Microsoft's 'unhackable' Xbox One has been hacked by 'Bliss'(tomshardware.com) |
Microsoft's 'unhackable' Xbox One has been hacked by 'Bliss'(tomshardware.com) |
Who believes that ?
Yeah Apple does have "secure enclave" on some devices, and maybe in many cases it would wipe itself before you got in, but maybe that just means a more careful-hand is needed? (Again, physical access and extreme care/caution when debugging/investigating the chip should work eventually I think!) - I am not a hardware hacker, just have read about it quite a bit!
This talk about some of what went into it is fascinating: https://youtu.be/quLa6kzzra0
In many cases the truth is simply that its not worth the time/effort to hack it, so only the most dedicated perverts(with a positive connotation) keep trying.
Obviously nothing is ever unhackable, not even Fort Knox, given infinite time and resources, and Microsoft never made such claims, this is just media editorializing for clicks and HN eating the bait, but Xbox One was definitely the most unhackable console of its generation. Case in point, it took 13 years of constant community effort to hack a 499$ consumer device from 2013. PS4 and iPhones of 2013 have also been jailbroken long ago.
Therefore, even the click-bait statement with context in relative terms is 100% correct, it truly was unhackable during the time it was sold and relative to its peers of the time.
Can you attempt to quantify this effort in comparison to other game consoles? I'm not very familiar with the Xbox scene, but I would assume that there was a lot less drive to achieve this given that Xbox has never really had many big exclusive titles and remains the least popular major console (with an abysmally tiny market presence outside of the US).
As an aside, I wonder if Microsoft's extra effort into securing the platform comes from their tighter partnership with media distributors/streaming platforms and their off-and-on demonstrated desire to position the Xbox as a home media center more than just a gaming console.
Literally unhackable? XD
Secondly, this is HN, not some generic town corner shop newspaper. It's assumed the readers who come here often and comment with no green profiles, have at least some basic technical know-how that nothing is ever unbackable, least of all a console from 2103, and therefore process information through that context lens, instead of feigning complete ignorance and arguing from the false pretext they gobbled up from editorialized titles created by slop journalists.
Pedantic: I'm sure somebody would have snickered about "unsinkable" if the Titanic sank after 10 years. Pragmatic: if the "unsinkable" Titanic lasted 10 years (or at least to profitability) before being sunk by people intending to sink it, that might certainly count as being "unsinkable" for the time it hadn't sunk.
Hubris: Titanic was claimed to be unsinkable before it was launched.
The person who hacked the original Xbox wrote a book on the topic, which they've since made free: https://bunniefoo.com/nostarch/HackingTheXbox_Free.pdf
TF are you on about? The xbox one of 2013(competitor of the PS4 who got hacked long before) had a ~46% market share in the US and ~35% globally. Hardly insignificant. And any Microsoft Product, even those with much lower market share, attracts significant attention from hackers since it's worth a lot in street-cred, plus the case of reusing cheap consoles as general PCs for compute since HW used to be subsidized. And of course for piracy, game preservation and homebrew reasons.
I again tap the sign of my previous comment, of uring people to stop jumping the gun to talk out of their ass, without knowing and considering the full context.
Google Gemini
> They don’t match up with any numbers I’ve seen, and in fact look ludicrously unrealistic.
Well can you post your numbers and sources, or are we supposed to read your mind?
So I replaced the NAND by soldering in an SD card, got it working again, and put it back in its box until I decide I need to play Wind Waker again.
I don't come here to argue with an LLM. Use your brain and ability to research if you want to argue with me.
And this explains why it's stayed unhacked so long. There was very little incentive to hack the system when the games are all playable on a PC. Pirates, cheaters, archivists, and hackers could just go there. Microsoft's best security measure was making something nobody cared enough about to hack in the first place
There's a great presentation by Tony Chen on the Xbox One's security features:
> https://www.platformsecuritysummit.com/2019/speaker/chen/
Examples of the kinda software you can put on the Xbox One in developer mode:
A lot of the early hacking focused on trying to breach the hypervisor from otheros. The hypervisor turned out to be quite secure, people smashed their heads against it for years until it finally fell to a memory glitching attack.
