Xbox-Linux: Free60 project started Options

[XanTium]

Xbox-Linux: Free60 project started -- Posted by XanTium on November 25 03:53 EST
You might remember we announced back in May that Team Xbox-Linux launched their project page (wiki) for the Xbox 360 on www.free60.org.
Today they launched the developers mailing list for technical/serious discussions on how get Linux boot on the Xbox 360.

Their documention page also contains some interesting details about the Xbox 360 already:
[QUOTE]
* The flash is encrypted with a per-box key
* The key is stored inside the CPU
* The boot ROM is stored inside the CPU
* Also inside the CPU is a hypervisor that verifies the running state of the kernel, making sure there is no modification (RAM checksums), else the Xbox360 panics and blows up!
* The CPU contains RAM inside of it to store the checksums
* All interrupt/exception handling is done by the hypervisor
* All code runs in kernel mode
* The emulator for first generation games can be updated via an official Microsoft download burned to CD by the user, though the CDs' content will be encrypted and signed with public key cryptography.
The Xbox 360's Hard Disk appears to connect to the Xbox 360 via 7-pin SATA, internally the drive connects to the external connector through standard SATA data and power connectors. This should be of some help.
[/QUOTE]

They also have a disassembly of the official Xbox 360 WirelessLan adapter (Marvell 88W8388-BDK1 which seems to be 88W88305-derived,) here. They tried to connect it to a linux PC, but no support for it atm (full initialization failed?).
Some info about those backward compatibility updates is available here.

Official Site: http://www.free60.org

[atlanta800]

WOW, that is impressive. I gotta hand it to M$, when they said they were adding hardware provisions to aviod the 360 from being hacked, they were not joking. I mean I was thinking yeah right when the techs started saying that it would take an extremely long time to be hacked, but now its looking that way. Granted, all these anti-hacking measures would have to be perfect in order to work, and if when they find that tiny little loophole, man will it be a good day.

[Avenger 2.0]

Nice protection. Hope someone will write a book about it (just like bunnie did).
If it's true about the boot rom being inside the CPU, it might be very difficult to crack.

[Chamrock]

Has Bunnie really confirmed that he has assisted MS to make 360 difficult to hack? If that is true I really hope he gets beaten up! I don't give a damn even if he was the main gay behind crackign the first Xbox. Helping MS is a great slap on the scene.

[johnstark]

Impressive list of protection there.

Has anyone ever figured out how to sign homebrew software? How does gameshark/action replay do it? Aren't they unofficial?

[fasmanza]

Sudenly the running homebrew on the xbox 360 seems very distant

[TheSandman87]

i wonder if bunnie left a back door open...(if he he helped with dev on the encryption) This is going to be a very interesting year. Good luck everyone!

[DynaMight]

Dont forget we're still talking about MS here, there'll be security holes I'm sure, the more complex it is the more chance there is of a hole. Will be interesting to see how long it takes.

How long did the Xbox take?

[DivyX]

Hi.
I was wondering how all this new security disables the methods used cracking the first gen xbox?
Like can you snif inside the cpu whats happening in there if it's not all encrypted all the time, which it prolly is? *picturing in my mind a streaming hack like GC has... :/
Would be neat if someone would do security comparison chart between xbox & x360.

Sorry bout the noobness...

Br: Divyx

[Trevante]

Also inside the CPU is a hypervisor that verifies the running state of the kernel, making sure there is no modification (RAM checksums), else the Xbox360 panics and blows up!

I hope this was just exaggeration..... a device that blows up or fails on purpose when tampered with should not be on the market IMO.

[SiliconIce]

I really don't think bunnie worked with MS on this -- I just posted about an article he wrote last summer where he speculated about their security measures. If he was working with them at the time, I don't think he would have written this and posted it publicly. It sure does seem impressive... :-)

[TheSpecialist]

Hi.
I was wondering how all this new security disables the methods used cracking the first gen xbox?
Like can you snif inside the cpu whats happening in there if it's not all encrypted all the time, which it prolly is? *picturing in my mind a streaming hack like GC has... :/
Would be neat if someone would do security comparison chart between xbox & x360.

Sorry bout the noobness...

Br: Divyx

In the XBOX 1, the bootloader was transferred from the Southbridge to the CPU. Bunnie built a device to snoop the data while it was transferring on the bus from the Southbridge to the CPU/memory. However, since the 360's bootloader is in the CPU itself, there won't be any bus to snoop this time. It's all done internally and that's why it will be VERY VERY hard this time to get to this bootloader code ... The only way i think that remains, is decapping the CPU, but ... decapping a 3-cored CPU will be VERY VERY hard, will take very much time and you'll need very expensive hardware. And even if this was succesful, I doubt that a modchip could be built, since I think that it is impossible to build a device that somehow overrides the internal CPU bootloader

This post has been edited by TheSpecialist: Nov 25 2005, 02:33 PM

[garshmalarsh]

What about a back door method similar to the ps2 where you can use backwards compatibility as the catalyst to read homebrew apps (HDLOADER) from the hard drive or a memory card? Is that possible?

[dalezer]

What that's CRAZY! So much more protection than I expected there to be. DAMN M$ is really trying to protect its PROFITS this time.

This post has been edited by dalezer: Nov 25 2005, 03:16 PM

[Avenger 2.0]

The only way it can be cracked (if it ever will be cracked), is likely to use an exploit or bug in the bootcode. With that it might be possible to build a modchip or softmod. But these would be easy to fix for a next hardware revision. Nothing is sure at the moment, only time can tell. But for now, let's use this box for what it was designed... GAMING