Schneier on Security
A blog covering security and security technology.
« Stealing Imaginary Things |
| The MD5 Defense »
August 10, 2005
Interesting article: "The Hidden Boot Code of the Xbox, or How to fit three bugs in 512 bytes of security code."
Microsoft wanted to lock out both pirated games and unofficial games, so they built a chain of trust on the Xbox from the hardware to the execution of the game code. Only code authorized by Microsoft could run on the Xbox. The link between hardware and software in this chain of trust is the hidden "MCPX" boot ROM. The article discusses that ROM.
Lots of kindergarten security mistakes.
Posted on August 10, 2005 at 1:00 PM
• 23 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
If Microsoft is smart they will have different poorly implemented security measures in the upcomming XBOX 360. I think the mod/hack community significantly adds to the XBOX desirability.
Surely Microsoft realizes the value in mods, and only wants to reserve the right to prosecute any individual modding creator or vendor who happens to lose microsoft more money than they make it by implementing these breakable measures. It has plausible deniability.
if Microsoft is smart, they can figure a way to let the mod/hack community adds to the Xbox desirability without removing the security of the machine concerning pirated games. What they did with the first Xbox is to let copies, but offline only. If they implement a desirable online system with the majority of games, you'll see a great profit and a great interest in the Xbox.
Finally, if one let copies play online and offline (like the PS2), it indicates a goal for system sales and not to their partners' softwares. If I was to build videogames, and the system X is 50% more popular than system Y, but system X sells 50% less due to piracy, both are consider equal in my calculation.
The security of the console is driven by Microsoft's desire to prevent game piracy. Microsoft loses money on every console they sell. Profit has to be made entirely from game marketing and licensing. Security here is directly fueled by revenue and profit from games. In that situation, you'd think this security would be the best Microsoft could do for any system, game console or not. However, between thousands of customers (including engineers and computer scientists) tinkering over several years, flaws are bound to arise. I'm sure Microsoft will take lessons from Xbox and use them to make the next one even more secure.
@Francois Kashy - "Microsoft loses money on every console they sell. Profit has to be made entirely from game marketing and licensing."
People have been saying that for years, not just about Xbox, but I dont believe it for a second. It's my belief that they make money on all aspects of Xbox sales, including console hardware.
Microsoft is also in this for the defensive game. They want to prevent at potential entry for at competitor controlling the consumer.
They have problems with google and Open source, but PS2 is weak as they can be hit on the purse.
MS is buying them out
rob mayfield: you may not believe that console hardware is not a major moneymaker, but it's generally true; the old business adage that applies is "give away the razor, sell the blades".
I don't understand what Microsoft was trying to do with the overflow exception. First we're told that they can't just turn off the memory, or else the CPU will roll right past the end and wrap around to 0000_0000, right?
But why wouldn't that have triggered the supposed overflow exception, if it had existed?
I guess what i mean is, if turning off the memory sends the CPU to the beginning of the flash, how does it help to wait until ffff_ffff is executing to do so?
Assuming that a secret key would remain secret is security by obscurity? Huh?
Assuming that a secret key which is stored in hardware the user owns is indeed security through obscurity. Relying on the user being unable to extract data stored in his own equipment is never a good idea.
The thing that strikes me as odd about this is that Microsoft could have caught the poor implementation pretty easily. For example, the code overflow trick that didn't actually work would have been caught with one basic test. And using a hash function widely known to be insecure?
Regardless of what you might think of the company, there are a lot of very smart people at Microsoft. The only reason I can think of to let this sort of slip-up through is a massive time crunch.
I wonder if they do "clean room" testing: give a pile of X-Boxes to a team of skilled reverse engineers and you should be able to catch a lot of this stuff pretty quickly. I would have assumed that they'd do something like this, but now I'm not so sure.
The problem with Microsoft is that the company exists for one sole reason: producing money for their shareholders.
The fact that they have a controlling market share to such an extent unfortunately does not seem to have resulted in any greater sense of responsibility on the company's part.