But turns out it was so much easier to just attack gameos with a USB exploit. The hypervisor did nothing to prevent it, and would then just decrypt games for you (because gameos was trusted)
The proof in the pudding of this will be when the Nintendo Switch 2 reaches 2035 with no cracks. That's my prophecy; that this time around the cat actually will catch the mouse. Between NVIDIA's heavily revised glitch-resistant RISC-V security architecture and Nintendo's impeccable microkernel, there's nowhere left to hide. DRM may turn out to have been a very slow long battle to "victory," not a "this will always be defeated."
Instead, they keep stripping stuff off the console. I'm still so annoyed that PS5 doesn't even have an integrated web browser anymore (especially trying to troubleshoot network issues from the console itself).
But hey, Sony can leave bullshit exploit vectors open like PPPoE clients on the console itself (why? just use a router?)...
My series x, combined with gamepass, is by a very large margin the most at-home-entertainment bang I have gotten for my buck.
Before then I had what could be regarded as a "vintage" gaming PC: 1st gen i7 (nehalem?), a gts 450 and some amount of ram. An upgrade (read: full replacement) was desperately needed. This was in the middle of the crypto gpu boom, so a decent GPU alone would've wiped my budget. I settled for an xbox as it was cheaper than a ps5.
I've always seen myself as part of the pc master race, and thought consoles to be very limited. But man, it just worked, the games just worked, and gamepass made it all a total steal.
Even now, when our 3 month old baby is settled for the night, me and my wife's preferred entertainment is a session of bg3 over watching tv.
Doing the math i can't find this to be true. As some one that has honed my taste in games, and have a large steam library, I don't spend as much money on games as game pass cost.
Seemed a credible comment till that point! (/s)
Congrats :-)
I get what this essentially means, but for those of us with a certain amount of love of language (or pedantry), it's fascinating to try and parse this literally because I don't quite think it works as intended.
Clearly the intended meaning is something like eclipsed in quality. And it may be overlapped in the sense that the same games are separately available on PC. But overlap isn't a relation of quality; quality is generally better or worse when it's comparative. So it's like a smushed together way simultaneously saying the selection of games on Xbone overlaps with what's available on PC and is also better quality on PC.
examples:
The 2013 system’s game library is largely overlapped, in better quality, on the PC platform.
The 2013 system’s game library is largely overlapped (in better quality) on the PC platform.
One of the reasons the Wii U was slow to be hacked was because Android TV boxes had come along plus things like Ouya/Nvidia shield, and it basically took away a lot of demand for a console turned into TV unit to use hacked software.
It still happened but not so quiclkly. Not like the original Wii which didnt really have much similar to it at the time.
Not the same as emulating its titles, but a lot of interest in the Xbone/series line (outside of actual console users) is the dev accounts. So I imagine a lot more effort went there first.
Then I'll finally hook up the XBOne I have again and put it to some use on the downstairs TV. I already have a 'retired' PS4 filling similar role on the upstairs TV (although it must stay offline to remain 'liberated').
Minecraft: Xbox One Edition (the Legacy version) was of keen interest to our community as it would be playing LCE natively on a PC if you used a compatibility layer which never happened before.
So a few of my LCE cult friends contributed to WinDurango which was pretty much dead before they joined, and got Minecraft: Xbox One Edition to work.
Of course, you'd ask "why don't you just play Minecraft on PC normally?" Legacy Console Edition has so many minute differences and details that it's impossible to discuss all of them--things as big as the Minigames and as small as the mipmaps.
And then LCE source code from 2014 got leaked and that had a native PC port. Oh well.
