How the Original Xbox Security was Defeated | MVG
Вставка
- Опубліковано 10 лют 2019
- Microsoft's first console - The Original Xbox had a security system that was quickly and easily dispatched. In this episode we look the different ways it was defeated via both hardmodding and softmodding techniques and why Microsoft learned a valuable lesson and invested much more time and money into the security system of the Xbox 360.
Sources :
► Bunnies Blog - www.bunniestudios.com/bunnie/...
► Michael Steil Paper - events.ccc.de/congress/2005/f...
► Consider supporting me - / modernvintagegamer
Social Media Links :
► Check me out on Facebook : / modernvintagegamer
► BandCamp : modernvintagegamer.bandcamp.com/
► The Real MVP Podcast : player.fm/series/the-real-mvp
► Follow me on Twitter : / modernvintageg
#Xbox #Security #MistakesWereMade - Ігри
*We'd certainly like to have you remove that if you could...*
Hey Mr Mario how are you dude, big fan!
MrMario2011 where’s your Softmod buddy at? I’d really like to hear his thoughts on all of this.
They tried the nice route instead of going straight for the lawsuit.... but it was already too late.
You should mention that the hacked DVD firmware to load backups was first done for the original Xbox near EOL, and was later applied to the 360.
I mean... points toward Microsoft... Sony has been known to call SWAT teams on people breaking into their systems.
Sony was SWATing people long before internet trolls xD
"Ran out of time" -- We aren't afraid of 20min videos!
@@soundspark Or he wants to put up two videos of ~12 minutes each instead of one 24 min video, for double the monetization options... I don't mean that as a dig, it's just good business.
Maybe it was his time he ran out of? As in he had more things to do in his life than this one video and thus making the two separate topics into two separate videos felt like a natural way to split the time he have to spend into smaller chunks?
I want 2 hour videos
The original XBOX UI is still beautiful to look at. Has that Matrix, late 90s, early 2000s look, but doesn't look cheesy, just looks futuristic. While you really can't have a modern UI this simple, I do wish we had the option of different looks that aren't just cheaply made amateur nonsense. Give the XBOX4 a modern UI built on this original look with all the animations, etc, and they'll sell an extra 10million units.
it really had its own unique flavor. now the xbox UI is just like all the others, a kind of light abstract minimal splash. i feel like that stuff makes sense for digital signage applications and like an ordinary home theater but the xbox UI was so perfect as a dedicated gaming UI
its just like :greeeeeen:
wow you sure do know a lot about stuff!
XBOX4, ha. I'm sure they'll call it Xbox Two or Xbox 720.. they really weren't great with the naming
Toxically Masculine in my opinion even home theaters would be better with fancy UIs.
Xbox Media Center is the perfect example, it's just sooooo good to look at, it gives you just the perfect feeling a home theater should give. It really makes you feel at home, like "you're sitting on your sofa and you're relaxing after a morning of work".
The author of XBMC is really a genious. I think Microsoft thought the same too as they hired him, and he's probably the reason why Windows 7 has such an awesome skeumorphic graphics.
To be fair Microsoft representatives did eventually compliment the efforts of the modding community.
We get it, you have to defend Microsoft because you're an Xbox owner lmfao.
Yeah I'm a year late, whatcha gonna do?
@@drinkoftea4047 we get it, you like spider-man.
@@halo3odst lol
@@drinkoftea4047 sony pony
Actually Microsoft did applaud the modding community and some of the idea's of the modding community did get into the Xbox 360 so you have to thank the modding community of the original Xbox for the Xbox 360 or at least the debut of it.
Hmm, yes interesting. I know some of these words.
why does this have no comments whatsoever
Good burger ayyyyyy
@@josephtahan926 nah bad burger
@MOHAMED HAMDALLAH true dat
@MOHAMED HAMDALLAH wow lol
Is it worth mentioning that Microsoft tried to hide the fact that the game ports were electrically USB, they just changed the shape? That was something that annoyed me on the original design, thankfully they included standard USB ports on the 360!
A simple adapter can be used to connect standard USB devices to an original X-Box. I've got a bare dongle that plugs into the controller port and comes out with a standard USB female receiver. I never could get my Xecuter3 front panel USB ports working. I just used the adapter, instead.
you can actually cut the plug of an original Xbox controller and replace it with a USB plug and it will work on PC as a DirectInput gamepad
@@elgeniomaestro You don't need to cut any cables - you can get aftermarket adaptors. As all the original controllers had breakaway connectors you could swap them out.
