On Tuesday, Microsoft has released an Xbox 360 software update that overwrites the first stage bootloader of the system. Although there have been numerous software updates for Microsoft’s gaming console in the past, this is the first one to overwrite the vital boot block. Any failure while updating this will break the Xbox 360 beyond repair. Statistics from other systems have shown that about one in a thousand bootloader updates goes wrong, and unless Microsoft has a novel solution to this problem, this puts tens of thousands of Xboxes at risk.
It seems that this update is being done to fix a vulnerability already known to the Free60 Project. This vulnerability has been successfully exploited to run arbitrary code, and a complete end user compatible hack has been in development for some time and is planned to be released on free60.org shortly. It will allow users to take back control of their Xboxes and run arbitrary code like homebrew applications or Linux right after turning on the console and without the need of a modchip, finally opening up the Xbox 360 to a level of hacking as the original Xbox.
Because of the dangerousness of the update and the homebrew lockout, the Free60 Project advises all Xbox 360 users to not update their systems to the latest software version. The Project website at http://free60.org/ will provide the latest information on this ongoing topic, including the final hack software.
Free60 (www.free60.org) is a project that aims to enable Xbox 360 users to run homebrew applications and operating systems like Linux on their consoles. The effort is headed by Felix Domke and Michael Steil, who have a background in dbox2, Xbox and GameCube hacking, and who have spoken at various conferences about their findings. Two years ago, Free60 released a hack that allowed arbitrary code execution using a game (“King Kong Hack”) as well as an adapted version of Linux, but this possibility has been disabled by Microsoft in subsequent updates of the Xbox 360 software.
Felix and Michael have repeatedly argued that game console manufacturers should open up their platforms to Linux and homebrew, similar to what Sony has done with the PlayStation 3.
(Felix Domke, Michael Steil, Free60 Project; 11 August 2009)
eek. We’ve worried that Nintendo would do this with their bootloaders; fortunately, they’ve (so far) only done this in the factory and can therefore fix any failures there.
In case of failure, will there be any sort of distinctive error code that would tell a service center that this failure happened (rather than customer abuse, etc)? Could a Microsoft service center fix this easily, or would they have to throw the whole PCB away like Nintendo does?
You and Felix are the best!!!
Is the stage1 one-time-programmable like on the Wii?
🙁 I already updated…. but I have an older console also….
I wish I had some prior notice about not too update…
If there is something I can do to help you guys out let me know.
Also, Hey Brushing any news on the ds hacking?
also That was a FAIL idea for an update
Microsoft: “Hey I know a great idea lets re write the boot sector of the xbox 360…… Even though it’s risky”
*1 week later*
…. why are there so many nuked xbox’s…
Awesome! It would make a perfect desktop computer.
Is it really so risky writing to the boot sector? How many times have you updated LILO or Grub on your Linux installs?
It’s the same harddrive in every Xbox 360 so it’s a known quantity, not like updating generic drives that may or may not be fully supported.
Anyway, I’ve updated. I didn’t know about free60 which sounds interesting but I suspect the same vulnerability was probably being used to pirate games was it? It can only be a good thing if another avenue for pirates is closed off.
@Donncha O Caoimh
Another avenue for pirates is closed off? That’s been the most frustrating thing for me, since the DVD firmware is so easily hackable and the pirates can play their games, nobody seemed interested in homebrew… until now.
The pirates have been pirating 360 games for years.. this is something else entirely. Opening the system can make your 360 a HD media center, games machine, hobby programming platform etc.
Personally, I’ve been waiting for an exploit since I bought my system. It’s what I used my Wii the most for (thx bushing!) and once it’s released for the 360 it’ll take up most of my ‘gaming’ time on that too.
Bring on XBMCHD! 8)
@Donncha O Caoimh
The harddrive is optional, so I’m quite sure that the first stage bootloader mentioned is not placed there.
Wait, what’s the WWW address for the free60 project?
Donncha O Caoimh: It is not the boot *sector* that is being updated, it is the boot *loader*. This is equivalent (roughly) to the BIOS on your computer — and how many times do people update that? Definitely much less than a boot sector.
You’ll also note that in recent years, the motherboard industry has gone to great lengths to make this less dangerous: most motherboards today have a dual-BIOS chip, with the backup always read-only, which will automatically kick-in in case of failure. Other technologies also exist to try and prevent failure (such as having a “scratch” area where the update is first uploaded, such that a power failure won’t affect the system, and then atomically loading that area into the new BIOS). The XBOX 360 employs none of these techniques.
They’ve already weathered the whole red ring of death debacle. What’s another one in a thousand xbox’s broken beyond repair to them? All in a days work at Microsoft.
PS2 open == laughable.
AIUI, it’s worse than Tivo-ized. Permission to run Linux at all is controlled by a copy-protected boot DVD, and once Linux is running access to all the external devices is mediated by DRMware loaded into the PS1-like I/O controller.
I do not have said kit so I could be wrong, but at the very least be careful of optimistic assumptions based on a mixture of Sony marketing and big dreams.
A platform is open to my view when the programs it runs have the four essential freedoms. The tivo-ized drm-ified PS2 Linux port is missing freedoms #2 and #3 because sony retained ability to modulate the price and availability of the “Linux kit” to prevent any significant linux community from growing—you cannot write Linux programs and share them with your neighbor unless your neighbor posesses a “kit”.
It’s almost as dumb as the developers saying “but you can run any program you like on DRMphone if you only sign up for a developer account”—they bind the account to an onerous agreement where you willingly trade away some of your essential freedoms (no “frameworks” or libraries), they monitor your use of the account and revoke it if they like, and they arbitrarily control case-by-case access to the developer account as well as modulate its price to keep the “community” under control.
Developers working under agreement-laden regimes like this, whether with GPL source or not, are so effectively castrated and harnessed they’re basically employees (often unpaid) of the company with which they’ve signed the agreement.
Developers are constantly saying “but I just want to get work done,” and then finding themselves politically outmaneuvered.
Wow lol, it’s nice to see that there is another way for the Xbox 360 to break for gamers haha. hopefully Microsoft can do something about this or else this may become the next Xbox epidemic! 🙁
I also agree with scott opinion in this blog post if this homebrew things that related to Xbox are not stopped they will continue as epidemic.