be able to run your own Xbox Live server though?
For free?
Opera gives blacked-out page (Score:5, Interesting)
(me. [livejournal.com])
Re:After reading the articles... (Score:5, Interesting)
Thoughts (Score:5, Interesting)
Patchable? :: Furthermore, Microsoft cannot permanently patch this hack through an Xbox Live update. Version 1, v1.2, & v1.3 Xboxes will always execute the current vulnerable code. Should they remotely update the dash; one would simply open the Xbox, write an old image to the hard drive, and reboot. In the process it would be trivial to add bert and ernie (the modified fonts). Xbox Live BIOS updates are not possible due to M$ imposed hardware limitations. Of course, third party BIOS updates are not a problem for those willing to open the case and get crazy with a little solder.
Availability? :: Legal or not, at this point it's not an issue for the end user. The base-64 posted by Mr. Esser isn't going away. Proof? Try this... [google.com]
X-Prize? :: Probably not. This cannot be executed or copied from a third party memory card ala 007. So opening the box is required. Partial payment maybe.
Be Careful (Score:2, Interesting)
Well, the damage is done.. (Score:5, Interesting)
Might I suggest a DivX based media server that can rip DVDs? I know that seems to fly in the face of what I just said about MAME, however, its a good use for the XBOX, plus you'd only be ripping DVDs you own and with good reason. "I just wanted to have easy access to my library." Another suggestion would be to set up an XBOX as a TV based info center. It stays on-line all the time on Input 2 (or whatever channel your XBOX is on), when a commercial pops up, flip the channels and get your messages. Heck, set up a browser so that it cycles through your favorite news sites every 30 seconds and scrolls them or something.
At least with something like that, something that the XBOX is better at than a cheap-o PC, the case can be made for wanting to make these mods to the unit. That'll weaken MS's case (they'll probably try to say that copy protection is bypassed or something), plus it'll take a few pokes at the DMCA as well.
I hope are people listening. MS has got an army of lawyers.
Re:Full text of article in case of /. effect (Score:2, Interesting)
Also, should we not leave the bully (ie. blackmail) tactics to those inside the corporate sphere?
I don't understand (Score:4, Interesting)
These guys discovered a flaw in the XBOX that Microsoft was unaware of. They contacted Microsoft and informed them of the flaw. Microsoft was not interested. MS refused to discuss the flaw. It's clear from the statement that they tried to talk to MS. MS could have said "We want the information and we want you to sign an NDA and we wont even give you a thank you." But they didn't. Informed of the issue, they ignored it.
The information about the flaw is not Microsoft's property. Nor did Microsoft ever suggest otherwise. The people who discovered it can do whatever they like with the information. In this case, they released it to the public over the web. I don't see how this is blackmail as it is common practice to report bugs (and their exploits) publicly.
See you in jail, script-kiddies (Score:3, Interesting)
bing-bing-bing-bing-bing-bing!
extortion [lectlaw.com]
Hope you like green baloney, chillun.
Re:Woops, too late (Score:3, Interesting)
Bush: We will not bend to these terrorist demands. (Score:5, Interesting)
"For the exchange, we were requesting but not demanding the following:
- Complete access to all documentation (chipsets, video etc.) to assist in developing a better Linux for the XBox.
- A signed Linux loader.
- Protection from Microsoft or support if any organisation/government attempted to prosecute members of our team.
- Refunding of the cost occured during the agreement period."
Since they requested the following, they were turned down on all accounts. I sincerely hope their lawyers are good enough to stave off microsoft's (who will be working on july 4th all day i'm sure). I also hope this is a first step to sticking in and loading a bootable Suse or Mandrake install CD.
yes (Score:3, Interesting)
When Linux first booted on an XBox, that was a big step. Everything since then has been a small step, and will continue to be so until we can just drop a disc into an XBox and boot straight to Linux.
I wish that M$ had given into the demands, or at least an authorized Linux bootloader. That would make things easier for Linux fans everywhere, and it would've prevented the easing up of piracy.
Re:Typical (Score:4, Interesting)
Then they go and do this whole threaten/blackmail/extortion thing... doesn't really paint them in a good light. They'd be able to really champion this cause, if they didn't have to go and act like a bunch of script kiddies. Getting Linux on the X-Box without any hardware hacks is an amazing accomplishment, worthy praise and acknowledgement. Unfortunately, anyone who reports on this is gonna focus on the offensive stance they took and paint them as menaces.
And before I complain about them having egos anymore, I should digress and say that if I was good enough to hack an x-box with just software, I'd be pretty self-assured, too.
