Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Linux Software

Linux Running on Xbox Without Modchip! 282

NiteStar writes "It looks like people on xbox-scene.com and xboxhacker.net managed to run Xbox-Linux on a non-modded Xbox console. It requires no soldering at all - you don't even have to open up the Xbox. They are using an exploit in the saved game handling of the EA xbox game '007 Agent Under Fire'. It requires the original version of the 007 game and a memorycard you can connect to PC like the mega-X-key or datel's action replay. Apparently you can even build this memorycard yourself using a standard USB memstick." Frankly it seems like just soldering in the modchip would be easy, but big points for being clever!
This discussion has been archived. No new comments can be posted.

Linux Running on Xbox Without Modchip!

Comments Filter:
  • by matt4077 ( 581118 ) on Sunday March 30, 2003 @09:48AM (#5625956) Homepage
    So, does this qualify for the rest of the price money from that lindows founder?

    Anyway, i think they should award a price to the person that finds a good reason to run linux on a x-box.
    • hehe that says it all "That lindows founder" he wanted a higher profile out of this but no, he is still an unnamed guy
    • Re:price money? (Score:5, Insightful)

      by Lxy ( 80823 ) on Sunday March 30, 2003 @10:12AM (#5626018) Journal
      When the Xbox is yesterday's game console and you can pick it up at the pawn shop for $50, you'll be happy that it can run linux unmodded.

      Now, the real test here would be benchmarking UT or Quake on the Xbox against the Walmart Microtel PC. Everyone's whining about how stupid this is, that you can buy a PC for the price of an Xbox, etc, let's see some numbers. The Microtel stuff isn't designed for gaming, the Xbox is. If I can haul ass on UT on the Xbox, it was worth it.
      • Looks like someone forgot about the Dreamcast... How much do you want to bet when Xbox is yesterday's game console, everyone's mentality will be "Time to get Linux booting on Xbox!"

        • I bought a Dreamcast. I love my Dreamcast. It runs Linux and NetBSD. It plays ogg and MP3. It (poorly) decodes DiVX. It can emulate any game console before it. Oh, and did I mention that it does this all without modding of any kind? That *ANYONE* who can burn a CD can play NES, Atari, SNES, and even PS games on it?

          It was worth the $40 I paid for it. Every single penny.

          If an Xbox can do the same unmodded, it only opens up that much more. Play PS2 and N64 games? Probably. Play DVDs and DiVX flawl
  • by Call Me Black Cloud ( 616282 ) on Sunday March 30, 2003 @09:49AM (#5625959)

    Here's the announcement [xboxhacker.net] in a forum...
  • by watzinaneihm ( 627119 ) on Sunday March 30, 2003 @09:50AM (#5625962) Journal
    http://developers.slashdot.org/developers/03/01/04 /1522202.shtml?tid=156
    Looks like they are getting a lot of money .....
    And no breaking the RSA too...
  • by Anonymous Coward on Sunday March 30, 2003 @09:54AM (#5625972)
    Im buying an EA game, even if it does cure cancer.
  • by niom ( 638987 ) on Sunday March 30, 2003 @09:57AM (#5625977)
    you'd think they had already created every type of bug. Well, in colaboration with EA they've just developed a new type of bug: THE USEFUL BUG. Now where are all those bashers that say that Microsoft never invented anything new?
    • by Anonymous Coward on Sunday March 30, 2003 @09:59AM (#5625985)
      It's not a bug, it's a feature!
    • you'd think they had already created every type of bug. Well, in colaboration with EA they've just developed a new type of bug: THE USEFUL BUG. Now where are all those bashers that say that Microsoft never invented anything new?

      Sorry, EA is responsible for this one; you can't claim Microsoft invented it. Microsoft still hasn't invented anything new.
      • I beg to differ:
        There was no such thing as an email virus before microsoft email clients.
        • I beg to differ: There was no such thing as an email virus before microsoft email clients.

          That depends on what your definition of virus is. The goodtimes e-mail was going around before Microsoft even heard of the internet. While it didn't have a payload, the warning message being sent around endlessly was a sort of virus.

