Re: [Free60-Devel] Lots of info on xbox 360 hardware

[smo]

Hello,

On 07/12/05, Brice Collins <[EMAIL PROTECTED]> wrote:
> i found this link full of info on the hardware and security. It has ram
> dumps and everything.

Truly interesting information. The things I could decipher from the post were:

- Only physical memory is encrypted, seems logical - apps don't have
to worry about encryption. Basically this only prevents physical
memory snooping.
- Access fuses, burn fuses (syscall 22): retail boxes out of debug
boxes? Sounds more like "permanently burn a per-box key onto CPU".
- Recovery CD seems to contain all the stuff people are trying to pry
out of their Xboxes.
- Kernel updates probably come as non-Xbox-specific - the Xbox is
probably capable of encrypting the updated kernel for itself.
- Serial port is most likely a debug box feature.
- Don't really understand his hypervisor attack possibility - I guess
he's trying to place some code to dump the hypervisor memory space
into the memory and then corrupt the physical memory randomly trying
to produce a jump instruction into his attack code. But if hypervisor
can only do physical memory in its privilege level, I guess the
exploit code would need to be encrypted as well (if you store it in
the kernel context, your code would be enrcypted and the hypervisor
would see it as encrypted as well).

-smo


-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_idv37&alloc_id865&op=click
_______________________________________________
free60-devel mailing list
free60-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/free60-devel