Too easy... (Score:5, Interesting)
good luck everybody! (and you'll need it)
Usual hypocricy (Score:3, Interesting)
I'll ask the question again: Is this how the Open Source movement is going to seek legitimacy? By attempting to blackmail people?
Re:Typical (Score:2, Interesting)
Then next time, don't demand a Linux loader, demand a FreeBSD loader... They are always saying how much they love the BSD license, and they have a track record of using FreeBSD themselves. Then they couldn't use that arguement at all.
Re:Woops, too late (Score:3, Interesting)
Re:Woops, too late? This is what MS wants.... (Score:5, Interesting)
Re:Well, the damage is done.. (Score:5, Interesting)
Tivo / media server
MAME/Console emulator
Region Free DVD player
highly portable internet game server
video phone (with a USB camera and broadband)
digital camera / MP3 player software (so you don't need a PC)
Re:After reading the articles... (Score:2, Interesting)
Guess you didn't think of that before you vomitted up the troll label. Or maybe you're just "thick".
"You should never challenge a powerful company..." (Score:5, Interesting)
Right, you mean like these two did [mcspotlight.org]?
Terrible waste of time, eh?
.02
cLive ;-)
Re:Full text of article in case of /. effect (Score:5, Interesting)
It is perfectly legal for you to "tamper" and "break in" if it's a lock on YOUR OWN DOOR. It doesn't matter if Microsoft built the lock, you bought the house.
The people using the exploit are using in on a machine THEY OWN. They can do anything they like with it. They can smash it with a sledgehammer or toss it in a blast furnace and vaporize the sucker. Of COURSE they can "pick the lock".
-
Re:I don't understand (Score:3, Interesting)
That said, I don't like the way they tried to profit from their discovery, but I don't think it's as nasty as when similar things happen in the personal arena.
Re:How about Windows? (Score:3, Interesting)
Come on! (Score:3, Interesting)
So you are telling M$ that you want to be reimbursed for your work? Technically you are reverse engineering the product. So according to current laws you want to be reimbursed for acting illegally?
I'm just saying that even though we don't like the laws, we are still accountable for them. So they acted willingly to break the laws and then want rights to the design and money?!?!?!
I am all for the advancement of Linux, but come on people.
Re:Why don't they fix the exploit? (Score:5, Interesting)
Any attempt to update the XBOX is merely a request from an outside source for the XBOX to update itself. But once you have control of the XBOX you can program it to ignore that request to update itself.
When you connect to XBOX Live they check to see what version you are running, but all they can find out is what the XBOX tells them. If you control the XBOX you can have it tell them anything you like.
They are going to run into the exact same problem with Palladium and TCPA. Once someone digs the key out of the hardware, or finds any other vulnerability, then they own their system. They can run an undetectable virtualized system. They'll have "god mode" over it and af far as the rest of the world can tell they are running a secure and "trusted" system. Hell, the security situation could wind up being worse because they are pretty much going to force you to "trust" other people running the system. It just means you're going to get screwed over worse when a computer you were forced to "trust" isn't in fact secure.
-
Re:After reading the articles... (Score:5, Interesting)
Linux's reputation is getting a battering (Score:1, Interesting)
Re:I don't understand (Score:5, Interesting)
For example, I uncovered a very significant security flaw in the online banking system of a local bank.
It took me some time to determine the scope, cause and effect of the problem -- and my time is money.
I then contacted the bank I advised them that they had a problem which, if not fixed, would almost certainly be picked up by others -- some of who might not be so benign.
I offered to hand over the results of all my work in return for payment for the time I'd spent (at my normal hourly rate).
They agreed and were most satisfied with the transaction -- since it most likely saved them a small (or large) fortune.
Was I blackmailing the bank?
After all, I wasn't about to hand over the results of my investigation without payment.
No, of course it wasn't blackmail. It was just the same as a plumber saying "I won't fix your toilet unless you pay me."
Of course there was no "threat" involved in my offer -- although if they'd chosen not to pay and fix the problem I may have informed the media that there was *a* problem (customers surely had a right to know if it wasn't going to be fixed)
In the Xbox case, Microsoft were offered a business transaction. The price would have been a signed version of Linux for the Xbox in return for the chance to close off the vulnerability and delay public awareness that it existed.
Clearly Microsoft decided that the price was too high -- after all, they've got to pay that building full of lawyers whether they're actually suing people or not so why not just resort to legal action instead?
Re:Woops, too late (Score:5, Interesting)
Re:Woops, too late (Score:2, Interesting)
Re:And we are not suprised (Score:5, Interesting)
Compaq secretly agreed to pay IBM royalties on each PC they sold, so IBM would drop the suit. The agreement's existance was a secret until recently.
