Guarding Against Physical Attacks: The Xbox One Story
Every game console since the first Atari was more or less designed to prevent the piracy of games and yet every single game console has been successfully modified to enable piracy. However, this trend has come to an end. Both the Xbox One and the PS4 have now been on the market for close to 6 years, without hackers being able to crack the system to enable piracy or cheating. This is the first time in history that game consoles have lasted this long without being cracked to enable piracy.
In this talk, we will discuss how we achieved this for the Xbox One. We will first describe the Xbox security design goals and why it needs to guard against hardware attacks, followed by descriptions of the hardware and software architecture to keep the Xbox secure. This includes details about the custom SoC we built with AMD and how we addressed the fact that all data read from flash, the hard drive, and even DRAM cannot be trusted. We will also discuss the corresponding software changes we made to keep the system and the games secure.
- Windows 10 security: Microsoft reveals ‘Secured-core’ to block firmware attacks (2019)
- Akash Malhotra, AMD and Microsoft Secured-Core PC (2019)
- AMD’s Xbox, PlayStation work lead to a big security feature in EPYC (2019)
- Al-Haj, Forensics Analysis of Xbox One Game Console (2015)
- Moore et al, Preliminary forensic analysis of the Xbox One (2014)
- DeBusschere & McCambridge, Modern Game Console Exploitation (2012)
- Huang, Hacking the Xbox: An Introduction to Reverse Engineering (2003)
- Huang, Keeping Secrets in Hardware: the Microsoft XBox Case Study (2002)