The parenthetical is not needed. It is OK to call Wine an emulator. The "Wine Is Not an Emulator" thing came about later and was essentially a marketing change. How it came about is interesting.
The first suggestion to change the meaning of the word from a shortening of "windows emulator to the not an emulator backronym was in 1993 over concern that "windows emulator" might run into problems with Microsoft trademarks, but no action was taken.
Over time the not an emulator usage became an accepted alternative. The Wine FAQ in late 1997 for example said:
The word Wine stands for one of two things: WINdows
Emulator, or Wine Is Not an Emulator. Both are right.
Use whichever one you like best.
This is release 981108 of Wine, the MS Windows emulator.
This is release 981211 of Wine, a free implementation of
Windows on Unix.
1. Wine was useful for more than just running Windows binaries on Unix. It could also be used as a library you could link with code compiled on Unix as an aide to porting Windows programs to Unix.
2. Hardware emulators that emulator old systems like GameBoy or Apple II had become popular. Many people were only familiar with that kind of emulator, and those (the emulators, not the people!) tended to be slow.
That was fine when your emulator is running on a machine with a clock speed 300x that of the machine you are emulating and that has a much more efficient CPU, but when you tried to use a hardware emulator for something comparable to your machine it was usually unbearably slow.
People only familiar with such hardware emulators might see Wine described as a Windows emulator and think it was doing hardware emulation and not even give it a try. By dropping calling it an emulator Wine sidestepped that problem.
Maybe that's what they're trying to achieve with Windows as well.
The people that MS hired to make and break this were top notch, and there is definitely incentive to maintain control over a content platform. This dude has been at this for /years/. I’ve been a fly on the wall on all sides to observe this.
There has been a lot of interest in underground / pirate communities to hack this, but that’s not the only reason why people hack things.
Irl noop and forced execution control flow to effectively return true.
B e a utiful
I wonder if, assuming they continue making Xbox, they find a way to mitigate this in the next generation.
It sounds like that's the plan:
https://news.xbox.com/en-us/2026/03/11/project-helix-buildin...
I understand it's still more than most console makers do, having dev mode at all, but it's maddening to me that Microsoft made dev mode so annoying and limited. I'd honestly just rather a hack be available so we have the option of using the entire memory or repurposing banned consoles.
This was all after the DMCA was in effect. I don’t think that will stop this sort of activity.
The Xbox uses a very advanced variant of the same technologies that also exist on smartphones, tablets and Secure Boot enabled PCs. When fully operational the Xbox security system prevents any unsigned code from running, keeps all code encrypted, proves to remote servers (Xbox Live) that it's a genuine device running in a secure state, and on this base you can build strong anti-piracy checks and block cheating.
The Xbox has several processors and what follows applies to the Platform Security Processor. When a computer starts up (any computer), the CPU begins execution in a state in which basically nothing works, including external communication and even RAM. Executions starts at a 'reset vector' mapped to a boot ROM i.e. the bytes are hard-wired into the silicon itself and can't be changed. The boot ROM then executes instructions to progressively enable more and more hardware, including things like activating RAM. Until that point the whole CPU executes out of its cache lines and can't use more memory than exists on-die.
Getting to the state where the Xbox can achieve all its security goals thus requires it to boot through a series of chained steps which incrementally bring the hardware online, and each step must verify the integrity of the next. The boot ROM is only 19kb of code and a few more kb of data, and can't do much beyond just activating RAM, the memory mapping unit (called MPU on the Xbox), and reading some more code out of writeable flash RAM. The code it reads from flash RAM is the second stage bootloader where much more work gets done, but from this second stage on it can be patched remotely by Microsoft. So if bugs are found there or in any later stage, it hardly matters because MS can issue a software update and detect remotely on Xbox Live servers if that upgrade was applied, so kicking out cheaters and pirates. The second stage boot loader in turn loads more code from disk, signature checks and decrypts it, sets up lots of software security schemes like hypervisors and so on, all the way up to the OS and the games.