8. CD-R's would have been outlawed and require a liscence to buy or own
Some countries charge a "tax" on each CD-R sold that goes to the RIAA, because that CD "might" be used to pirate their music. I think Canada and Sweden do this, among others. If they get money on each CD-R, that should constitute a licence to fill it with downloaded music. But I think a lot of crazy things.
5. All operating systems that ran on PC's would have to be liscenced from Microsoft
Refer to the "Microsoft Tax" on most PC's made by the big companies, no matter what OS is on them.
You're dead on though... It's scary to see how much of that is actually going on today.
Two wrongs don´t make a right (Score:2, Interesting)
By the way, I think MS can fix the vulnerability for new systems. For existing users attached to XBox Live, Microsoft can even send a patch thru the net. And for the rest, a CD in the mail would do the trick (with a few extra perks just to get people interested).
Re:Woops, too late (Score:5, Interesting)
"Give us what we want that's not in your own best interests or we'll tell people how to break your machine and potentially lose more money by having people buy XBOXes for uses other than buying the games that make them money."
It's a little more like:
"You know that problem you wouldn't help us with? Well, we figured it out, but we don't think you'll like the solution. Can you help us with an alternative solution which is in your best interest? No? Ok, then we'll just do it our own way."
Re:Woops, too late (Score:1, Interesting)
Almost a year ago, Paul Allen and myself, expecting the hobby market to expand, hired Monte Davidoff and developed Altair BASIC. Though the initial work took only two months, the three of us have spent most of the last year documenting, improving and adding features to BASIC. Now we have 4K, 8K, EXTENDED, ROM and DISK BASIC. The value of the computer time we have used exceeds $40,000.
The feedback we have gotten from the hundreds of people who say they are using BASIC has all been positive. Two surprising things are apparent, however, 1) Most of these "users" never bought BASIC (less thank 10% of all Altair owners have bought BASIC), and 2) The amount of royalties we have received from sales to hobbyists makes the time spent on Altair BASIC worth less than $2 an hour.
Why is this? As the majority of hobbyists must be aware, most of you steal your software. Hardware must be paid for, but software is something to share. Who cares if the people who worked on it get paid?
Is this fair? One thing you don't do by stealing software is get back at MITS for some problem you may have had. MITS doesn't make money selling software. The royalty paid to us, the manual, the tape and the overhead make it a break-even operation. One thing you do do is prevent good software from being written. Who can afford to do professional work for nothing? What hobbyist can put 3-man years into programming, finding all bugs, documenting his product and distribute for free? The fact is, no one besides us has invested a lot of money in hobby software. We have written 6800 BASIC, and are writing 8080 APL and 6800 APL, but there is very little incentive to make this software available to hobbyists. Most directly, the thing you do is theft.
What about the guys who re-sell Altair BASIC, aren't they making money on hobby software? Yes, but those who have been reported to us may lose in the end. They are the ones who give hobbyists a bad name, and should be kicked out of any club meeting they show up at.
I would appreciate letters from any one who wants to pay up, or has a suggestion or comment. Just write to me at 1180 Alvarado SE, #114, Albuquerque, New Mexico, 87108. Nothing would please me more than being able to hire ten programmers and deluge the hobby market with good software.
Bill Gates
General Partner, Micro-Soft
Isn't this all just a bit pointless? (Score:3, Interesting)
What could you possibly get from running Linux on Xbox that you can't from the cheaper, faster Walmart PC?
Font Names (Score:2, Interesting)
I'm surprised Big Bird never got a look in.
Seriously, though, If Microsoft want to market a crippled general purpose computing device, I'm not surprised that people are going to want to hack it just for the hell of it.
Good luck to the guys, and a big up to the Sesame Street gang.
Closed Platform as Mixed Blessing (Score:5, Interesting)
For better or worse, the concept of selling a closed platform is legal. This is especially true if the buyer has adequate information to know that it is a closed platform. I would prefer a mandatory big red WARNING label to be affixed to all closed platforms saying "The retail price of this unit reflects a subsidy from the manufacturer. This subsidy is provided in anticipation of future revenues. Therefore this unit will only work with software lisenced by the manufacturer."
There are benefits to a closed platform to consumers.
The down side is simple. The consumer is being mislead by an artificially low up-front price into being locked into continued payments of a monopoly tax on each piece of software they purchase.
I believe the only solution is for the FTC to require platform vendors to offer their product in an unbundled format. You can buy an XBOX that will run third party software, but it might cost you $150 more.
Re:Lindows on Xbox (Score:0, Interesting)
Re:After reading the articles... (Score:2, Interesting)
One just gets the feeling that more and more, law and government are in bed with the largest conglomerate corporations to control and screw the lowly individual. That is what unchecked capitalism brings, and what we are trying to force upon the entire world.