    • I've been taking note of when a system does something unexpected and putting it to "good use" since the 60's. It's a primary form of hacking. Many bugs, like this one, are useful, just not useful in a way the author intended or may have wanted.
  • Free... (Score:5, Funny)

    by elcairo ( 442870 ) <santonel@@@alice...it> on Sunday March 30, 2003 @09:57AM (#5625981) Homepage
    Free as in '007 Agent Under Fire'!
  • Very nice indeed (Score:4, Insightful)

    by Crashmarik ( 635988 ) on Sunday March 30, 2003 @10:00AM (#5625990)
    Its a real victory for everyone who feels that when you pay for something you own it, it doesn't own you.
  • Sweet! (Score:4, Funny)

    by xintegerx ( 557455 ) on Sunday March 30, 2003 @10:02AM (#5625993) Homepage
    Great news! This puts us that much closer to being able to run Linux on anything such as a PC! Oh, wait...

  • A bufferoverflow (Score:5, Informative)

    by rveno1 ( 470619 ) on Sunday March 30, 2003 @10:04AM (#5625997)
    ok all this is, is a buffer overflow exploit.

    a link to the code is:
    it is uuencoded

  • modchip easier? (Score:5, Interesting)

    by ironfroggy ( 262096 ) <ironfroggy@gm[ ].com ['ail' in gap]> on Sunday March 30, 2003 @10:13AM (#5626020) Homepage Journal
    And illegal. Don't be stupid, taco. The whole point of the non-mod xbox linux is that any other way is illegal in many places.
    • Isn't using a buffer overflow like this violating the DMCA or whatever?
      • Isn't using a buffer overflow like this violating the DMCA

        Absolutely not. Hacking your own machine isn't illegal (yet). And so long as you are not distributing a tool to circumvent a copy protection mechanism, you're not violating (that part) of the DMCA (Instructions are NOT a tool). And as long as no illegal copying of copyrighted material is happening, then you're not violating "traditional" copyright law. IANAL, but I don't see any violation here.

        --- Rich
        • Re:modchip easier? (Score:5, Interesting)

          by LordKronos ( 470910 ) on Sunday March 30, 2003 @11:22AM (#5626221)
          OK. So it needs a memory card that can connect to USB. This isn't a standard item. So instead of the modchip being the circumvention device, the USB memory card becomes one. Distributing the USB memory cards is now in violation of the DMCA.

          Of course, these memory cards seem more legit. They were created for a totally different purpose (supposedly, so are modchips, but the courts see through that argument). Perhaps these would at least stand a chance of being found legal. Then again, given how backwards this whole issue is in regards to the DMCA, I won't hold my breath.
          • Actually, their secret masterplan is to get every object imaginable in the USA banned under the DMCA by applying it in some access control breaking scheme, and so turn the USA into a third world country without anything! They've already succeeded with things like modchips, black markers. Post-it notes might be next, but first in line are USB memory cards!

            Oh wait, the copyright holders will still be able to use these objects, and thus the entire USA will be dominated by the Copyright Cartels!

          • Modchips aren't illegal because of the DMCA. They fall under the 'interoperability' exception.

            Modchips are illegal because they contain a snippet of copyrighted MS BIOS code that is used to boot the machine. Distributing this code is illegal under regular copyright laws, even in other countries without DMCA-like laws.

          • The memory cards are standard XBox parts, supplied by the evil empire itself.

      • Lemme see... 007 Agent under Fire is used to circumvent the XBOX copy protection mechanism.

        Tools that circumvent copy protection are of course terrorist^h^h^h^h^h^h^h^h a violation of the DMCA.

