Xbox 360 File System Decoded 225
slurpster writes "The register reports that Pi group has decoded the file system used in the Xbox 360. They write "Once you get past the protections and down to the raw bits on the disc, its just the standard xboxdvdfs, however the offset and layer breakpoint are different.""
Look out (Score:2, Funny)
Re:Look out (Score:5, Funny)
Re:Look out (Score:3, Insightful)
Got me chuckling though.
Re:Look out (Score:5, Interesting)
Ya know, it's starting to become a relatively predictable model, game systems, especially for MS. 1) Release console, 2) hackers bypass DRM, 3) someone deciphers FS, 4) ROMs released, emulators attempted, 5) Linux now runs on it, etc.
I'm wondering if, along with the release of a game system, Microsoft and other companies don't have legal offenses prepared in advance, so that the pounce-factor on those that break the FS/DRM schemes is near immediate. Would make sense, since it's almost guarenteed that someone will break it, and they'll get threatened/sued.
Re:Look out (Score:3, Funny)
Re:Look out (Score:2)
Re:Look out (Score:5, Insightful)
Since the custom PPC and chipset/GPU for the 360 were tweaked specifically for M$ from the very start instead of quick hacks of off-the-shelf designs to make them less interoperable, chances are that the 360 will be much harder to crack.
Re:Look out (Score:2, Interesting)
Re:Look out (Score:2)
Re:Look out (Score:3, Interesting)
This was infact highly notable when examining the PS3, The Cell design they used was abysmal when it comes to highly branching AI or decision making type code. And it seems the 360s cpu is as well. What remains to be seen is wether Nintendos cpu als
Re:Look out (Score:2)
As for the T1, I have known about it for about a year but I have been thinking that quad-threaded CPUs would be the sweet spot since the first time I heard about multi-threading
Re:Look out (Score:2)
Took that long? (Score:2, Interesting)
Re:Took that long? (Score:5, Insightful)
The motivation is the key. Salary is a motivation but the fun is bigger motivation.
The word "unbreakable" should not be used anymore. (Only liars from marketing departments use it
Re:Took that long? (Score:2)
That is a bit misleading. It takes a lot more work to design something hard to break, and to be sure that it is hard to break, than to actually break something.
security is always a losing battle because the ammount of work put in to make something 'unbreakable' is often exponentially larger than the ammount of time taken to find a small mistake.
Re:Took that long? (Score:5, Insightful)
A. The DRM is implemented into a consumer device that the "enemy" has complete access too.
B. The DRM can not be complex as to hinder third party companies making licensed games.
C. The DRM can not signifigantly impact the performance of the device (ie no CPU intensive encryption).
D. The Xbox itself has to be able to un-drm the code to play the game.
E. Because old games can not be updated on a console, the DRM can not be changed or updated after release.
F. The DRM system can not signifigantly add to the cost of production of the consoles or games.
Basically DRM on consoles is a losing battle. All the odds are stacked against the developers. Add in the fact that the number of people trying to break it probably greatly exceeds the number of people responsible for it's development in the first place, and it becomes a fight MS can't hope to win. However, the tougher the DRM is, the more complicated the workarounds will be. Consider how massive dreamcast piracy (Dreamcast games could be copied with no mod chip and a cd burner) was compared to playstation piracy (required a mod chip with lots of soldering at first, later would require just a swap disk trick). The dreamcast sold a lot less then the playstation, but the piracy scene was enormous in comparison because it was so easy.
Re:Took that long? (Score:2)
Sure it can. How else is Microsoft to make a profit on every XBOX 360 game sold by granting access to the platform to third-party companies for money?
E. Because old games can not be updated on a console, the DRM can not be changed or updated after release.
Backwards compatibility can be maintained where desired and the console has network connectivity. Especially if you can ban Live users until they update. There's also
Re:Took that long? (Score:3, Insightful)
Unless something radically changed this time, that is not an issue. The DRM is applied after the game is done, it is part of the manufacturing process. Basically, the people give MS the gold code, MS applies the DRM infection, encrypts it, whatnot, and then makes a master.
