Jump to content



Photo

DRM and Unauthorized Console modding/rooting the system Dead?

xbox one

  • Please log in to reply
50 replies to this topic

#46 vcfan

vcfan

    Straight Ballin'

  • Tech Issues Solved: 3
  • Joined: 12-June 11

Posted 14 June 2013 - 23:52

There's a lot of crap in this thread, pretty unbelievable really.
Anyway, security on consoles is achieved through obscurity or public/private key encryption. Cracking obscurity is hard if you don't have the right tools and knowledge, but if for example you know how to de-pot chips, have a very intensive microscope and somehow to scan the whole chip at a clear level and have enough time to search the chip, you'd be able to de-obscurificate it and crack the encryption. Some academic did that with the PS3 and xbox 360 and got some private keys somehow.
Public/private key is much harded because you need an exploit or the private key really.


decapping the chips were never done on xbox or ps3 CPUs,it was all software hacking. only the dvd drive ic was decaped. you can decap these main CPUs all you want, unless you have access to expensive tools,then theres no way you're going to be able to work on 40nm parts. the maximum you can see the transistors on optically with a microscope is 350nm. anything smaller and you are exceeding the wavelength of light. if you want to rent time on a focused ion beam workstation,get ready to pay $400+ an hour using such devices. And even then, there are security meshes,5+ layers,light sensors, encrypted busses,invisible roms, all which would take an enourmous amount of time to figure out.


#47 NightmarE D

NightmarE D

    Proud father

  • Joined: 17-March 05
  • Location: Covington, KY

Posted 14 June 2013 - 23:58

Not everyone who mods their consoles goes straight to pirating games.

Original Xbox, PS2 and the Wii when modded all have the ability to use a HDD to run games. That's the biggest reason I have them all modded. Throw in a large HDD loaded with copies of the games that I PAID FOR and less loading times and no wearing down the optical drive. Extending the life of the consoles and the discs themselves. Same thing with my PSP. Would rather load everything from a 32gb card instead of that idiotic, battery killing, slow-loading UMD drive.

#48 n_K

n_K

    Neowinian Senior

  • Tech Issues Solved: 3
  • Joined: 19-March 06
  • Location: here.
  • OS: FreeDOS
  • Phone: Nokia 3315

Posted 15 June 2013 - 00:12

decapping the chips were never done on xbox or ps3 CPUs,it was all software hacking. only the dvd drive ic was decaped. you can decap these main CPUs all you want, unless you have access to expensive tools,then theres no way you're going to be able to work on 40nm parts. the maximum you can see the transistors on optically with a microscope is 350nm. anything smaller and you are exceeding the wavelength of light. if you want to rent time on a focused ion beam workstation,get ready to pay $400+ an hour using such devices. And even then, there are security meshes,5+ layers,light sensors, encrypted busses,invisible roms, all which would take an enourmous amount of time to figure out.

I'm pretty sure it was done, it wasn't done for a crack or whatnot it was academic, can't find anything with some quick searches only loads of links to exploits but I'm sure it was reported on years ago saying security on the 360 was done through obscurity.

#49 vcfan

vcfan

    Straight Ballin'

  • Tech Issues Solved: 3
  • Joined: 12-June 11

Posted 15 June 2013 - 00:29

I'm pretty sure it was done, it wasn't done for a crack or whatnot it was academic, can't find anything with some quick searches only loads of links to exploits but I'm sure it was reported on years ago saying security on the 360 was done through obscurity.


could be analysis on the bootloaders,which are actually dumped. that would make sense,because it would take years and years even with the right tools to dig into the chip enough to extract this sensitive data. even the guys that do this for a living and have access to these tools,like chris tarnovsky and karsten khnol take a long time to do this on simple microcontrollers. tarnovsky took 6 months to hack the Infineon TPM chip,which is an 8-16 bit microcontroller,and I believe its in the 200s nm. the PPC chips of last gen are totally different beasts. no way it was done. tarnovsky was asked to do work on the xbox 360 chip actually,and the other party offered $200K,and he turned them down and said no way,thats not enough money.

#50 n_K

n_K

    Neowinian Senior

  • Tech Issues Solved: 3
  • Joined: 19-March 06
  • Location: here.
  • OS: FreeDOS
  • Phone: Nokia 3315

Posted 15 June 2013 - 08:29

could be analysis on the bootloaders,which are actually dumped. that would make sense,because it would take years and years even with the right tools to dig into the chip enough to extract this sensitive data. even the guys that do this for a living and have access to these tools,like chris tarnovsky and karsten khnol take a long time to do this on simple microcontrollers. tarnovsky took 6 months to hack the Infineon TPM chip,which is an 8-16 bit microcontroller,and I believe its in the 200s nm. the PPC chips of last gen are totally different beasts. no way it was done. tarnovsky was asked to do work on the xbox 360 chip actually,and the other party offered $200K,and he turned them down and said no way,thats not enough money.

Looked it up and that must be the guy, seems that maybe one article has it a bit wrong and that's the article I read?
http://news.techworl...ims-researcher/

#51 vcfan

vcfan

    Straight Ballin'

  • Tech Issues Solved: 3
  • Joined: 12-June 11

Posted 15 June 2013 - 14:20

Looked it up and that must be the guy, seems that maybe one article has it a bit wrong and that's the article I read?
http://news.techworl...ims-researcher/


yeah see, that wasn't the xbox 360 cpu, that was the TPM chip in the xbox 360 controller. this chip is the Infineon sle 66,which is a 8/16 bit microcontroller that's used for security such as TPM chips in pcs, satellite access cards, gsm chips.

I see where the confusion comes from, articles like that are vague,and make no mention that its the chip in the controller,not the console.