        Ergo: 007 Agent under Fire is illegal, since it is a tool to circumvent copy protection. Boy, I can't wait until EA is sued into oblivion ;-)

        Great. I love US law ;)
    • Also, don't forget that with a modchip you can't play on XBox Live. With this method, you don't have to worry about that.
    • It is not illegal to modify equipment you've purchased.
  • i'm dissapointed (Score:5, Insightful)

    by Neophytus ( 642863 ) on Sunday March 30, 2003 @10:15AM (#5626027)
    Having a read through the thread [xboxhacker.net] it was first doubted because he was a first time poster/newbie. They said he couldn't have because
    The Xbox-linux team are the most experienced and talented hacking team there is, and know more about the Xbox than everyone else, if there was such an easy hack they would have discovered it.
    I hope that he successfully claims his $100k, even if he didnt start the work.
    • by pla ( 258480 ) on Sunday March 30, 2003 @11:16AM (#5626204) Journal
      I hope that he successfully claims his $100k, even if he didnt start the work.

      Dissapointed? Why? Good for him! (Unless you meant "dissapointed in their closed mindedness", in which case I agree).

      When the Xbox-linux team, or CERT, or the FBI, or "Scientists" in general, or *any* group stops listening to outside input because they "know it all" and can do it "better than anyone else", their end has drawn near.

      I just find the quote you gave from the Xbox-linux list SOOOOOO offensive, and REALLY hope they fully appreciate the irony of this exploit coming from a newbie.

      Not to say I don't appreciate their work, but puh-lease... Suck it up and get some humility. When a group reaches the point that someone has to repeatedly whack them on their collective foreheads with a working demo to get them to even take a look, that group needs to pack it up and let others with a fresh perspective take over. End of story.
  • As the price of the xbox drops, i've been wondering what sort of uses a moded version running linux would could be used for. The only thing i can currently think of is as an mp3 player attached to my stereo, my figuring being that the xbox should have decent sound capabilty and an ethernet connection. The down side is that it has no form of UI so it would have to be controlled via the net, probably by a brower. Can anyone else suggest some practical uses for a linux-xbox?
    • Well, since it's linux, you could write a UI. There are pleanty available. Just have to write the IO portion to use the controller.

      My other thought is it could be used for a music video jukebox as well, and it could play movies.

      It might be time to go pick one up.
    • I'd use it to play back movies I record from TV on my desktop machine.
    • Makes a pretty cool emulator box. All the emulators coded for x86 linux. Lots of the emulators use x86 assembly for speed so you can't run them in ps2 linux without porting, but on xbox you can. With nice controllers, (yes I know xbox default controllers aren't nice) you have a mame/snes/etc box reasonably cheap. Much better than putting a PC in your living room, and building decent controllers, and finding graphics cards with good tv out quality under linux.
  • by worst_name_ever ( 633374 ) on Sunday March 30, 2003 @10:23AM (#5626045)
    I must say that this must be the best buffer overrun exploit I've ever heard of. I mean, usually tricks like that are used to add evil things to your system, not remove them. ;)
    • Re:Best exploit ever (Score:5, Interesting)

      by Phroggy ( 441 ) <.moc.yggorhp. .ta. .3todhsals.> on Sunday March 30, 2003 @12:42PM (#5626514) Homepage
      I must say that this must be the best buffer overrun exploit I've ever heard of. I mean, usually tricks like that are used to add evil things to your system, not remove them. ;)

      For awhile AOL was using a buffer overrun exploit in AIM to send code to the AIM client that would return a particular hashed value back to the server, which they would use to verify that you were really using their client, instead of something like Gaim or Trillian or Jabber. If the server didn't get the correct response, it would send you a message and disconnect you.

      To make a successful clone of AIM, you'd have to emulate the buffer overrun exploit AND generate the correct hash to return in response to their query (which I believe was a checksum of a certian part of the aim.exe binary - apparently this was a Windows-only exploit).

      Since several clients are working with the OSCAR protocol with few problems, I guess they're not doing this anymore? Anyway, I wouldn't call this the "best", since it's a somewhat evil thing to do, but certainly the most creative I've ever heard of.
    • So what sort of implications does this have on Microsoft's security model? Does this mean that X-box is only as secure as the most insecure game being distributed? (That is, could I also use this exploit to run an "patched" version of an X-box live game that lets me see through walls?").

