Xbox updates itself without permission

By Julio Franco
Sep 16, 2003
  1. According to reports, Microsoft has started automatically updating Xbox game consoles with a new version of the Dashboard software. When users use "Xbox-Live", the feature of the Xbox that lets you play against other people on the Internet, the Xbox will also download some bug fixes without asking you.

    The Xbox games do have a warning on them that connecting to the Xbox Live Vole Service may update your Xbox, however.
    The particular bug that this update will correct for the user is the ability to run Linux. Once the update is in place you will not be able to install Linux on your Xbox any more, at least not in the convenient way that the Dashboard bug allowed, according to the XboxLinux pages.

    Read more: The Inquirer.
  2. aoj145

    aoj145 TS Rookie Posts: 82

    Microsoft is upfront with the Live service in their Terms Of Service that they can update your system:

    Xbox Live may only be accessed with an unmodified, except for Microsoft authorized repairs and upgrades, Xbox video game console. Any attempt to disassemble, decompile, create derivative works of, reverse engineer, modify, further sublicense, distribute or use for other purposes either the hardware or software of this system, is strictly prohibited and may result in termination of your account and/or your ability to access Xbox Live via your Xbox, and the pursuit of other legal remedies by Microsoft. Microsoft may take any legal action it deems appropriate against users who violate Microsoft's systems or network security, and such users may also incur criminal and/or civil liability.

    Microsoft reserves complete and sole discretion with respect to the operation of Xbox Live. Microsoft may, among other things: (a) restrict or limit access to Xbox Live; (b) retrieve information from the Xbox used to log onto Xbox Live as necessary to operate and protect the security of Xbox Live, and to enforce this Agreement and (c) upgrade, modify, withdraw, suspend, or discontinue any functionality or feature of Xbox Live or any game from time to time without notice, which may involve the automatic download of related software directly to your Xbox video game console, and which software may prevent your Xbox from accessing Xbox Live. Microsoft has no obligation to maintain any content or services, and has no responsibility or liability for the deletion, loss, corruption or failure to store any messages, software or other information or content maintained or transmitted by or through Xbox Live.
  3. Per Hansson

    Per Hansson TS Server Guru Posts: 1,958   +215

    This was to be expected...

    However I am sure that the program on the X-Box that does this check will soon be found and you will be able to delete it...

    As a side note I and a friend did the so called "harddrive hot-swap" and installed another dashboard allowing the X-Box to run unsigned code... Very convenient... However since we did not update the BIOS (doing so requires soldering a wire to the mainboard) we need to "make use of" a bug in the X-Box to engage the other dashboard... It is this bug microsoft fixes, however I would assume that since we did a backup of the harddrive it would be so simple as to restore that to be able to "use" the exploit again... I.e. I only think this updates the software on the harddrive, not the BIOS... Therefore it should be quite simple to bypass this update and make use of the old exploit again...

    Ask you this question: Has MS ever managed to fix a security hole without creating a new one or not fixing the original one properly? DCOM is a good example of that ;-)
  4. Per Hansson

    Per Hansson TS Server Guru Posts: 1,958   +215

    *Cough* no-one heard me saying this *Cough*

    1: Do a backup of the original X-Box harddrive
    2: Go to live update and let it update away
    3: Now do another backup
    4: Compare what was changed
    5: Post back your results
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...