This has been the same since day one, but I only have first hand knowledge going back to the Atari Jaguar.
Re:Took that long? (Score:5, Interesting)
There will be always more clever people out there then those employed in various corporations...
Yeah, that's what I used to think as well. These days I think differently.
Sure, the world is full of clever people. However, the clever people who work for the technology companies have several advantages over those that don't:
I think people have been misled by the ease of breaking pure software copy protection on x86 computers. Compared to dealing with custom hardware like the Xbox pure software solutions are very easy to attack because many people have the required tools and knowledge (typically a debugger and fluency in assembly). Comparitively few people have tools to look inside microchips and figure out what they're doing - and of course, physical things are far harder to change than software which is just a series of numbers.
And even then, it's possible to make very tough to crack pure software solutions if you get enough smart people on the problem. For instance, Windows Media DRM has had remarkably few exploits given how high profile it is: the last was back in January IIRC and it was rapidly patched (so it no longer worked after a few weeks). Even then that crack didn't let you decrypt any arbitrary file: you had to actually purchase a license first. The current generation has remained uncracked for nearly a year.
For games, some programs protected with StarForce encryption have never been cracked (and some have, but StarForce lets the developers decide how much effort they'll put into protecting their software so that's not really surprising).
Anyway, if you look at the actual technical details of how things like Xbox and DVD protection were cracked, they mostly relied on massive flukes that were only found after years of searching and typically a 3rd party had to screw up somewhere first. With each successive generation of these technologies they've been iteratively improved and I see no reason why console protection won't follow the same path DirecTV/NDS satellite security followed: a few generations in, no more cracks have become available even after many years and despite the potential profit.
Re:Took that long? (Score:2)
Also, the consumer has to have some way to get the media. Its not all that easy to deny the hacker what he's after but still allow the consumer to get what he paid for.
Re:Took that long? (Score:2, Insightful)
And you can be thankful that most hackers don't even think of using social engineering [wikipedia.org].
That's not to say that cracking something as the XBOX 360 is going to be easy or fast, nor that I disagree with part of your post. But we are still far away (if it ever happens) from the point that it is too expensive/complicated t
Re:Took that long? (Score:2, Insightful)
Simply because someone is simply sitting in a cube for 8->12 hours a day doesn't mean they are any more effective than someone who is putting in ~4->6 hours a day in his off-work hours (and lets not forget weekends). You will also find that someone works far more effectively when the work is fun.
"# They work together. The internet is great but a mailing
Re:Took that long? (Score:2)
Common Mistake... (Score:2)
Re:Took that long? (Score:5, Funny)
Re:Took that long? (Score:2)
Re:I hope not. (Score:2, Informative)
how? (Score:5, Interesting)
Re:how? (Score:5, Insightful)
Well, you know the contents of the files as well as their names, right? So you can use a simple text search to figure out where on the disk the contents are placed. Then you look for structures on the disk that appear to point to these contents.
You can for example figure out the size of a directory entry by looking for the amount of characters between successive file names. After that, things like file size and other metadata can usually be readily detected.
There's admittedly some guesswork involved. That's why official documentation is always preferrable to something that's reverse engineered.
Encryption? (Score:4, Interesting)
Will this mean that if processor and read latency speeds are acceptible, that the file system could be encrypted in future versions?
__Adult Funny Video Clips from Laugh Daily [laughdaily.com]
Re:Encryption? (Score:2)
Great idea! This way, without the key, nobody will be able to boot their Xbox.
Wait that sounds like they're going to have to give you the key....
This is why satellite TV boxes have smartcard readers on them. The issuse isn't one of hardware speed, but rather making it really freakin hard to pull the key out of the box.
You have to have somewhere to store the key that
Re:Encryption? (Score:2)
Re:how? (Score:5, Interesting)
You start by looking for signs of things you know should exist. It's Microsoft, so they would probably use a file system along the lines of one they already use, like FAT or NTFS. Look for signs like a file table and figure out how they stored the information regarding where things are placed.
