Hardware Hacking - Bunnie Huang - Xbox

Andrew "bunnie" Huang wrote Hacking the Xbox - An Introduction to Reverse Engineering and it was released last year. We have a look at the book at the bottom of this page, but first a chat with bunnie about things like the DMCA and intellectual curiosity, trolls, and what he's doing now.

Intellectual curiosity is one of the foundations of your book. Do you think this can be taught? I ask this question because a few years back I had a bit to do with two comp sci schools. At one, the enthusiasm and intellectual curiosity was infectious and and at the other it was almost non-existent. The standard of equipment available was roughly similar, as was the academic staff. At one, students were treated as smart citizens and at the other, as drones with criminal tendencies. No prizes in guessing the match-up there!

Andrew "bunnie" Huang:
That's a very provocative and interesting question. I want to believe that intellectual curiosity can be taught and/or acquired. Actually, I think that most people are born curious. I've never had a baby myself, but my observations of them is that they are quite curious. In some cases, parents view curiosity as a nuisance and they suppress it; in other cases, the curiosity is not cultivated and it turns into mischief. I think it's a fine line and it depends a lot upon the upbringing.

Later on in life, it may be possible that a latent curiosity could be awakened, but I haven't witnessed that very much. Throughout college, it was pretty clear who were the curious ones, and who were not. Some of my fellow students were excellent at executing homework problems and learning in class, but their use of their free time indicated that there was not some kind of visceral urge to explore. I think it may have had something to do with what was perceived as "cool" or "uncool" at the time, or perhaps it has something to do with what people's priorities are. I get the sense that some people think that intellectual curiosity is a waste of resources and a pointless exercise when there is money to be made or mouths to feed.

Hacking is more than dyeing your hair purple, getting body piercings, and running destructo scripts. Would like to say a few words about how real hacking can be fun and actually useful as well?

Hacking is certainly more than just taking things apart. I would say that hacking has its roots in creation, rather than destruction. Most hacks originate as the quickest and most exact solution to a problem that needs solving. For example, hacking the Xbox was a solution to the problem that my Xbox wouldn't run the programs that I want. I remember reading a webpage by Linus Torvalds describing how Linux was originally just a terminal communication program created for fun. Since "real" hacking is more of a constructive or learning process, it is quite rewarding to finish a hack, sit back, and take a look at what you've done. Hacking often involves the optimization and improvement of existing things.

As for being useful, hacking, as I have defined it, is inherently useful. You hack to create solutions to problems. It's sort of like a cross between McGuyver (does anyone remember that show)? and engineering.

Your book, Hacking the Xbox, is quite a saga. Now, after it's been out for a while, do you feel you would have liked to have enlarged on some parts or subtracted from others?

Certainly there are many things I would have changed. My original requirement when writing the book was a very short timeline combined with a minimum page length requirement; this lead to the creation of some filler material and a few gaps. I would have liked to included more in-depth practical examples of doing hacks. For example, I wanted to include an example where a simple circuit board was built to convert the power supply, or to monitor the Xbox hard drive status. I would also have liked to expand the software sections, but due to the volatile political climate at the time, it was difficult to write about many of the exploits that were employed on the Xbox.

The DMCA has been a very nasty stick to beat reverse-engineers, academics, and hobbyists. Do you see any faint glimmer of light at the end of the tunnel about this?

Hm. Not really. I think that corporations would always like to do away with pesky reverse engineers who induce business-model busting modifications to their hardware. From this regard, the DMCA is a potent tool, and corporations have been wise about choosing their battles. I think that there is little incentive for corporations to sue me, because I've been somewhat careful about aligning myself with an academic cause; therefore, the outcome of the suit would likely reduce the perceived threat of the DMCA to reverse engineers.

Furthermore, my alignment with academic causes is unfortunate because the people who have the most to worry about under the DMCA are the independent hobbyists. When I was a student, there were already exemptions in the DMCA that protected research conducted at appropriate institutions, but the DMCA makes no exemption for the "researcher at home", e.g., the entrepreneurs, hobbyists, and independent visionaries. They are all criminals under the DMCA, and I don't see a resolution to this problem anytime soon.