Therefore to break Xbox security permanently you have to attack the boot ROM, because that's the only part that can't be changed via a software update. It's the keys to the kingdom and this is what Markus attacked. Attacking the boot ROM is very, very hard. The Xbox team were highly competent:
• Normally the bringup code would be written by the CPU or BIOS vendors but MS wrote it all in house themselves from scratch.
• The code isn't public and has never leaked. To obtain it, someone had to decode it visually by looking at the chip under a scanning electron microscope and map the atomic pictures to bits and then to bytes.
• Having the code barely helps because there are no bugs in it whatsoever.
So, the only way to manipulate it is to actually screw with the internals of the CPU itself by "glitching", meaning tampering with the power supply to the chip at exactly the right moment to corrupt the state of the internal electronics. Glitching a processor has semi-random effects and you don't control what happens exactly, but sometimes you can get lucky and the CPU will skip instructions. By creating a device that reboots the machine over and over again, glitching each time, you can wait until one of those attempts gets lucky and makes a tiny mistake in the execution process.
Glitching attacks predate the Xbox and were mostly used on smartcards until the Xbox 360, which was successfully attacked this way. So Microsoft knew all about them and added many mitigations, beyond "just" writing bug free code:
1. The boot ROM is full of randomized loops that do nothing but which are designed to make it hard to know where in the program the CPU has got to. Glitching requires near perfect timing and this makes it harder.
2. They hardware-disabled the usual status readouts that can be used to know where the program got up to and debug the boot process.
3. They hash-chain execution to catch cases where steps were skipped, even though that's impossible according to program logic.
4. They effectively use a little 'kernel' and run parts of the boot sequence as 'user mode' programs, so that if sensitive parts of the code are glitched they are limited in how badly they can tamper with the boot process.
And apparently there are even more mitigations added post-2013. Markus managed to bypass these by chaining two glitch attacks together, one which skipped past the code that turned on the MMU, which made it possible to break out of one of the the usermode 'processes' (not really a process) and into the 'kernel', and one which then was able to corrupt the CPU state during a memcpy operation, allowing him to take control of the CPU as it was copying the next stage from flash RAM.
If you can take control of the boot ROM execution then you can proceed to decrypt the next stage, skip the signature checks and from there do whatever you want in ways that can't be detected remotely - however, the fact that you're using a 2013 Phat device still can be.
BTW, what would be the specs for a Xbox 360? I remember the PS3 was a rather limited Linux workstation because it lacked RAM (and tge hypervisor limited access to the GPU - a limitation gone when jailbroken), but I haven’t read much about the 360 and its own weird PowerPC.
If kilobytes of storage and very limited computing power works for your use case, you can get very secure (smartcards and secure elements remain essentially undefeated at the hardware level; all attacks I know happened via weak ciphers).
For an entire current-gen gaming console, you'll have a much harder time.
Hardware you own should be yours to understand.
https://github.com/exploits-forsale/collateral-damage
What's new here is that this compromises the entire system security giving access to the highest privilege level.
I didn't ask but Emma -- who wrote the kernel-mode exploit -- and I would probably agree that Collat is not really what we would consider a proper hack of the console since it didn't compromise HostOS. Neither of us really expected game plaintext to be accessible from SRA mode though.
I think it was tuxuser, Torus, and Billy(?) who accomplished that. Hopefully not forgetting anyone critical.
If hacking the xbox goes wrong, the hacker will short out the console. If hacking Azure goes wrong, the hacker will get shot.
Secure boot that can't be controlled by the user should be illegal, though. You should get some secret code along with a device, that allows you as the buyer to tamper with it. So much hardware out there can just serve as something else, or can be supported by people on a voluntary basis, sans the completely arbitrary lockdown of ability to install your own code to the device.
For something like a game console, that’s annoying, for a phone or laptop, that’s highly desirable if something like a TPM bug is fixed, without efuses the system would forever be vulnerable.