Re:Woops, too late (Score:1, Interesting)
No right to making a profit. (Score:5, Interesting)
It seems to me that this group gave Microsoft a fair offer, to let them run Linux on what they have legally purchased, without having to play dirty. Since Microsoft didn't even try to make a counter offer I guess they shouldn't complain. They probably will use the DMCA to attack this group but IMO that just proves what a shitty bit of law the DMCA is.
Re:Woops, too late (Score:3, Interesting)
I dont think anyone buys into the belief that if they purchase a tangible piece of equipment,that its still controlled by the whim of its creator.
No matter how many unread agreements they clicked,signed or were implied.
Put simply Microsoft is stupid for their "now you own it now you dont"business model.NO ONE and i mean NO ONE but anal lamers would agree let alone comply(remember this is the real world)
Best off if all remember: once i hand you the money and walk off with the merchandise,you have NO say so about what i do with it no matter how many lawyers you hire,no matter how many legislators you bribe.Its mine and if you want it back you better be able to fight with your hands.
That thought spent,I would also like to call up a lil history where wild bill gates sold mail order software for a "poplular electronics kit computer" and then stomped around and shook his fists when the code was copied and shared LONG BEFORE MICROCRAP EXISTED.Most people quit banging their head on a brick wall after the first strike but not a pinhead like Bill Gates!He instead makes a career out of flattening his pointy head.
So,with that in mind feel free to do whatever you like with whatever you bought and feel justified in knocking the teeth out of the losers who would play stupid games with IP.
Hey world i got news for you, if you want to keep IP secret,dont tell anyone,dont implement it and dont sell any examples.Anyone is allowed to make money from their ideas but like helium in a balloon,once its out,its out(no matter what non workable laws ignorant politicians write to increase their legacy.)
Damn,if only people would use common sense and their knowlege of people and the way the world is,instead of trying to force their unworkable fantasies of how it should be into effect.
In short:Screw Microsoft,we've no pity left for the bruise on his forehead.
But you DONT own the firmware (Score:5, Interesting)
X-Box Media Player (Score:3, Interesting)
Re:Blackmail (Score:2, Interesting)
It seems to me that all these kids wanted was a job. They proved their technical skill to do the work, they showed the perseverance, and appear to be rather clever. Sure the could just send a resume to MS, but who would have looked at it. We are told to be aggressive when looking for a job, but when someone actually is they get accused of blackmail.
How does this validate anything? (Score:3, Interesting)
This is a non-sequiteur.
If I buy a piece of hardware, its not my responsibility to validate that vendor's business model, particularly since you haven't signed an agreement with the vendor agreeing to support that business model.
"Microsoft sells XBOX at a loss"
Maybe. Maybe not. I frankly don't care. They are competitive in selling price with other game consoles; it isn't my job to make sure their cost of manufacture is in line with the price of sale.
So I get my XBOX home, I hack it, or a friend hacks it. But it now functions in a way that Microsoft doesn't like.
Maybe. Maybe not. I frankly don't care. I bought it, its mine. I can use it to play games, I can use it as a skeet target, I can use it to prop open the basement door. Hell, I might even use Linux on it. If Microsoft will let me smash it with a hammer, if they'll let me use it to prop up my book shelf, but they won't let me use it to use Linux, I'd say MS is being pretty particular on how they want *MY* equipment to be used.
Just because Microsoft wants you to do something, why are you obligated to do it that way? I don't see the logical connection between the two. If Microsoft is willing to give me some benefit for restricting my use of the XBOX, they probably should have made me agree to it before I bought it.
Re:This is what MS says (Score:3, Interesting)
Other nice parts of the manual state that your warrenty can be voided if your system is damaged by a virus. I asked MS about this once and they couldn't give me an answer beyond "don't worry about it". Unfortunatly, my experience with MS products says I should worry about it.
Re:Woops, too late (Score:1, Interesting)
I'm holding the finished NGSCB crack (codenamed Judas) right now. Yes, it's early. No, you can't stop it working without changing the spec. And that's all I'm saying for now
Re:IP in the EU rights charter (Score:3, Interesting)
It is true that the second section of of Article 17 declares that "intellectual property shall be protected." However, as you imply, that's all it says: there's no inherent provision for DMCA-style übercopyright. Meanwhile, the first section of that same Article states that
While it admittedly doesn't explicitly say that you have the right to hack your XBox and publish your findings, I'd strongly suspect a European court would go for this interpretation rather than the one that would allow a company to disenfranchise the individual. The European Commission wants to keep that power for itself.