With some trial and error, you can determine exactly how things are placed there, and what format is used to describe them. (Meta data.) After you understand the meta data, you write a program to let you access it easier and then you start understanding the data.
I'm not guessing at any of this. This is exactly the process I used to write my Sims skn2obj converter a few years back. Maxis was very very tight-lipped on everything and wouldn't even respond to eep2 or I. He pointed out how close it looked to OBJ format and I took it from there. It turned out the format was relatively close, but there was a lot of extra data that obj didn't handle and everything had been rotated and transformed.
Anywhere, as always, it's a ton of work and guesswork both. (Very rewarding, though, once you get it.)
As for how to break encryption... I assume it's along the same lines, but I've never even tried it.
Re:how? (Score:2)
In analyzing these numbers, you try to see emerging patterns that represent data structure. One 64-bit number might refer to a location in a FAT table, or it might refer to something like an inode, another might contain a date/time stamp. Some other numbers might repr
Re:how? (Score:5, Informative)
From Wikipedias Reverse Engineering Page [wikipedia.org] I suspect that methods 1 and 2 would have been most useful for the original xbox dvd filesystem.
If your filesystem is writable, you can try:
1. Look at the volume with a hex editor
2. Perform some operation, e.g. create a file
3. Use the hex editor to look for changes
4. Classify and document the changes
5. Repeat steps 1-4 forever
(from The linux ntfs faq [sourceforge.net]
Re:how? (Score:2)
here's how. (Score:2)
So, how was the Xbox file system decoded?
Well, in this case, someone pirated a copy of the MS tool GDFIMAGE. They could use that to make test file systems and reverse engineer those knowing exactly what was in them. But really, I don't think that they did either, they likely just disassembled GDFIMAGE. There have been replacement (presumably legal) tools for GDFIMAGE for some time now, as the original is copyrighted
Re:here's how. (Score:2)
Re:how? (Score:2)
Also the Xbox filesystem is very very similar to FAT32 (or was it NTFS? I forget which now), as people snooping at the systems quickly determined. It's easy to look for signature filesystem footprints and so on using various handy filesystem tools
Wrong bet... (Score:5, Funny)
Re:Wrong bet... (Score:2)
Important to Note (Score:5, Insightful)
An important step, but only a step.
Don't get too excited, it will be a few months yet before any underworld homebrew applications are running.
Re:Important to Note (Score:2, Interesting)
Re:Important to Note (Score:2)
Tape does it again (Score:5, Funny)
huh? (Score:5, Interesting)
The first xbox took about a year for the first mod chips. Right now people are doing the easy part and deciphering how everything runs.
The hard part is how to get unauthorized code to run. This part involves bypassing systems bios and installing a compatible version over the top that the system cannot detect. This could take a few years.
Re:huh? (Score:5, Insightful)
And if MS have learnt anything from the likes of the PSP (as they undoubtedly have). Any exploit will be quickly patched, either when you install a new game or next go online.
Re:huh? (Score:2)
Re:huh? (Score:2)
Ah, but that mechanism itself, if insecure, can be just the hole hackers need to get their code in just the right places....
Re:huh? (Score:3, Informative)
Executable data is hashed and signed using asymmetrical keys built into the different hardware components (gpu, cpu etc). As each console has different keys "burned in", compromising one machine will mean nothing for the others!
Even if you use your electron microscope to compromise the keys of all your hardware components, using no
Re:huh? (Score:2)
It doesn't take a rare person like Einstein to figure out a way to bypass copy protection and figure out the inner workings of the system.
Nothing is uncrackable, and when enough people are working to figure something out, it won't take long. Mod chip manufacturers made a TON of money from last gen consoles, so they have engineers working on this already. Not to mention all the people that DO have the experitise to figure this out and start t
Re:huh? (Score:2)
Release XBOX360 a year before PS3. By the time PS3 hits 360 will be "cracked" (hoefully) -> Surge in 360 sales -> Death of Sony.
Except for the fact that Microsoft is taking ~$100 loss on every XBox sold. They are relying on games to recoup that loss. Since having a cracked system presumably allows you to play cracked games, I expect Microsoft to be coming down on these hardware mods in order to prevent proliferation of cracked games.
