Hacking the Xbox
Hacking the Xbox
Hacking the Xbox
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
166<br />
<strong>Hacking</strong> <strong>the</strong> <strong>Xbox</strong>: An Introduction to Reverse Engineering<br />
a set of custom CD-ROM images, since this would solve many of <strong>the</strong><br />
CD/RW headaches that users have been experiencing. (Also note that it<br />
is possible to install in your <strong>Xbox</strong> an after-market DVD-ROM drive that<br />
has better compatibility with writeable CD formats, as discussed in <strong>the</strong><br />
previous chapter.)<br />
Note<br />
“Project B”<br />
Keep in mind that <strong>Xbox</strong>-Linux is an active project that is<br />
constantly evolving. The most up-to-date instructions for<br />
installing GNU/Linux on <strong>the</strong> <strong>Xbox</strong> can be found at <strong>the</strong><br />
Sourceforge <strong>Xbox</strong>-Linux website, and <strong>the</strong>se instructions<br />
have been translated into at least a half-dozen languages<br />
at <strong>the</strong> time of this writing. If you are interested in contributing<br />
your talents to <strong>the</strong> <strong>Xbox</strong>-Linux project, <strong>the</strong>re is a list of<br />
projects to-do on <strong>the</strong> Sourceforge <strong>Xbox</strong>-Linux website as<br />
well as some instructions on how to join <strong>the</strong> developer’s<br />
mailing list.<br />
There is a work in progress, referred to as “Project B” by <strong>the</strong> <strong>Xbox</strong>-Linux<br />
developers, to find a way to install and boot <strong>Xbox</strong>-Linux without any<br />
hardware modifications. The Project B moniker comes from <strong>the</strong> criteria<br />
defined for <strong>the</strong> awarding of a $200,000 prize offered by Michael Robertson,<br />
<strong>the</strong> CEO of Lindows. The “Project A” prize was $100,000 and it has been<br />
awarded to <strong>the</strong> first group to get Linux running on an <strong>Xbox</strong> with hardware<br />
modifications. The remaining $100,000 will be awarded to <strong>the</strong> individual or<br />
group that completes Project B. The asymmetric division of <strong>the</strong> prize<br />
money hints at <strong>the</strong> challenge of completing Project B. (More details on<br />
Project B can be found at <strong>the</strong> Sourceforge <strong>Xbox</strong>-Linux website at http://<br />
xbox-linux.sourceforge.net/articles.php?aid=2002354043211.)<br />
There are a number of Project B strategies being pursued by various groups.<br />
The most conceptually simple approach is to factor <strong>the</strong> 2048-bit RSA key<br />
used to sign <strong>Xbox</strong> game disks. This approach is being pursued by<br />
OperationProjectX (http://sourceforge.net/projects/opx) using<br />
a distributed computing approach. Simply put, if <strong>the</strong> 2048-bit RSA key is<br />
factored to reveal Microsoft’s private key, anyone can forge Microsoft’s digital<br />
signature and create bootable game disks for <strong>the</strong> <strong>Xbox</strong>, given that Microsoft<br />
never removes from <strong>the</strong> <strong>Xbox</strong> kernel <strong>the</strong> ability to load programs from<br />
regular CD or CD/RW media. Significantly, Microsoft ships its games on 2layer<br />
DVD-9 format disks with special security structures. The <strong>Xbox</strong><br />
firmware could be configured by Microsoft to only boot from disks that<br />
have this particular structure, regardless of <strong>the</strong> digital signature check. Since it<br />
is currently impossible to burn 2-layer DVDs using a common DVD burner<br />
drive, requiring secured DVD-9 media as <strong>the</strong> only source for executables<br />
would present an impairment to distributing <strong>Xbox</strong>-Linux through free<br />
downloads off <strong>the</strong> Internet. The o<strong>the</strong>r problem with this approach is that<br />
<strong>the</strong> chance of successfully factoring <strong>the</strong> <strong>Xbox</strong>’s private key through a brute<br />
force search is very, very small. (Chapter 7, “A Brief Primer on Security,”