Hacking the Xbox
Hacking the Xbox
Hacking the Xbox
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Chapter 13 - Onward! 205<br />
between <strong>the</strong> tamper-resistant secure cryptomodule in <strong>the</strong> local machine<br />
and <strong>the</strong> au<strong>the</strong>ntication server. False system identification would require<br />
ei<strong>the</strong>r extracting <strong>the</strong> key from a tamper-resistant secure cryptomodule<br />
(possible, but not trivial and most likely destructive to <strong>the</strong> module), or<br />
somehow tricking a secure cryptomodule from ano<strong>the</strong>r registered,<br />
trusted machine into providing <strong>the</strong> falsified identity.<br />
The SPAM device can be manufactured for relatively little (high performance<br />
FPGAs can cost as little as $50 today in single quantities), and can<br />
be very easy to install. The SPAM can be ei<strong>the</strong>r integrated directly into a<br />
memory module (in which case it functions as both a trust violation<br />
device and as a memory expansion device), or it can be provided as a<br />
device that is installed in a stacked configuration in between <strong>the</strong><br />
mo<strong>the</strong>rboard’s memory slot and <strong>the</strong> existing memory device. In some<br />
memory card configurations, particularly ones that employ heat shields, it<br />
may be possible to hide <strong>the</strong> SPAM device and pass <strong>the</strong> module off as a<br />
regular memory expansion device. While elaborate, this may be a<br />
worthwhile attack against a large corporation or bank that stores highvalue<br />
secrets on a trusted PC-based server.<br />
Looking Forward<br />
When considering <strong>the</strong> prospect of trusted computing, we need to first<br />
consider whe<strong>the</strong>r <strong>the</strong> currently proposed schemes will offer all <strong>the</strong><br />
benefits that <strong>the</strong>y promise, and <strong>the</strong>n weigh those against <strong>the</strong> potential<br />
harm to consumers’ rights and <strong>the</strong> potential benefits to criminals<br />
(enhanced privacy can be used for both good and ill). If trusted computing<br />
could provide perfect security for online businesses, <strong>the</strong>n that might<br />
be worth <strong>the</strong> potential risks. However, <strong>the</strong> scenarios outlined in this<br />
chapter indicate that <strong>the</strong> trusted PC’s security may be less than perfect.<br />
Consider <strong>the</strong> <strong>Xbox</strong>. The <strong>Xbox</strong> is a trusted PC implementation that can<br />
be hacked with just a $50 solderless module. This places a fairly strong<br />
bound on <strong>the</strong> value of secrets that can be trusted to an <strong>Xbox</strong>. Hardware<br />
modchips are so inexpensive that <strong>the</strong>y pay for <strong>the</strong>mselves with <strong>the</strong> cost of<br />
a copied game title, or two games if you elect to pay someone to install<br />
<strong>the</strong> chip for you.<br />
Of course, <strong>the</strong>re are always <strong>the</strong> moral and social implications of stealing<br />
content too, as well as new legislation, such as <strong>the</strong> DMCA, which aims in<br />
part to make such acts a crime. Unfortunately, <strong>the</strong> current trusted PC<br />
proposals on <strong>the</strong> table are also weak in <strong>the</strong> face of similarly inexpensive<br />
hardware attacks. Thus, it is unlikely that <strong>the</strong>y will provide <strong>the</strong> level of<br />
security required for high-value or very embarrassing secrets.<br />
The fact of <strong>the</strong> matter is that hacking technology will be developed<br />
whe<strong>the</strong>r or not it is illegal, and whe<strong>the</strong>r or not <strong>the</strong> intention is good or<br />
evil. Thus, it is in <strong>the</strong> best interests of consumers and companies to<br />
educate <strong>the</strong> population about hacking, and for everyone to understand<br />
<strong>the</strong> limitations of <strong>the</strong>ir “trusted PC.” The worst-case scenario would be