      And if X-box is supposed to be a proving ground for Palladium and the security concious Microsoft, does the possibility of getting in via broken but signed apps have wider implications?

  • by FristPr0st ( 662486 ) on Sunday March 30, 2003 @10:36AM (#5626071)
    Here is the website which has the 007 saved games, a movie file, and instructions. http://kotisivu.mtv3.fi/vilz/unmod/ [mtv3.fi]
  • I'm guessing the "exploit" (Or creative hack, as the case may be) is making use of bootable memory-card saves, which seems a dumb thing to do in the first place, but eh, better for us.

    What I'm wondering is how exactly it works? I'm sure the bootable save is probably altered to boot linux as opposed to the game, but how'd they do it?

    Anyone have any _solid_ info?

  • by j3110 ( 193209 ) <samterrell@NOsPam.gmail.com> on Sunday March 30, 2003 @11:15AM (#5626199) Homepage
    Me thinks Cmdr-Taco has never tried to solder wires onto surface mount components with carpel tunnel or a triple latte without a good iron, magnifing glass, camera and robotic arms.

    It isn't easy... just hope those components are caps or resistors that aren't important. I would much rather use software than hardware... Now if only we could crack a key?
  • I was pretty skeptical at first, considering when I first saw the forum post, there was only like 6 replies, and all were negative. But, apparently it's real. Overall tho, it may be a cool trick, but it's not going to eclipse the major uses of modchips. Backups, flashing BIOS, addon BIOS, etc..
    /me surfs on over to ebay and orders up a $100 xbox =)
  • I Predicted This (Score:5, Interesting)

    by Euphonious Coward ( 189818 ) on Sunday March 30, 2003 @12:56PM (#5626567)
    Of course nobody modded it up, but I posted a plan [slashdot.org] for this approach back in February. I'm not claiming any credit, this guy did the work. Rather, everybody else should be embarrassed that they weren't working on it too.

    The next big advance will be somebody doing power consumption or timing analysis while the xbox is checking (bad) signatures, and teasing out the key a bit at a time. Then you will be able to sign anything you like. (Look up Markus Kuhn's papers.)

    • By the way... if MS was smart -- and they can afford to hire smart -- then each game will have been signed with a hundred different keys, and each Xbox will only know one of them, so that if you do figure out the key on yours, only one in a hundred other Xboxes will also have it.

      Once the key-extraction process is elaborated, for it to be very useful you would need to apply it to a whole farm of Xboxes -- assuming MS really did do the smart thing.

    • by Paul Crowley ( 837 ) on Sunday March 30, 2003 @06:01PM (#5628025) Homepage Journal
      You've missed the point of using a public-key signature checking algorithm. The Xbox doesn't have any secrets you can "tease out" by this or any other means - AIUI the key the Xbox uses to check signatures is already well known. You might as well do the signature checking on your own PC and do the timing analysis on that for all the good it'll do you.
  • holy crap! (Score:3, Funny)

    by tx_mgm ( 82188 ) <notquiteoriginal.gmail@com> on Sunday March 30, 2003 @01:26PM (#5626684)
    so there IS a use for that game! seriously, agent under fire is quite possibly the very worst FPS-style game EVER made, so i actually feel kind of bad that people (albeit a small group) actually has a reason to support such a piece of crap.
    but on the bright side, i think march's issue of computer gaming monthly has a nice guide for what you can do with your worthless game disc once you realize it is NOT to be placed in your console (or PC) ever, EVER again!
  • by pi_rules ( 123171 ) on Sunday March 30, 2003 @02:31PM (#5626964)
    I haven't followed the X-Box hacking projects out there, but if this is the first person to try a buffer-overflow on an existing certified game then I'll bet we're onto something here. With the plethora of games coming out that are coded under tight deadlines I'd imagine there's going to be a rather large number of buffer overflows found in stuff like this. The reading of a saved-game from the memory chip is a great one. I'd imagine you could do something similiar when games need to pull data from the hard drive too. On top of that, with things going online there's a high probability (in my mind) that buffer overflows will exist within the networking code.