Wish i knew that at 10 years old and the dog chewed the cord haha
They're not just plain USB, though; Xbox controller ports have an additional "Light Gun" pin. Supposedly, as the name implies, this was meant for a light gun peripheral, but I don't recall it ever being used, and when making your own custom USB adapter, you can safely ignore this yellow wire in the controller cable.
*Corrections and notes:*
- 5:18 The sniff was done between MCPX and NV2A (target being the CPU further down) [correct in voice-over, but broken visualization].
- 5:59 bunnies method wasn't too relevant itself; just that the MCPX dumps allowed for analysis and finding various exploits in the early boot process. This allowed circumventing checks of the flash ROM validity by exploiting MCPX bugs. It was almost entirely irrelevant to the kernel patching itself (it just made the installation of patched kernels easily possible).
- 5:59 What did allow for easier kernel patching was Microsofts internal struggle with its employees, who kept leaking code and internal details.
- 7:33 The expensive part is not a motherboard redesign (MS kept redesigning it anyway). The expensive part would probably be a change of the intel CPU design, which would significantly raise costs. The MCPX/MCPD on the other hand was developed specifically for Xbox and nForce motherboards and was cheaper to fabricate with the built-in ROM from the start.
- 8:10 The MCPX 1.1 basically moves code from the MCPX into the flash (FBL) and verifies it using TEA; I believe the FBL still uses RC4.
- 8:10 TEA itself is not insecure, however, the way MS used it was known to be insecure.
- 8:10 There were other known exploits in the MCPX 1.1 (inherited from MCPX 1.0; such as visor and mist, mentioned in the outro); and A20 was also already possible with MCPX 1.0 (as a software-only solution instead of bunnies attack).
- 8:34 The 1.6 Xcyclops (chip with Xbox Logo to the left) contains the ROM and SMC; Xcalibur (chip with Xbox Logo to the right) is only a video encoder. At least this is currently believed to be the case.
- 9:05 There *was* security for savegames, but savegame encryption keys were dumped from the kernel, so another machine could modify savegames. Without the MCPX dumps (and kernel dumps), this might have taken a bit longer.
I also believe the bunnie-phone-call was about the still-encrypted flash contents, hence: *ROM image* (which also contains the plaintext copyright message, shown on his website).
There was a back-and-forth with MS about his actual MCPX research being published, so it would be weird for MS to give him a call afterwards (as the legal situation was settled; quote: "I got a grudging thumbs up, so to speak, from Microsoft on my Xbox reverse engineering work").
*All to the best of my knowledge, for updated information, check **xboxdevwiki.net/*
- JayFoxRox
The save game encryption was an optional feature offered by the XDK. I don't think many games used it.
impressive feedback !
We need a tutorial for dump MCPX please!!
much appreciated
When it comes to these extremely detailed videos about how security was defeated in the gaming world, I wouldnt mind if these videos were an hour long to be honest.
They are very detailed, extremely accurate, and you sure did all of the research anyone could possibly do on the subject. That shows true passion for what you do, and you do a great service for the community. Thank you.
This Xbox on the video is absolutely *gorgeous*
It is man! It's a thing of beauty!
Yup, and here's me with my standard looking one :(
@@CrAzYpOtHeAd420time Same, and not yet hacked :(
@@EpsilonDelta1 Did you ever remove the clock capacitor?
@@-mint5752 Nope
Imagine someone watching this on their OG Xbox through Linux
BRB Imma go do that
That sounds like it’s definitely possible
No videos of anyone watching UA-cam on an original Xbox exist as far as I know, so idk it if it’s really possible.
@@ambition3645 if you can boot Linux and a web browser surely you can do it
@@ambition3645 the video quality won't be good but it's not impossible
Looking forward to the 360 video. Thanks
It was amazing, even though my reply is years later.
Forgot reason 4, to play games from other regions on region locked hardware. That's why I got work-arounds for my Gamecube, and my PS2.
Dat voicemail... first time I hear that, it is gold! I find it really fascinating to learn how exactly security got breached on all the different consoles, wether via hardware or software or a mix of the two. That was told in great detail yet succint and moving at a fast pace, and with your usual flair. Very well done, MVG! that was one really enjoyable vid yet again!
A great video! You've managed to capture the history nicely there! I have a lot of fond memories of the old XBOX =D
Great video, but I think it would have been worth MVG delaying the release of this video in order to cover the two hacks he didn't mention.
To paraphrase Shigeru Miyamoto: a delayed video is eventually good, but a rushed video is forever bad.
Thank you so much for this video! I love seeing this kind of content on the game systems from my childhood, especially now that many of the original sources on forums and the like are long since gone. Thanks again and looking forward to more!
I love these kinds of channels. Super cool things I never knew about and done in a very good format with a great host. I could watch these all day.
Being that I have always enjoyed embedded electronics and hardware hacking (and plan on double majoring in CS and EE), I enjoyed this video covering security flaws in consumer electronics. Please make more of these!!!
i love videos that discuss the exploits and explains them on a technical level keep up the good work!
Can I just say MVG, thank you for your videos. I love that you make content on these older system that I have or can get easily cheap! Keep up the awesome work man :)
Your channel is fantastic, man. You always make the information very palatable for everyone and I always look forward to your videos.
You are a very good teacher. Thanks for all your contributions you’ve made in your lifetime. You are a genius and a humble man at that.
7:41 haha “Xbox 2”. Like they thought that Microsoft knows how to count
Xbox, 360, One, X....
Aw dammit failed the math test
95, 98, 2000, XP, Vista, 7, 8, 8.1, 10
😂 they're really not great at it
Xbox, Xbox 360, Xbox One, Xbox Series X/S, yeah they have issues naming consoles
@@Chuked similar how Valve can't count 3 ;)
Just found this channel a couple days ago. Awesome content and please continue with such high quality content!
Damn! Just found this channel. I love the in-depth technical analysis / explanations. I want MORE!
Great work!
This isn't the story of topic I'd usually be fascinated by, but this video was fantastically made and drew me right in. Thank you for the really interesting and well made content.
Fascinating! What a great video! :) Thanks MVG!
Great video, brings back some good memories for me. I bought my first Xbox after following the progress of the exploits. Softmodded it on day one and not long after I was getting a second unit and mod chips. My main use of the machine was for Xbox Media Center which was revolutionary HTPC software at the time, and getting our gimped PAL units to output HD resolutions via component :)
Nice video as always. I always like to take a look at the architectures of old systems as a means to learn things about how we ended up, where we are right now, but I don't have the Time to research myself, so I very much appreciate Videos like these. Nicely researched, comprehensive but still to the point.
Nothing is better than a new MVG video with a cup of coffee in the morning.
I didnt realize you do your own music. That´s awesome!
sick as hell video man. well done editing and amazing coverage along all branches of this story. BTW excellent shirt
A superb video.
Such an amazing amount of detailed research, it's exquisite.
this channel is one of the only reasons I'm excited for Mondays.
This guy really deserves millions of views for the amount of work he goes through for each video.
I really love your videos, is a good insight in a scene that usually few people are part of it. thanks
I appreciate this type of content, these videos are always so interesting and educational, please keep em up! Great job on this one.
More please. Love these videos. Very interesting.
(In bill lumberg voice) I'm gonna have to go ahead and ask you to remove that. Mmm kay!
lol !
Yeah, that'd be great
My stapleeer.
@@Chukwillard. Ok ok, I'll let you keep the stapler, as long as you listen to the radio at a reasonable volume!
To be fair, he was super nice about it. I got a cease and desist from Microsoft in 2004 that wasn't so nice. I never made an about-face quicker in my life.
Really detailed man, i though i knew something. gees newer knew how more complicated it really is. Thanks
This channel has the best content, and it's the icing on the cake that this man designed the emulator I used for my first SM64 120 stars(Surreal 64) It was a really great idea to combine the three best emulators into one program, as there were many situations where if Pj64 couldn't run something, 1964 could or vice-versa. I never got much use out of UltraHLE or whatever the third one was.
Hope you do one on the Saturn, the story behind how it was done and just how long it took always fascinated me
There is already a video on the Saturn. Just search it.
Thank you MVG, very cool!
Great video! Your explanations are always so detailed and yet easy to understand. Thanks!
I would love to see videos like this for all the major console and handheld releases. This was really great to watch.
You know when the thumbnail says "Mistakes Were Made" you're in for a great video.
How glad I am that they messed up the security :) The OG XBox is one of the best go-to machines for emulation, it's great!
I miss my modded xbox. My hdd broke and haven't touched it after that (in 13 years or so) and now i wouldn't have clue how to make it run some software (back in those days xbmc) anymore :/
I have to say, I really enjoy your videos detailing the cracking history and anti-piracy methods companies have used. Keep up the good work.
So glad you mentioned Andrew's work on this.
I vividly recall reading that blog about how he went about tapping into the bus, soldering his own custom PCB to the tiny traces. Fantastic work.
(I think this was around 2004?)
That did lead to people finding the other embarrassing security flaws, too. I still have a copy of 007: Agent Under Fire - the ONLY original Xbox disk I own. lol
I mainly used my Xbox for watching movies via XBMC, and a modded Xbox RGB SCART cable, so I could run Component to a projector.
Good times, and all thanks to the modders, hardware hackers, and coders. ;)
9:21 I remember seeing an old photo circulated around, where one of the save files had a Debian logo on it, so that could be one of the hacked save files.
I'm pretty sure your intro music plays when people are traveling to heaven. That's how good your UA-cam channel is haha
What is
The song?
As always, really interesting. It is so exiting to know, that I used your software back in the day on my v1.1. It is also hilarious to see how the Aladdin modchip looks when properly soldered in. I remember doing this with my father with solid copper wires, a non regulatable soldering iron an not understanding the manual as to how to solder the chip directly on to the pins. It looks terribly slaughtered in there, with the chip hanging loose, but works until this day.
MVG another great video, thanks so much for the massive amount of info.
I really like your channel and the information about hardware, little bit of history about Xbox, Modding and Softmod.
Still love these Xbox Classic machines, awesome seeing the 3 crystal versions at the back of your video.
Now that i know this version of the xbox exists. I need one
You know that's the odd thing, there's now a working 360 emulator that many games are working on enough to play through fully and still no classic xbox emulator.
Your videos are ALWAYS a delight! Hugh thanks for the time n effort you put into these!
I love that video m8! I just missed the hdd key and swapping method, etc. Love your work man, i love your channel! Hi and much thanks from Spain!
I'm a simple man, I see MVG upload, insta like.
I loved that they called the bloke who uploaded the rom file and ask nicely if they could remove the exploit lmao. Should've given him a job imo
Atleast they arent like Take Two Interactive, harassing you over a simple mod for red dead redemption 2.
This is awesome how in-detail and the depth you go into the console. If you could do like a comparison to modern day consoles, like the Switch, or Xbox One or PS4, and how their security is now, that would be sick!
What a great video it brings back the memories I was part of team xtender the journey started with me getting hold of a developer box great times we showcased the chip at the Barras market in Glasgow and the bowlers market in Manchester the same day.
Monday mornings at work go something like this: drop things off at my desk, make a coffee, close the office door and watch MVG. E-mails and other nonsense can wait.
Username checks out ;)
SLACKER
@@Charlie-zj3hw
It never ceases to amaze me how many people in the workforce are being paid far too much money!!!
@@ThinkerOnTheBus LOL, it never lasts, eventually their lack of productivity becomes apparent and they are made redundant or their position is discontinued, I have seen it over and over again
The best part of waking up is Folgers in your cup on Mondays!
LOL I love how sony just released Linux, "here you go, that will save you/buy us time"
This is my most favourite MVG video. Keep On!
very informative. you do some great vids explaining the ins and out of these exploits.
There's an insane book called by Bunnei about this. I was able to snag a limited edition first run and it explains everything very well. It's called hacking the Xbox.
Playing backups si so handy. Just dug out my old xbox and it's easy to just play games from hard drive. No need to have the discs moved out of storage. Easier to enjoy old systems
I knew most of this but, it's been years... Thanks for the refresher... I remember when I did mine, I went with a mod chip and dropped a 200gb drive into my Xbox... Plenty of space. I popped it out about a month ago and must of been playing games for like 12 hours... oh the fun I had with this system when it came out...
Never heard of your Channel bro, I stumbled across this video and boy am I glad!
"We'd certainly like to have you remove that if you could." If he could hahaha Aw shucks I'd like to but I just can't!
I assume the Microsoft guy was pretty much impressed at the hacker's work and didn't really want to see the kid get into serious trouble.
3rdalbum : A lovely optimistic thought indeed
they were being polite tbh
the other option was a Cease and desist with the threat of legal action
"i'd love to, but i've lost my password to the server (cause, you know, real security 😂)"
Another top informative vid!
BTW, I always thought it was pronounced RetroArk (short for "Retro Archive"), not RetroArch.
Thanks for doing these videos. They're really interesting to hear about even in restrospect.
Great video. Great content. Even the name of your channel is incredibly accurate and to the point.
Please do how the original Wii was hacked
oh, that's fun... Twilight Princess Hack alone is an amazing story of its own.