I guess now that I'm not officially working under the auspices of MIT, I have lost my DMCA exemption, or something like that. At least, a literal interpretation of the law would indicate that somehow my graduation has magically changed me from an academic into some kind of renegade because I'm no longer affiliated with an established research institution.

DMCA-like legislation is also getting passed in some European countries. Would you like to say a few words as to why this is a very bad idea?

It's a terrible idea because the DMCA has a profound impact upon the way consumers can access content, and it has a palpable impact upon the liberty of people to explore and learn in topics related to computer and information technology. I also get the sense that in Europe, citizen's rights are not as well protected as in America. The government has more power over people as a whole, so I fear that any impact witnessed in America could be amplified in Europe.

The whole question of companies protecting their investment in consoles, chips, games/software, and music has been a vexed one with extremists taking up views on both sides that almost beggar belief in their errant stupidity. Do you see a path to enlightenment here (in addition to a suggestion to return to rationality!) ?

That's a tough question. I think one of the big problems is that lawmakers today are utterly unprepared to make cogent decisions on technological matters. Senators and representatives today were raised in a day without computers, so we can't expect them to understand the vagaries of why it is difficult, if not impossible, to implement watermark detectors in all analog to digital conversion products made today, or perhaps why "file sharing" might be popular or beneficial. Lawmakers respond to their constituency, and in a country where special interests and lobbyists have a loud voice, the current results could only be expected.

As for the madness that grips technology companies and some of the Trolls on Slashdot, I really don't know what I could say to enlighten them. Clearly, they should know better for their self-inflated claims of expertise or experience. I think it might be more of a personality thing, and perhaps also an indication of how important this subject is to people. Anything that heats up conversation so much is by definition important to that segment of the public.

Can you tell us anything about what you're working on now?

Yes. I'm pretty much your joe engineer; that's what I was before all this Xbox publicity hit, and I'm quite happy to stay at that. So, lately I've been working on building nanophotonic integrated circuits--in other words, silicon chips that integrate light-guiding and modulating components side by side with VLSI circuitry. I'm also working on a new kind of silicon fabrication technology known as silicon nanowires. I'm not actually doing a lot of the fundamental work--professors at Harvard and Caltech are doing that--but I am making chips and prototypes to try to prove and improve the technology.

I also have a couple of other dabbling things that I do on the side, some of them I can't talk about just now :) I guess sometimes the most interesting things you do have to keep quiet if you want to enjoy your hobby and not attract a lot of attention.

Thanks a lot.

Hacking the Xbox - An Introduction to Reverse Engineering
Andrew "bunnie" Huang

Here we have a wonderful hacking saga which takes us through the steps of figuring out the Xbox's security system and how to bypass it. One object in doing this might be to run something like Linux. If you succeeded in doing that you would have a cheap, powerful, x86 based PC.

On the way through you'll learn something about reverse engineering and some nice details of techniques used to figure out what specific chips do.

Needless to say, the Xbox is relatively cheap because Microsoft would like you to buy lots of games and that's where they will make their money - like razorblades and handles.

Enter the DMCA and European nasty equivalents. If you are hazy about what the DMCA is and does, this book also gives a very good guide to what it is and some of the effects it has.

This book is not a step by step guide on how to defeat Xbox security. It is a story about how it was done and who was doing it. After reading the book you will certainly know where to go to accomplish that end. But if that's all you want, you could just use google. You'd be missing a good book about real hacking though.

Back to top


post to Delicious Digg Reddit Facebook StumbleUpon

Recent on Mstation: music: Vivian Girls, America's Cup, music: Too Young to Fall..., music: Pains of Being Pure At Heart, Berlin Lakes, music: Atarah Valentine, Travel - Copenhagen, House in the Desert

front page / music / software / games / hardware /wetware / guides / books / art / search / travel /rss / podcasts / contact us