Word is out on the street that a flaw in the Xbox 360 DVD firmware may allow a hacker to install his own custom firmware in there unchecked, and as such gain full control of what the DVD will or will not accept. In practice, this would mean that the drive could gain the capability to boot backups of original game DVD’s by flashing a self-built firmware in there which ignores the mandatory disc signing.
The bold claims are being made by user TheSpecialist, who has been credited with a firmware hack before, which actually went unreleased because of several very good reasons. Considering this makes the guy credible enough, let’s move on to a few excerpts from his recent posts:
Word on the street is that some smart people of this board combined their forces, formed an underground team and are very, VERY close to getting the first 360 backup booting…
When asked for more information and the kind of modification required he responds:
Firmware. I doubt you’ll see some kind of OTHER hack soon, that lets you boot unsigned code for example. MS did a very good job on the 360 itself this time. However, they made a big mistake by forgetting about the firmware. They even didn’t remove the debug routines from the FW, quite amazing … The 360 has a little bit more advanced protection in its FW than the original xbox, but still, they did some stupid things (like forgetting about the debug routines, that were very helpful to us, hehe, and most importantly: not signing the firmware). I’m betting they’ll develop the MPU in the drive from scratch for their next gen consoles and sign the code in the FW
Not signing the firmware is indeed a major mistake, as it allows the hacker to gain full control of the drive. Microsoft can issue a forced update via Live to disable the modification, but a new firmware could be installed again which goes undetected. As such the hacker is in control of the cat/mouse game.
An important detail however is that the system will not run any unsigned code itself. As such it is impossible to flash the firmware by software, and you will need to have a hardware programmer to reprogram the firmware. Obviously this disqualifies the hack for any general usage. Thankfully, even if it would be usable to pirate games, hacker ethics and fear of Microsoft’s legal department stops the guys from actually distributing their findings. However, considering the fact that modding consoles has become an industry on its own, people with less noble intentions may intend to capitalize on the hackers’ findings now that it is out in the open where Microsoft slacked on security.
Considering the remarks made between the lines about the other parts of Xbox 360 security, actually running homebrew code such a Media Center modification is still a long way off, if it will ever be possible at all.
Disclaimer: Xboxic is firmly opposed to illegal modification of consoles and any illegal activity or breaking copyrights. We post this because this is Xbox-related news, not because we intend to spread piracy and promote illegal usage of consoles.