Writing poor code filled with bugs seems to be endemic in the company. The fact that their game code is better quality than their OS code I find rather amusing...
A hackable XBox would be more attractive to buyers, increasing sales.
Selling a hackable XBox would increase piracy and therfore decrease game sales.
Microsoft is believed to be actually loosing money on the XBoxes, trying to make up for that in game sales, so this seems a strange business strategy (unless it's a huge loss-leader to eradicate PSP).
The curious thing is that Microsoft is pushing "trusted computing" for the PC. Wouldn't the XBox make a great platform to demonstrate TC?
Now for the obligatory conspiracy theory:
If the XBox really was unhackable, and XBox piracy eradicated, then you might just find that sales of games don't suddenly skyrocket, i.e. piracy isn't as large a problem as they claim.
Actually eradicating piracy would prevent them from using "piracy prevention" as an excuse to do all sorts of other things (like branding PC's when they download patches).
Then again, there's Hanlon's Razor:
Never attribute to malice that which is adequately explained by stupidity.
Thomas, I like your point: it is important for big businesses to have an escape path when revenues aren't what was expected. Blame it on piracy, invest a bit in security but talk a lot about it, and shareholders will be happy.
Microsoft thought that their hardware costs would drop over time, since PC hardware prices had dropped significantly over time. However, there isn't any further costs that can be squeezed out of the chipsets that hasn't already been squeezed out. So the "we will lose money in year 1, break even in year 2 and make a profit in year 3+" turned out to be "we will lose money, but we'll make every customer feel guilty by saying we lose money on every one."
Don't forget that the number of consoles sold and the market share taken is often more important to shareholders than the money that was actually earned.
If piracy was actually a serious profit killer for games, then Half-Life 2, Grand Theft Auto: San Andreas, Doom 3, and HALO 2 would all have been in serious trouble. Each of them (though in the case of HL2, not a full version) was leaked and widely available PRIOR to the actual release date of the game.
Somehow, though, HL2 and Doom 3 were the two top selling games for the PC last year. And the top two selling console games? GTA:SA and HALO 2.
I think it's evident that the draconian antipiracy measures employed in the industry have little benefit. Most blackmarket game distribution is just trying to fit the price to the market (Ni Hao, Zhongguo) or make things available that aren't available via strictly legal channels.
What's needed is more careful integrity checking of the product to avoid more Hot Coffee fiascos and the sort of duping/cheating that's rampant in the online gaming world. Bungie has had a hell of a time trying to stamp out cheaters employing modded Xboxen to beat all comers in HALO 2 online, for example. Console mod prevention is impossible, really - the "enemy" owns the hardware and has all the time in the world. Writing code that's very picky about inputs isn't impossible, though - just unpopular.
Speaking trusted computing, some people have created a modified version of Mac OS X called OSx86, which circumvents the TPM so that it can run Mac OS X on a regular PC. There's an article on wired about it http://www.wired.com/news/mac/...
Also the projects site:
Mike: if you just turn off the memory, you *won't* go to 0000:0000; the CPU pipeline will empty and then you'll be executing whatever was underneath the hidden ROM: i.e., the flash it's just decrypted which failed its `validation' (if you can dignify it with that term).
It'll only wrap to 0000:0000 if you start executing at ffff:ffff... but, alas for MS, there's no exception of any kind when that happens (why would there be? No conventional error would lead to such execution, so raising an exception in that situation would be a waste of silicon).
Why buy this box? I'm sure the X-Box is a nice piece of hardware, but by buying and subverting it, you're voting in favor of closed hardware. Why not just purchase something that's designed to meet the customer's needs in the first place?
whenever i try to use the game cheat codes on a game i bought, i have to mash several buttons on my x box controller (standard). Sometimes they work & sometomes they don't so i have to retry it again & again. Is there anything better than that? maybe a preprogram rapid hit button? please assist---tom
What do you do if you lost your code?
Schneier.com is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc.