Xtreme firmware detection

[MacDennis]

Ok, we all know there are ways to determine if a disc is pressed or not. The real question is: Why hasn't a game company (or any other) ever enforced a security check based on this lead-in type disc information?

They did this with xbox1 game, no reason to expect they won't do this with x360 discs.

I think the answer is that it isn't very practical to maintain a database of this information, and not foolproof either... You'd be spending money on a quick fix,

Wrong. Some of the data in the physical format data will never change. It will be the same for each and every disc but will be different on a backup.

As far as checking video data, I don't see that either. What if your disc is scratched on the video partition? Now you can't play the GAME!?

It pretty hard to only scratch the video partition and not the game partition ..

I mean it's possible, and I know that is really what the thread is about, but I don't see it as probable. Especially since we could just inject the proper video partition into our ISO's and be back up and running in like 2 hours.

True.

@fastrack: I agree, I thought about that too. You can't really spoof a checksum, if the controller reads the entire firmware and calculates it, it calculates it.

Wrong. The firmware itself hosts the upload / download of the firmware and also the checksum routines.

You'd have to hack the controller to report the valid checksum, probably not happening!

Because it's a non-issue.

But as also mentioned, each drive has it's own checksum, since each firmare is unique to the drive/mobo marriage. Checksum verification is also unlikely imo.

Wrong. The unique key is not included in the checksum calculation.

I highly doubt we will ever see MS$ flashing our drive firmware either. This isn't a PSP.

Agreed.

They also will not change the flash chips on new drives, they need the flash, they have to "marry" the drives to the mobos, chip needs to be writeable!

Agreed.

We are talking about MS$ putting more time/$/security against things that have been in the ATA/IDE specs for years. If they implemented more security via this route, they'd just be asking for another hacker to expose the flaws in this underlying PC technology. This tech was not designed for security! I'm betting they don't even bother, and just block Live access...

Agreed.

One thing we do know. The expected Live update is LATE. MS$ is usually good about releasing on time, so my guess is that they are working on "last minute additions" 

Yes, it's suspicious.

[ghost]

Quote from: Feflicker on Today at 01:12:56 PM
"I highly doubt we will ever see MS$ flashing our drive firmware either. This isn't a PSP."
I think they will, it is possible for them and I see no reason for them not to if updates are needed.


Quote from: Feflicker on Today at 01:12:56 PM
"They also will not change the flash chips on new drives, they need the flash, they have to "marry" the drives to the mobos, chip needs to be writeable!"

Ask your self why the dvd drive has this marriege key,

[Feflicker]

@MacDennis:

They did this with xbox1 game, no reason to expect they won't do this with x360 discs.

I was unaware of any security that the Xbox1 had that the 360 does not in terms of disc validation. I thought this was basically the Xbox1 authentication scheme with minor tweaks?

It pretty hard to only scratch the video partition and not the game partition ..

Really? I thought it was a fairly vast range of sectors, covering a large area of the first layer... You know more about the disc layout then I do, so I'll take your word for it though 

Wrong. Some of the data in the physical format data will never change. It will be the same for each and every disc but will be different on a backup.

I was referring to media information, such as manufacturer, etc. You are correct though, there could be some "constants" they could attempt to key in on... As I think about it more, they could take the opposite approach too. Ban media they KNOW should never work, like Ritek, Verbatim, etc. We know there are lists of these media codes out there, since some burners etc. are locked to only use "preferred" media.

Wrong. The unique key is not included in the checksum calculation.

I was under the impression that it was, since we patch it in the actual dump before flashing it back to the drive. My understanding was that it would read the entire firmware (like a dump) and calculate the checksum. However, you imply that is not the case, and that there is more "intelligence" behind the calculation, such as controller logic deciding which areas of the firmware to include in the calculation. That may be the case, I just didn't understand it that way.

@ghost:

I think they will, it is possible for them and I see no reason for them not to if updates are needed.

Just becuase it is possible doesn't mean they will. The reason they won't: The jackass kids who turn their console off during an update because "it is taking too long", etc. What about power outages too? Too many variables if you ask me...

Ask your self why the dvd drive has this marriege key,

So that you cannot switch drives if your drive goes bad and you HAVE to get your Xbox360 serviced by a MS$ authorized repair shop (can you say income stream $$$?)? I don't understand the question's relevance, I am missing your point 

[Interloper]

One thing we do know. The expected Live update is LATE. MS$ is usually good about releasing on time, so my guess is that they are working on "last minute additions" 

Yes, it's suspicious.

Suspicious indeed. We know pirates, ppl who make legit backups, and ppl who just hack the $#!t for fun all exist. They know the pirates will always be pirates, however this time they're actually making money on the them using Live. Its hard to really decide how to justify this one. You must think like a money-hungry whore, then you'll see the light. Any accountants slash/ laywers here?

And no, I also agree there won't be a flash flush on M$ end.. at least any time soon. They're sure to play hardball this time (must make an impression, as they don't particularly like being taken for fools -like with the xbox1)







.

[Feflicker]

Something else to think about, in terms of hacked dvd firmware via checksum/hash, etc: There are currently 2 drives out there, and with varying versions of firmware. MS$ would have to account for all of them, as well as the fact that when new drives are added (LiteOn, etc) the software will have to be updated AGAIN to include these... Just another reason against MS$ going this route imo...

[Arakon]

as I said before on that topic, there's a total of 6-8 different bios versions for the xbox 1 and they ALL are supported by MS's live banning. it's not a problem at all to support a couple of firmware versions.

[Feflicker]

as I said before on that topic, there's a total of 6-8 different bios versions for the xbox 1 and they ALL are supported by MS's live banning. it's not a problem at all to support a couple of firmware versions.

Understood. The thing is though, in the case of Xbox1/Live, these were stored on a MS$ Live server, and did not need to be maintained/updated within actual games or the dashboard. So when a new bios revision came out, MS$ updated its internal server. There weren't millions of Xbox's that required a dash update, or a game update, etc.

Again, we don't know how exactly a solution will be implemented, but if it is client-side you can see where this method could be messy...