Re:huh? (Score:2)
Actually, that's the other advantage having a "cracked" XBox is supposed to give you: the ability to play games off the hard drive.
Re:huh? (Score:2, Funny)
Not again ! (Score:4, Funny)
Re:Not again ! (Score:2)
It's Windows 95?
Re:Not again ! (Score:2)
The console just got out.... (Score:5, Funny)
Re:The console just got out.... (Score:2, Funny)
This isn't finding something else to do with the console, it's finding something entertaining to do with it, period. There's only so much high-definition Shaq-sweat a man can watch before the novelty wears off.
The Real Deal (Score:3, Informative)
Now, for the problem. Team Pi have released an open-source extractor FOR THEIR ALREADY-DECODED IMAGES. They have NOT released an open-source decoder for turning DVDs into images.
Why is that? I believe they probably haven't fully reverse-engineered the encryption yet. They've just cracked the raw disk driver or some other part of the XBOX360 operating system, so that it performs the decryption for them (MS's code) and saves the result to hard disk.
Needless, it won't be long before there's a public utility to run on a hacked 360 or devkit that does the same thing, then eventually someone will do the hard part - fully reverse-engineering the encryption.
Authors in violation of the DMCA and (Score:2)
A representative said:
"Users don't need to know the details."
"This was clearly done by terrorists and hackers."
"We will find you, and we w_i_l_l kill you"
That all she wrote.
Re:Authors in violation of the DMCA and (Score:2)
XBox "Live" Watchdog??? (Score:5, Funny)
At which point your $400-1000 console goes tits up.
MS certainly knows how people got inside the original XBox and it seems EVERY 360 game, multiplayer or not, "reports" scores and achievements to Live.
Seems like a cool feature and all, but it could very well be some crafty social engineering.
Given Sony's recent rootkit debacle, it isn't too much of stretch to believe Uncle Bill had the boys put in a "phone home and tattle" capability.
Re:XBox "Live" Watchdog??? (Score:4, Informative)
a) Shut off the automatic connection to Xbox Live
b) Block a connection to XBL from your router
c) Unplug the ethernet cord
Not too hard
Re:XBox "Live" Watchdog??? (Score:3)
Some people will so want their names/scores "up in lights", they'll ignore the fact that ET is phoning home.
Re:XBox "Live" Watchdog??? (Score:3, Interesting)
Re:XBox "Live" Watchdog??? (Score:2)
I may just be me but... (Score:2)
Re:I may just be me but... (Score:2)
Yes, I care more about people cheating in online games than I do about "software freedom."
Thought Terrorist! (Score:2)
.
Re:I may just be me but... (Score:3, Insightful)
The key word here is ought. I agree with you that once I buy something it ought to be mine to do with as I please. The same way I feel that the trees and buildings sitting on my property are mine to do with as I please. (why is it always OUR trees when they are on someone else's property)
However, there are several companys and more then a few politicians that don't seem to feel the same way.
The worst part of
Re:I may just be me but... (Score:2)
I think you're the one who has it wrong. This has nothing to do with proscution, but rather the liability. Microsoft can't actually stop you from disassembling you XBox down to its 1700 components, and then rebuilding it completely upside down if you wish. And if you mod your XBox in your home, they can't come in an
"standard" (Score:2)
how to implement a good DRM system... (Score:2)
If decrypting every instruction as it gets executed is too slow or otherwise unfesable(which I suspect to be the case), another answer is to encrypt the executable files on disk and decrypt them when they get read into main RAM. In this
Re:Owww arr Bill Gates... (Score:3, Interesting)
Re:Owww arr Bill Gates... (Score:5, Insightful)
Sure, I guess you could say 'Well if they gave it away for free they'd recoup that much less', but the point is that they do not sell them at a loss in order to recoup anything. It is to drive sales, plain and simple.
Re:Owww arr Bill Gates... (Score:2, Interesting)
Re:Owww arr Bill Gates... (Score:2)
the hardcore pirate would only buy the system if it is cracked, they would never buy any games.
