Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the math-captcha domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/news.numlock.ch/public_html/wp-includes/functions.php on line 6114
About hacking the Xbox – A changelog by Daniel Mettler

About hacking the Xbox

Meanwhile, I’ve finished reading Andrew “Bunnie” Huang’s Hacking the Xbox – An Introduction to Reverse Engineering. It’s a great book (apart from some formal deficiencies due to lacking publisher support) and I can highly recommend it to anybody who’s interested in any of the fields such as reverse engineering, hardware hacking, HW-/IT-security, video game consoles (particularly the Xbox), US laws and others.

Some points what this book is all about (in my very personal view as someone who read it):

* It’s about reverse engineering. It’s about HW-security and security in general. It’s about HW-hacking in the age of the DMCA. It’s about your rights to explore and excel and how to keep doing it despite of/in accordance with DMCA. It’s about having fun with challenges. It’s about online hacker communities and their backgrounds.
* It’s about (US) laws and ethics.
* It’s about economics of video game consoles.
* It’s about HW-hacking basics. It rather covers practice than theory.
* It’s not a step-by-step guide about hacking a Xbox as this would not match with current (unfortunate) american laws (DMCA).
* Important note: The entire book is legal according to US laws

My take: Unsurprisingly, I didn’t read this book for hacking a Xbox. I don’t even have a video game console as I’m not an avid “gamer” (I prefer having a nice joystick instead of a rather limited game pad and I prefer using a PC as I’m more into simulations than typical game console games -> well yeah, I know the Xbox is a PC in fact). Needless to say I don’t intend to buy one in the future, not even for running Linux on it. IMHO, hacking a Xbox mere for getting a cheap LinuXbox is not that attractive anymore (nowadays, you can probably get better HW for the price of a Xbox.. even saving you the efforts and expenses to hack the Xbox). However, it might still be attractive if you see it as fun or an educational challenge (although with today’s alternate-rom-chips and with the know-how provided by the Xbox hacker pioneers, it’s probably not that much of a challenge anymore). I’ve solely read the book to get a first-hand insight into the general topic of HW-hacking with the goal to learn judge the security-concepts of current security architectures such as TCPA, Palladium/NGSCB etc. And that’s exactly what I recommend this book for in the first place. Of course you can’t expect to be a security expert or a HW-hacking guru just after reading a book. In fact, you’re far away from it. But you get an idea of how much it takes to get there (i.e. to an equal level with Bunnie & Co.) and you get an idea of how difficult (probably impossible) designing secure hardware is. You also learn about the general problems and disadvantages of HW-based security approaches and how to do it better.

Unfortunately, many people don’t seem to understand the main aspect of the book. For example I suggested the local library to buy some exemplars, as I consider it to be a very valuable (a “must-read”) book for any CS/IT/EE student. Their answer: “We don’t cover books about game consoles”. Poor judgement (though not atypical). As a consequence, students who are interested in reading this book will need to purchase it (Domestic: See the Orell-Füssli shop at the Bahnhofstrasse in Zurich or books.ch; Intl.: See the web sites of NoStarchPress, Amazon etc.). I recommend to do so however. It’s definitely worth it as it will broaden your horizon in a new way.

Leave a Reply

Your email address will not be published. Required fields are marked *

7 + 1 =

This site uses Akismet to reduce spam. Learn how your comment data is processed.