17 Mistakes Microsoft Made in the Xbox Security System

Nice. Very nice. The Xbox-Linux / Free60 team around Michael Steil has published a paper / wiki page called 17 Mistakes Microsoft Made in the Xbox Security System. I'm currently reading the paper, but I'm not quite through yet (the PDF is 13 pages long). It contains a very detailed analysis of the 17 types of mistakes Microsoft made (they made most of them multiple times)...

The paper and the findings will be presented at the 22C3 in Berlin — this is one of the lectures I will definately be attending, that's for sure!

Quoting from the article:

"[Conclusion: ]The security system of the Xbox has been a complete failure.".

Also nice: the earlier (now obsolete) version of the paper was called The Hidden Boot Code of the Xbox — or "How to fit three bugs in 512 bytes of security code" ;-)

(via Golem)


Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

not a failure

This article is interesting but misses the point of the Xbox which was to make Microsoft a major player in the console market and in that, MS succeeded.

My house could easily be broken into by anyone who really wanted to but I have enough locks on my doors and gates that it would be easier for people to go somewhere else instead. Does that mean "I shouldn't bother" with the locks? Of course not. They are enough barrier to entry to encourage someone to go elsewhere.

From a *business* perspective, the existence of stores selling secondhand games is far bigger a problem to MS in recouping its costs of game consoles than the existence of some exploits that, at most, a few dozen people would go through the trouble of exploiting.

Consider the success of Windows95 and Windows98. Although they were pirated far more often than Xbox games ever were, they still made Microsoft the juggernaut it is today.

As long as people are giving MS and its products attention, it still wins. My preference is to ignore them, their software, and their hardware. When the average Joe says "who cares?" about MS, then MS is in trouble.


I agree that Microsoft probably managed to reach their goal — becoming a major player in the console market. That's ok, I have no problem with that.

The most interesting part for me (although I don't own an Xbox, and I don't currently plan to buy one) is that you can use it the way you want to use it. E.g., you can put Linux on it, run your own Free Software programs on it etc. That's why I think projects such as Xbox Linux are a good thing.

I couldn't care less about the (closed-source) Microsoft software, the only reason for me to buy an Xbox would be to put Linux on it...