Yes that is true. I was thinking more in the lines of attacking the
encrypted stream from either xbox live or one of the game titles in
hope of intercepting the stream to inject own code. And from the
DVD's and xbox live, which in turn probably is still encrypted when
stored on the disc, so that leaves us with encrypted streams from DVD
and HD.
One way to get in touch with the CPU could be to manipulate memory
while running like the old cartridges used to do. This requires some
magic skills though, but again thats what all the options seems to be
so far. Intercepting the actual memory controller would be quite
interesting.
Regards,
Patrick
On Dec 5, 2005, at 3:27 PM, Richard Colbert Jr wrote:
Just one problem with that logic Patrick. The encryption (and key) are
stored inside the CPU as is the boot rom. Therefore, nothing is ever
streamed into the cpu. Only the decrypted stuff is streamed out.
However, you can use a Boot Rom update disk (which you can download
from
Microsoft) to update the boot room. It might be possible to infect the
encrypted boot room disk in order to replace the boot rom with a
version of
embedded linux. However, even if you manage to do this, the system
still
wont work because of several other security measures built into the
processor.
As I see it right now, the best bet to crack the 360 is to either
develop a
mod chip that snaps over the processor and disables the encryption
(highly
unlikely to be this easy) or replace the triple core power pc
processor with
a dual core ppc processor (Also Apple now has Quad cores but doubt
they will
work on the motherboard in the 360). You would have to replace the
processor
with a 3.2Ghz Dual core though, otherwise it would fry the system
because
the memory runs at 3.2Ghz.
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Patrick
Hanevold
Sent: Monday, December 05, 2005 7:56 AM
To: [email protected]
Subject: [Free60-Devel] cryptography
Hello there,
I have the competence to work on breaking the xb360 security system,
but I am just lurking on this list and haven't really considdering
puting my own effort into understanding and cracking the box. I have
a question though to the wise fellows in possession of the mighty
force.
I have just quessed my way to how things are tied together here, but
as I understand, all code is read encrpyted and decrypted totally
withing the CPU with the actual decryption algorithms and keys within
the memory of the CPU itself. Please correct me if Im wrong, Id guess
others would like to have some insight aswell if someone knows for
sure. Anyways, the encrypted data is obviously streamed trough the
CPU and leaves the CPU decrypted at the same ratio as it enters.
Both of these streams can be intercepted and analyzed. From my own
experience with cryptography I know its a bitch to decipher modern
crypthograpy systems, obviously. However, having both the encrypted
and the decrypted data helps a lot. Could someone with more
experience on the specifics please share some thought on this. What
efforts would be needed if realistically possible at all to find the
keys having both sets of data.
Regards,
Patrick
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through
log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD
SPLUNK!
http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
_______________________________________________
free60-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/free60-devel
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through
log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD
SPLUNK!
http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
_______________________________________________
free60-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/free60-devel
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
_______________________________________________
free60-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/free60-devel