It's a double-glitch. The second glitch takes control of PC during a memcpy. The first glitch effectively disables the MMU by skipping initialization (allowing the second glitch to gain shellcode exec). (I am also skipping a lot of details here, the whole talk is worth a watch)
This talk https://www.youtube.com/watch?v=BBXKhrHi2eY indicates that others have had success doing this on Intel microcode as well - only in the past few months. Going to be some really exciting exploits coming out here!
The xbox does have defences against this, the talk explicitly mentions rail monitoring defences intended to detect that kind of attack. It had a lot of them, and he had to build around them. The exploit succeeds because he found two glitch points that bypassed the timing randomisation and containment model.
Its more that its really hard to do security when the attacker has unlimited physical access.
It is know as voltage glitching. If you're interested our research group applies to Intel CPUs. https://download.vusec.net/papers/microspark_uasc26.pdf
And if you predict the next dozen bizarre things someone might try, you both miss the thirteenth thing that's going to work and you make a console so over-engineered Sony can kick your ass just by mentioning the purchase price of their next console. ("$299", the number that echoed across E3.)
It's reassuring that the owner of a device will always own it, in the end.
Defend against it one way by voltage monitoring or physical intrusion detection, and another way by droop and such detection and countermeasures on the device. Both probably just increase the cost of hacking it by some orders of magnitude, but that may be enough.
You can do things like efuses that basically brick devices if something gets accessed, but that becomes a matter of whether the attacker falls for the trap.
Extremely impressive feat nonetheless!
I think the security team would call their mitigations a success.
Has anyone heard of notable earlier examples?
So, the only way to manipulate it is to actually screw with the internals of the CPU itself by "glitching", meaning tampering with the power supply to the chip at exactly the right moment to corrupt the state of the internal electronics. Glitching a processor has semi-random effects and you don't control what happens exactly, but sometimes you can get lucky and the CPU will skip instructions. By creating a device that reboots the machine over and over again, glitching each time, you can wait until one of those attempts gets lucky and makes a tiny mistake in the execution process.
Considering that the PSP is a small ARM processor that presumably takes up little die space, would it make sense for it to them employ TMR with three units in lockstep to detect these glitches? I really doubt that power supply tampering would cause the exact same effect in all three processors (especially if there are differences in their power circuitry to make this harder) and any disrepancies would be caught by the system.
I was going to say I disagreed but the rest of your comment reminded me that I've accumulated a lot of domain-specific knowledge.
The hard work comes after this though. There are lots of software level mitigations MS could use to keep the old devices usable with Xbox Live if they really wanted to. Just because you can boot anything you want doesn't mean you can't be detected remotely, it just makes it harder for MS to do so reliably. You'd be in a constant game of catch-up.
Eventually Fort Knox will succumb to the unrelenting arrow of time and some future visitors will simply step over the crumbling wall and into the supposedly "secure" area.
a) this was a security win. millions and millions of people had physical access to the device for over a decade
b) as others have said, security is not all-or-nothing. the xbox one is extremely secure, despite not being perfectly secure.
c) just because something eventually gets hacked does not mean security was pointless. delaying access is a perfectly reasonable security goal. delaying access until the product is retired and the successor is already out on the market is a huge win.
This console went completely unhacked for 12 years, with this coming a solid 4 years after the hardware was discontinued. They kept piracy off the console for its whole lifespan, which was the entire point of these security measures. This is a massive success for the Xbox security team.
I have even heard of a major cloud service mandating absurd earthquake-proofing (to prevent any movements inside the datacenter and triggering an HSM reset) but I cannot find any verification regarding this (maybe this is ultimately an urban legend).
I think if I were forced to relocate my subscription and pay the full real price (€30/mo), I will probably cancel and buy a €90 game evey quarter or something.
Indie games are cheap and most AAA titles go on sale within six months, which is fine because I usually don't play them day of launch.