@@Tuxfanturnip That was the best decision i ever made in my life. Good times with that homebrew thingy :)
I still remember soft modding my xbox crystal with the “mech assault” exploit . 😅
Me too. I think there was a James Bond exploit as well. Fun times back then.
This channel is a mine of knowledge about old tech. Thank you.
awesome video, its nice to know a little piece of videogame history, thank you.
that background music you use. where do you get it? it's amazing! wanna listen to it all day.
I like it too! I wish someone would post the name.
@@louism771 modernvintagegamer.bandcamp.com/track/pacific-drive
So, as far as I can tell...
Literally any console maker: _removes or doesn't allow Linux_
Linux community: *"I didn't want war, but I didn't start it."*
I am a newcomer to your channel. I discovered your video series via browsing and found your subject matter to be very interesting and informative. I have subscribed, and I look forward to more content from you in the future.
This is great! I'm assuming my email 5 days ago was just coincidence ;) but I'm really glad to see see videos about these kinds of exploits and looking forward to more.
Is it weird that I used to get scared by turning on my Xbox. I would either think that it would break, or the intro video would give me nightmares.
It would be interesting to talk about how they now have the “real unhackable console” aka Xbox One.
everything's hackable, just needs time
everyone thought the ps3 was unhackable , look how it is rn lmao
the xbox one will be like the ps3 in 2-3 years
Actually its the Xbox 360 E with the Winchester motherboard.
every xbox one has dev mode. You can run home brew without needing to hack anything.
I appreciate the level of complexity in your videos. I'd love to see anything more about the saturn, dreamcast and ps1.
So much explanation in these videos. 100% quality channel
Can you see yourself covering homebrew and installation on the 3DS? I'd love to see it.
Oh, 3DS mods, what an adventure. I think I went through every method throughout the time. EmuNAND, A9LH, b9s..
yes for sure, its definitely on the list
Me too. I'd love too see A9LH on 11.9 even too it is irrelevant.
@@akwardturtleee Lol A9LH. Haven't heard that for a while
@@akwardturtleee Sadly that would be hard to achieve, because Luma3DS doesn't support A9LH anymore. Some code modding would required for that. And with last issue with Luma and 11.8 (or 11.7, I don't remember) system update.... yea...
No wonder the Xbox 360 was harder to mod.
For Homebrews it was indeed... But to play backups it was fairly simple, I remember I had to flash the DVD drive with a custom firmware
@@mIRChele can you run homebrew on the 360? I have one that I have never used but I'd love to get retroarch running on it.
@@philrod1 yes, there was a jtag method but was patched in later dashboard updates, I'm not in the scene for a while, I don't know if there's something else
@@mIRChele c4eva is a legend LT3 ftw 😁
@@mIRChele flashed my drive and played online with it for years. Just had to get a decent dump of a game that wasn't for jtagged consoles
Really cool and easy to understand. Thanks man. Good channel
Always learn something new from your videos, thanks!
To some Linux meens freedom...
For me Linux means frustration!
Depends on the distro and what your aims are. After a certain point, you got to have either a huge fascination or some masochistic streak to go deeper. For basic browsing, office style editing, watching movies and listening to music use-cases a standard Mint or Ubuntu is perfectly enough. At least those users can't install "totallylegitantivirus.exe" as easily as they can ruin windows machines.
@@Cinkodacs I've nevrr had my windows ruined by virus
The PSVITA is now FULLY exploited with a firmware downgrader now. You should do a video about that
informative yet entertaining, as usual. Thank you.
Great detailed video! Subscribed.
where can we find the infamous voicemail recording at?
He took it down because he could
From where did you get that blue case?
Wolfram Dulux der Dritte It is a limited edition halo console
Love these kinds of videos. Keep'em coming
Really fun video! A little of the jargon at 8:30 lost me (about the removal of the LPC header and Flash memory chip), but not for very long. I'm looking forward to the 360 video! :)
And now Microsoft has Azure's security.
Stop following me
Yep.
why you appear on every video ive not seen anything like this appart from you on youtube its so weird you keep appearing everytime
MarkyBhoy 1236 very rude of you to say, clearly he’s just an avid consumer of content.
Just when you think its safe
Why is your Xbox lookin' like a Limited Edition.
It is a limited edition
It's a Canadian blue. Very rare.
Is it not modded though.. kinda not rare anymore and just another modded piece of hardware out in the world?
new MVG video... best morning ever.
Man I just love the music you use in your video!