However cracking the system still could sell more games though casual piracy. If someone knows the machine is cracked they may have more incentive to get it. Average joe however might only occasionally get pirate games off someone he knows so therefore may still actually buy games. Several people with cracked xbox 1's fall into this catagory. They have a lot of copies and a lot of originals.
Me I'll s
Re:Owww arr Bill Gates... (Score:3, Insightful)
This is a creature I have never met. Everyone I know who pirates games talks about "buying the ones that are good enough," but none of them actually do it. As soon as the technology exists to bootleg games, they do so exclusively.
I know for a fact that this is what put a lot of developers off of the PS1 before it was commercially dead. I wouldn't be surprised if it was a significant fa
Re:Owww arr Bill Gates... (Score:2)
Re:Owww arr Bill Gates... (Score:2)
Re: Selling consoles at a loss (Score:2)
Re:Owww arr Bill Gates... (Score:3, Informative)
lose, v. tr. To be unsuccessful in retaining possession of; mislay.
Know the difference!
Think more evilly (Score:5, Interesting)
Why is MS in the console market in the first place? Lets not forget that the x-box is directly competing with MS own product windows. Yes windows is a game platform as well and MS itself produces games for that platform. Exclusive games even that are not available on consoles not even its own. They are still doing it now even with the arrival of the 360.
I think the entire reason is that MS is desperate to spread out its wings. Focussing on one or two key products wich make all your money leaves you incredibly vulnerable to changes. Bill Gates probably knows like nobody else how easy it is to replace the market leader in the Word processing/Spreadsheet market or even the OS market. You youngesters may not know this but there was a day when suggesting you buy MS for a business enviroment had roughly the same reaction as suggesting linux a few years ago.
One of MS dreams has been to get a share (the lionshare) of the mythical living room entertainment hub whatever that maybe. At the moment the PC usually stands in the corner if it isn't banned to the bedroom or some pokey hobbyroom. The Internet TV was one attempt at getting the PC into the living room. It bombed but the idea remained and the very popular consoles are now being seen as the next battleground as to who will control the living room.
iTunes if anything has proven that there is a point. How many people here run iTunes because they bought an iPod? Would you have used iTunes if you bought say a Zen instead? Might it be possible that if you owned the living room entertainment center to then put something like iTunes on it and control the distribution of digital media into the living room? Can you say commercial wetdream?
The x-box was not an attempt to beat sony at making a good game console. It was an attempt to control peoples entertainment. The 360 is the same. The battle is on for who own the living room PC, the desktop PC has been won. Why do you think Sony actually sold a linux extension to their PS2? Because they are such nice people who like the whole opensource movement? Or because they are experimenting with turning their game consoles into a more PC like device.
I seen rumours about the PS3 actually running linux as either its core operating OS or at least being capable of doing so for certain tasks. If you look at the design of the cell processor it certainly seems designed far more for multitasking, essential for a desktop not for gaming.
What would happen if people actually could really surf the net (or better a subset of the net filled with your own sales channels) and everything else via their entertainment center? Oh I am not talking about people here but those people who have only got an old virus and spyware laden 98 15" CRT machine in the bedroom and a shiny new PS3/360 in their living room hooked up the a widescreen HD. It certainly seems to have MS worried that it might not be their logo on the software.
So MS doesn't care about profits. Yet. It cares about nobody but them owning this "new" market. Wether they are right or not and wether they succeed or not does not matter. They believe it is a battle to be fought same as for the Internet TV and same as with PDA's and same as with Mobile Phones. Internet TV bombed all around, PDA's MS sorta kinda won and mobile phones is unique because the phone makers do NOT want MS to muzzle in on their business.
Sony too must be smart enough to realize that MS is its true enemy, nintendo is just a competitor but MS is out to destroy it. But sony despite having a far wider customer base then MS is doing very badly. Some people even suggest that the PS2 might have won in sales numbers but it just hasn't made Sony the kind of money it needs.