Then there's the issue with gamepass games not working on my system. It's the only platform where I've had consistent issues getting games to run. Even free games like fortnite, were bundled with the wrong anticheat.
Low-voltage detection is usually implemented as simple comparator which should trigger instantly, but often only on a single Vcc pin, and due to the decoupling caps found on a typical circuit design there is effectively an RC circuit that filters short fluctuations of supply voltage. So most low-voltage detection implementations only trigger on 'longer' periods of low voltage.
Traditionally low-voltage detection features (like brown-out detection) are there to guarantee functionality of the uC itself or the device the uC controls. It is typically not intended as a defence measure against these types of attacks. In fact, 15 years ago it may not have been much of a concern.
it means like "full understanding", like complete.
Does the name now make sense, considering!?
It's a moot point, they are not trying to prevent it. They only need to buy enough time to sell games in the lifespan of the hardware, which they did.
> all the security they can economically justify...
It seems like they did a perfect job, it lasted long enough to protect Microsoft game profits.
But this exploit shows that it's still almost impossible to protect yourself from motivated attackers with local access. All of that security stuff needs to get initialized by code that the SoC vendor puts in ROM, and if there's an exploit in that, you're hooped.
You can extract the message the user entered/received BEFORE/AFTER the en-/decryption. eg. a keylogger, a screencapture, extracting memory from the processes, just recording the screen from behind the user, ...
seems like everyone that made racing games went a little nuts around the same time...
Some people like trying to perfect their technique running the same track over and over, while others just want to drive cool cars really fast. So MS wisely split the game to address those two core markets.
Also I just thought of this but it should be possible to design a chip where the second processor runs a couple cycles behind the first one, with all the inputs and outputs stashed in fifos. This would basically make any power glitches affect the two CPUs differently and any disrepancies would be easily detected.
We need to catch up on this because the people who know how to use language for propagandizing don't have the best intentions in mind.
But using the original term is not enough. We need to combat their word-twisting by upping them. We need a way to convey "their way of installing stuff by default is inferior and an attack on liberty".
Something like:
- direct install: installing as we always did
- caged install: installing through a locked store.
Maybe somebody better at marketing can find a good way to do this. In fact, we should have a whole site and community to organize together and shift the narrative on all nerdy things: formats, open web, DRM, patents, etc.
We have been weak on these points for so long because we care much more about solving tech problems than selling them. But openness is being eaten away under our noses. Has been for years.
That said, I do think words matter and I always point out that the reason these systems are locked down is because of Digital Restrictions Management. I also refuse to buy anything from Sony because they changed their mind about letting me install linux on the PS3.
I just think side loading is good way to describe installing custom software on a non-general purpose computer, and that not every computer needs to be general purpose. It's significantly better than the previous terms of hacking, cheating, stealing, and voiding your warranty.
When I think of "install" I think of general purpose OSes which can install software from almost any source no questions asked, or use the native out of the box support for software installations.
The similar distinction exists with android and iOS, and is probably why the term is popular in those communities too.
If nothing else, the term sideload makes very clear on platforms with native appstores or locked down distribution channels (consoles, phones...) that the install did not come from the native channels. Installs from game discs or the xbox store are inherently different from developer mode software and using the same term "install" for both disguises this fact.
It took more than a decade to exploit this vulnerability and even then there are fairly trivial countermeasures that could have been used to prevent it (and that are implemented in other platforms.)
Nothing is unhackable, but it requires a very peculiar definition of "game over".
(And as others have pointed out: only early versions of this Xbos One where vulnerable to this attack.)
When it comes to SOC security, the past is not a good predictor of the present. The previous Nintendo SOC was designed 15 years ago. A lot has been learned since. It's become increasingly harder to bypass these mechanisms.
The fact that it took 13 years to hack the Xbox One is not because it's not an attractive platform: because of its high profile, it has been a popular subject for security research grad students from the moment it was released. And if anything, the complexity of the current hack shows how much SOC security has progressed over the years.
