Can you tell us a little bit more about yourself, and how you got into hacking?
I am 37, living in England, near Kettering in the East Mid-lands, with my wife, our four children and two cats.
I have been interested in computers from the age of 12 or so, when my brother bought a Commodore Pet. This 1MHz 6502 kept me occupied for months and months trying to write first BASIC code typed in from magazines, then games for it; eventually I wrote a fantastic character-cell Space Invaders thing in machine code. Machine code is where you are actually programming the CPU directly in hex; I still remember the common 6502 opcodes in hex now. This was such a dificult effort that I decided my next project would be an assembler written in machine code. 1978 was before the days of the Internet: I couldn't afford the commercial assemblers because I was just a kid and there weren't any people around us that I knew to warez a copy from.
This was fairly pathetic as assemblers go, but it worked fine.
I learned from this the value of having the right tools, I could write far faster in Assembler, and whole kinds of errors mis-computing relative branches by hand, for example) went completely away. Next I had a BBC Model B computer, and again I was interested to make tools and games. I was offered a scholarship at a public school, but turned it down and instead left school at 16 with no further education. I was quite content to teach myself anything that interested me.
I sold a few games for this and another 6502 platform called the Oric, and with that money started up a company making Assemblers and other development tools. On the way I learned C and C++, and each time I stepped up whole rafts of bugs and timewasting miseries disappeared.
(continued)
4 Posting from www.xboxhacker.net under the Xbox Hacker BBS- >
Xbox Hacking (TECHNICAL) -> BIOS/Flash ROM/Firmware ->
News from the Xbox Linux Team, MS ‘made a hash of it,’ guts exposed.
That single location can be pre-loaded with a follow-up jump instruction back into any piece of user code using the previously discussed jam table codes. The Xbox hacking community had come together in a heroic effort and cracked Xbox security version 1.1 in three days. A separate effort, no less valiant, by Xecuter had also cracked the security in the same time frame.
The first moral of this story is that security is only as strong as its weakest link. While there is little doubt about the robustness of the RSA cipher and the SHA-1 hash for digital signature purposes, these were not the only elements of the security system. The TEA cipher used to extend the secure boot ROM’s trust sphere into the FLASH ROM had flaws that allowed hackers to walk around the strong digital signature algorithms.
This leads us to our second moral: complexity breeds weaknesses.
Complex systems are difficult to design, test, and analyze. The version 1.1 security for the Xbox was probably implemented on a short fuse, so
Its like that picture on the “Ascent of Man,” from Nethanderal relative branch computation through to Homo Erectus with his virtual functions.
Alongside this I began to explore digital hardware design, again teaching myself from experience. I discovered that hardware and software are two sides of the same coin, al-though they are treated completely separately in education.
It’s really an implementation detail whether you choose to make your logical function in software or in hardware, or some mixture of the two. Having a foot in both camps gives greater insight into the nature of design: for example, C++ can be said to borrow many concepts from electronics in terms of the importance of interfaces.
Recently before becoming interested in the Xbox I had been working for a US-owned company with an office in Oxford, doing many jobs but the last one was designing smartcard silicon. Although the design was interesting and there were some great people working in the trenches there, I became increasingly despondent about the politics and problems with the management. Nor did it help that despite being spread across several projects, I was paid 2/3rds the salary of staff in San Jose simply because I was based in the UK. And don't get me started about the patents they had from me with no re-ward. In December 2001 I discovered that integrity was more important than money, resigned, and decided to go back to working for myself.
I had been rather tenderized by some unpleasant experiences on leaving this company, while digesting these I found myself snagged by the vast difference in outlook between the ugly, grabbing, controlling instincts of your average company in-volved in Intellectual Property, and the nature of GPL projects and the people involved in encouraging a reduction in the severity of patent and copyright laws. As time went on I in-creasingly came to see Microsoft, and the previous company
(continued)
there was insufficient time to analyze the system for weaknesses. Either that, or Microsoft knew about the TEA weakness and designed this back door into the system to mitigate the risk of locking their FBL into silicon. It seems rather doubtful that Microsoft intentionally included this back door, since modifying the MCPX silicon is a very expensive proposition (although the expense ended up on nVidia’s books). On the other hand, complexity is hard to avoid. My advisor at MIT, Tom Knight, once told me, “There are two kinds of designs in this world:
those that are useful, and those that you can formally prove to be correct.” To some extent, the only way to ensure the security of a real-world system is to make its details open (no security through obscurity!) and subject the system to analysis from all angles. In a way, a thorough analysis of Xbox security is being conducted at no expense to Microsoft, thanks to the hacker community.
I was working for in the same light.
It was after this that I read about bunnie's hack on Slashdot. I read about bunnie's methods with some tart emotions. My main thoughts were that this was something that I could have done, since I have been using the FPGAs that bunnie used since 1989, admiration for the conciseness of the attack, and dismay with myself that I had not been doing something equally cool and interesting — and that matched with my philosophi-cal predilictions — with my time. Instead I was sitting there reading Slashdot, drinking coffee, contributing nothing. (An aside, I think this is a fairly common experience for many Slashdot readers, to be a little jealous and challenged when they read about someone else's cool hacks. I think it explains the constant background noise there of jeering and question-ing why someone would want to do such a thquestion-ing.)
Over the next few weeks I gathered as much information as I could on the internals of the Xbox; Xboxhacker.net was cru-cial for this. It’s also where I met Michael Steil as the Xbox Linux project was starting. Pretty soon I was able to identify interesting projects that I could contribute to, for example the Milksop project. Again from this, with Surferdude's help, it became possible for me to put together the very first clean ROM which was able to boot and keep up the Xbox with-out being reset. This later became the basis of the crom 1MB Linux and cromwell, the Xbox Linux clean ROM. After the initial hacks and designs, I decided to work almost en-tirely towards the Xbox Linux goal.
Can you tell us why you hack the Xbox?
Why? Everyone has different reasons, but for me it was my comprehension of Microsoft's outrageous antitrust behaviour
— deny everything, appeal everything, delay everything, and in the meanwhile, create and dump (for they are sold at below cost) on the market millions of Microsoft-only PCs
— the Xbox. Since our representatives here in Europe and the U.S. don't seem to care (perhaps, as was the case re-cently in the EU, because they plan to go work for Microsoft
(continued) Profile: Andy Green (continued)
Even if Microsoft had used a stronger hash function in the secret boot ROM, there are still a number of viable attacks on the Xbox that have yet to be tried. One can mount a man-in-the-middle attack on the
HyperTransport bus (see Chapter 8) by overdriving the signals with carefully timed pulses. This attack is fairly simple to implement, since each HyperTransport bus trace has a test point visible from the compo-nent side of the motherboard. A complete hardware solution would involve an FPGA on a board with “pogo pin” bed-of-nails style test connectors. This board can be impressed upon these test points without any solder. Another attack, suggested by Adi Shamir to me at the CHES conference, is to employ a timed glitch in the CPU clock or power supply to upset the calculation of a jump target address. This kind of attack has been applied with success to the processors in cryptographic smart cards.
Again, this kind of attack can be implemented fairly easily and cheaply as a user-installable module. (Keep in mind that a much broader range of attacks is available to hackers if the goal is a onetime defeat of the security to recover, for example, a secret key or a block of critical code.)