So MS has the simple opti
No different for Sony/Nintendo (Score:2)
Re:Owww arr Bill Gates... (Score:2)
I read that the overhead from pensions and benefits for retired workers from GM is something like $800 per car sold. Worse, it's a static cost, so if you sell less cars, it goes up. If you can sell more cars, it'd go down, but competition from com
Parent Overrated (Score:3, Interesting)
Re:Uhh? (Score:2, Interesting)
Re:neato (Score:5, Interesting)
You can checkout Xbox Scene [xbox-scene.com], or Free60.org [free60.org] for information.
Re:neato (Score:2)
Re:neato (Score:2)
The whole concept of protection is flawed (Score:5, Interesting)
- It's the same as with DVD, etc. : You've got the content, the decryption key and everything required in the same place.
Data may be encrypted in an Xbox, but ultimately, the XBox has to start-up, decrypt, and run decrypted code.
The content virtually exist in an unencrypted form.
Good protection relies on secret.
When you transmit encrypted e-mails they are much more secure because an encrypted e-mail per-se doesn't contain everything needed to decrypt it. The XBox does.
This is only "traing to keep things hidden from user" and is pointless.
It'll get cracked, no matter how much bucks MS spent on it.
Unless XBoxes where to commit suicide and nuke the whole place if they find the slighest error (errors likely to show that somone is reverse-engeneering and trying to feed constructed data to see reaction), it's hard for Microsoft to stop anyone with decent tools to try to reverse-engeneer their conoles.
Re:The whole concept of protection is flawed (Score:2)
Decent tools like an electron microscope? Because if the key is a per-unit unique key burned into the on-die ROM, that's what you would need. For each and every box.
Re:The whole concept of protection is flawed (Score:3, Interesting)
Re:The whole concept of protection is flawed (Score:5, Interesting)
The games are digitally signed, and the console only knows the public key, refusing to run games that were not signed with the private key. Without using "sploits", this is pretty much unbreakable without someone finding the key. The Atari 7800, Lynx, and Jaguar keys were found by dumpster diving around a dying Atari; the 3DO key is still not publically known.
When the 360 gets broken, it will surely be through sploits. And then MS's plan is probably to "upgrade" systems over Live, and maybe even by games offering an upgrade and requiring it to play, like with the PSP. Whether the closing of the holes will work remains to be seen.
Re:The whole concept of protection is flawed (Score:2)
Actually, any attempt to feed it constructed data should fail. Everything is signed upwards right down to the master TCPA key. The TCPA chip will commit suicide and nuke itself if it is tampered with. Withou
Re:The whole concept of protection is flawed (Score:2)
I'm specially agreeing with your last sentence : "difficult". But not "impossible".
Yes, the XBox360 looks a lot better than the XBox.
How many supposed fool proof system have we seen before ?
- Starforce was supposed to be the ultimate piracy prevention tool : per game key, un-replicable physical disc caracteristics as part of the key, detection of virtual drives. Yet now we see stuffs like StarFuck.
It'l
Re:Obviously Slashdot again is a bunch of n00bs (Score:3, Interesting)
Re:Fair use (Score:5, Interesting)
A:Yes, it is. Which means you won't be sued for copyright infringement, you will only be charged with circumvention.
Q:But it's fair use???
A:Fair use is not a defense to circumvention.
Q:But how can I exercise my fair use rights then???
A:Fair use is not a right, it is an affirmative defense. So if you can't do it without breaking some other law, you can't.
Q:But... it's all copyright isn't it???
A:No. Even though it is called the Digital Millennium Copyright Act, only some of the paragraphs deal with copyright. Others deal with circumvention.
Q:So my fair use right are...?
A:Effectively gone, yes. Also you can't touch circumvention tools or talk about how to make one. Depressed yet?
Re:Fair use (Score:2)
Curiously, though, reverse engineering is. So apparently, you're allowed to circumvent the protection and extract the ISO if you claim you're working on reverse engineering the XBOX 360.
So when Microsoft comes yelling at you, apparently you can yell "dude, it's okay. I'm a hacker."