If your argument is that you can't hope to close every door, then AI will make it easier to close all the doors in the future.
AI could also make it easier to open the doors too.
Windows stopped feeling like it meant PC a long time ago, and there's a major risk of the whole Xbox identity disappearing into the PC computing. Probably a conversation for another day but when everything is an Xbox, nothing is an Xbox, and when an Xbox is a PC it might as well be fading away Marty McFly style from our plane of existence.
I suppose what would really impress me is a Roku-style omnivore approach that gives a first class console-style experience and interface to Epic, Steam, Itch.io, GOG and of course Xbox.
It's not automatic or perfect but it does work.
A common failure is the controllers. It’s hard to get a combo of OS stack, Bluetooth chip, and controller that Just Works like they do on consoles. Something always needs fiddling-with.
Video or audio out are also often a problem. Glitched audio or audio mode-switching, trouble switching video modes, screwed-up HDR, all kinds of stuff. Maybe fine on your monitor with headphones. Not fine on a TV or projector with 5.1+ audio receiver.
The UIs also bug out or crash more often, and usually aren’t that great at being a TV UI in the first place (even Steam IMO is worse than most consoles, as far as the Big Picture UI)
It also gives devs a stable target with a known market, which is nice for both the devs and the owners of the devices.
This kind of already exists with the "Deck Verified" label on Steam games.
That said, this sounds similar to Valve's upcoming Steam Machine and I'd much prefer that to be the standard console/PC hybrid to keep the Linux gaming momentum going, and perhaps one day I can ditch Windows for good.
Microsoft can also hopefully target a smoother user experience than a typical windows PC provides. They want this to be a valid console competitor, but just slapping xbox brand on a windows PC isn't enough to do that.
Having a first party hardware device to target for PC games can also help devs with having a clear performance target for PCs, similar to how the Steam Deck is currently a minimum spec performance target for a lot of games.
1. Console-like living room ready experience. It's surprisingly hard to get a PC made with off-the-shelf parts to integrate cleanly with a home theater system (think features like HDMI CEC, One Touch Play, etc). A custom SoC can solve this, something we are seeing Valve also do with the Steam Machine.
2. As the target hardware for basically all Xbox games, end-users who don't want to fret over system specs can easily just buy this and know they are getting the intended experience.
Whether that's enough to move units remains to be seen.
But the really nice thing about the concept of treating a PC and console as the same platform is that you don't have to worry about why people might prefer to go the route of buying the console. You can go with a regular gaming PC if that's what you prefer and your library will have all the same options.
Their hand was forced in the end. They have to consolidate PC and Xbox users to compete.
The idea of a machine with a locked down mode that can boot legacy Xbox titles and probably run competitive games with very little chance for cheating is interesting. But given Microsoft's track record with consumer devices I await to be convinced.
Valve should be worried if they do turn out something good, maybe this will mean the Steam machines are pushed more aggressively price wise. We can hope...
The software that I want to run on it is a modified hypervisor. :-)
Anyway, situations like the one you describe are one to be solved by legislation requiring certain devices be sold as open devices that put power in the hands of the owner.
My PS3 and PS4 were both jailbroken/rooted. I don't remember the ps3 routine, but the PS4 was loading the "system -> help" page while connected to a ESP32 wifi AP running a simple web server that replied to requests with the jailbreak for PS4.
I give it about a year, especially if nintendo has to change the specs or otherwise tampers with customer expectations. there's bound to be some way to reload firmware on a "dead" device without pulling chips, and that's all it takes.
The two pins were installed by design from Nintendo to activate the Tegra RCM mode. RCM mode meanwhile has a USB buffer overflow which is the real bug.