    Now, there are two ways MS can entirely prevent this. One is to re-structure the X-box OS so that buffer overflows just cannot occur. There are theoritical techniques for this if I'm not mistaken; but nobody's got a horribly good reason to do this. MS does now I guess.

    Or, MS could do a security audit on all the code for a game before it comes out and verify that it's free of buffer overflows. Baahahaha!

  • Mega X-Key (Score:3, Informative)

    by savvy ( 8628 ) on Sunday March 30, 2003 @02:31PM (#5626965) Homepage
    http://www.xbox-saves.com/ [xbox-saves.com] is where you can find more info on the Mega X-Key mentioned in the article, and they also have the save needed to get linux going in their saves archive.
  • I'm a console fan -- not a console hacker. But I mentioned this to people I know who worked on console games a few years ago and they all said it was possible.

    The only way to protect against it is to provide an API for writing to the memory card/hard drive that closes off all possibilities for buffer overflows, and then lock out people from "programming the metal" directly.

  • by Psykechan ( 255694 ) on Sunday March 30, 2003 @02:42PM (#5627012)
    People are asking "Why Xbox Linux?" and others are responding with "Why not?", well I have a legitimate reason for wanting Linux on an unmodded Xbox.

    My Xbox is going back to MS as they have attempted to fix a problem several times and have so far been unsuccessful. This time, they're considering swapping systems for a new one, which I'm fine with except for one thing: Loss of saved games.

    They will not just swap drives as it would save them at least 5 minutes of work, so I will lose all of my info on the HD.

    With Linux running on my unmodded Xbox, I could possibly FTP the data elsewhere and restore it on the new system. This makes so much sense to me that I wonder why there is no way of doing it by default.

    Microsoft's idea is to purchase their Memory Units and backup this way. Problem is, since each Xbox comes with a hard drive, no developer tries to make the smallest possible size save file. I would need several MUs to backup my data. Plus, some files cannot even be copied to a MU which means they cannot be backed up at all.

    Some form of backup should exist to relieve this problem. I think that this could be it.
  • by iamacat ( 583406 ) on Sunday March 30, 2003 @03:23PM (#5627184)
    1. Release a game with buffer overrun
    2. Leak information to XBox-Linux community
    3. Profit!!!!

    They could even get the lindows.com award money if they did it right.
  • So I guess that kind of answers the question I asked in this post [slashdot.org] on whether Palladium will be as secure as they think or not.
  • New slogan (Score:3, Funny)

    by stud9920 ( 236753 ) on Sunday March 30, 2003 @04:47PM (#5627671)
    EA Games. Challenge DMCA !
  • by darqchild ( 570580 ) on Sunday March 30, 2003 @05:16PM (#5627808) Homepage
    The popular game "007: Agent under fire" was pulled from store shelves today, under threat of legal action from microsoft.

    The software was found to be illegal by the standards of the Digital Millenium Copyright Act, in that it allowed users to potentially run bootleg computer games.

    Microsoft's decision was backed firmly by the RIAA, MPAA..
  • Not quite... (Score:2, Informative)

    by boola-boola ( 586978 )
    "Frankly it seems like just soldering in the modchip would be easy, but big points for being clever!"

    This depends on whether or not you are actually good at soldering. I for one have destroyed many PSX's in the past due to my clumsiness. Regardless, CT forgot one important fact: if you mod your XboX, you will _permanently_ (well, without some creative hacking and another Xbox, which, in having one already defeats the purpose) lose the ability to use Xbox Live, as the Xbox's unique,internal serial numbe

    • It's not permanent, and 'creative hacking' is limited to cutting a modchip wire or unseating the modchip itself. (Those guys that thought it was a good idea to just overwrite Microsoft's own BIOS might have a harder time, though.)
  • Money? (Score:3, Interesting)

    by sconeu ( 64226 ) on Sunday March 30, 2003 @07:02PM (#5628252) Homepage Journal
    So do these guys get the prize? Wasn't there a cash prize for Linux without a modchip?

Logic is a pretty flower that smells bad.