In modern NVIDIA chips, this RCM mode no longer exists. The new recovery modes meanwhile are running across multiple physically separate CPUs verifying each other (glitch one, the other notices), all running formally verified firmware written in SPARK (the thing you use for nuclear reactors and avionics).
As for the OS itself, according to a maintainer who rewrote the kernel twice for open source, it has zero bugs. None. The microkernel is tiny, has no drivers, and almost no attack surface. This is born out by WebKit exploits being a dime a dozen on Switch, but all of them are useless.
So even if Switch 2 doesn't make it all the way to 2035 with zero cracks, there's a strong likelihood that any exploits found will be short-lived.
Maybe we should think about this like the concept of public domain. Locked down for X years in order to protect the artist, then opened up for everyone to benefit society.
Part of me also thinks that Microsoft were so forward with offering what was basically a test kit because they were confident in their security.
Hence why PS3 Other OS no longer did hardware acceleration.
https://phys.org/news/2010-12-air-playstation-3s-supercomput...
The PS3 was coincidentally locked down after it was jail broken (broken in Jan, otheros patched out in Mar.
It was the last time that a Japanese company made a fundamentally Japanese move.
Even if it were possible to find a vulnerability in the hardware, doing so without attracting the attention of law enforcement will be profoundly difficult, as Windows sends telemetry back to Microsoft about every instruction that runs on your hardware. Apple will claim to be more privacy-focused, at least for a year or two, but the M9 chip's NPU will just perform local inference on your activity and report you to Apple and the FBI if it detects attempts to break security.
I fired up my…decade old? Steam Link the other day, got steam link clients on my phone, set up a couple steam accounts for my partner and kid, and turned on Wake on LAN on my desktop.
The streaming experience is _smooth_ whether it’s my phone or the TV, it Just Works and we can all play from our own libraries anywhere in the house.
I do wish Steam would clean up some of the pain points - in particular, not being able to switch users from a Steam Link feels like a huge oversight.
I haven’t touched much for gaming in MS’s world outside of just having windows by default, so no Xbox’s around since the 360, and I also really don’t know anyone who uses one. My friends are either PC or Steam, with a handful of us also on Switch. In my world and surrounding orbits, the Xbox is all but a meme at this point
It’s probably also important to note that the most we’re pushing it for is usually either Fallout 3 or StS2, neither of which need impeccable performance or low latency inputs.
Still, for our needs, it works great, and afaict is on par with both Nvidia and PS4/5’s remote streaming in terms of performance.
I do wish Valve would spend some of their infinite money on sanding off the rough edges of Steam.
I guess that, when you absolutely want zero surprises, Ada is the language of choice.
This is hyperbole. We have 1 switch that routinely "won't power on" without a ritual of button holding & timing. My original switch used to hard lock, but i stopped trying to play the sorts of games that were causing the OS to crash.
Both of these disprove the zero bugs claim, unless we move the goalposts.
That's like saying "I plugged in my phone's charging cable, and unplugged it, 20,000 times, and now it's sometimes showing the charging symbol inconsistently, obviously a software bug proving the charging circuit driver has a security flaw."
buuuuut https://en.wikipedia.org/wiki/PlayStation_3_cluster the US government went ahead and did make a supercomputer out of PS3s.
anyhow thanks for helping me confirm my memory is functioning perfectly.
ETA: https://web.archive.org/web/20041120084657/http://arrakis.nc... probably where this "wacky" idea came from...
Ya basic was only one front in that war.
I own one such kit.
Each of these schemes had different sets of regulatory checkboxes they were trying to tick, and so had very different end products.
And Toshiba and IBM, it was a three-way collab. There was even a second-generation Cell (PowerXCell 8i) released in IBM Q Series blade-servers.
What do you mean by this?
And in my mind the whole story was a publicity stunt, considering the political wind at the time and the place that broke the story; which was then quoted at me in college.
Yaroze and PS2 Linux never had anything to do with tariffs.
https://www.pinsentmasons.com/out-law/news/playstation-2-is-...