Security (Xbox)
From Wiki-Scene
The Xbox was designed with "security" systems in place, intended to prevent modifications, the use of programs not specifically endorsed by Microsoft, and the booting of copied discs. This page loosely describes these obstacles along with methods to circumvent them.
Software Signatures
An unmodded Xbox will boot two types of programs - the Microsoft dashboard and retail sold, Microsoft approved, game discs. These have a special key embedded in them that the console recognises as "permission" to launch.
There is no publically known method to correctly sign other programs for use with the Xbox, nor to copy an original Xbox disc in a manner the console will accept. There are, however, two common methods of getting around this.
When a console boots, it loads a BIOS into memory (from the TSOP chip, or a modchip if one is installed). This piece of code enforces the signature check. Storing a modified BIOS in one of these two chips (that is to say, "hardmodding" your system) means the check can be removed completely - it no longer matters whether the programs you attempt to execute are signed correctly, if at all.
Alternatively, a softmod can be used to exploit holes in the Microsoft dashboard in order to run other programs. Once the softmod has started, it will typically alter the BIOS that was loaded into memory, removing the signature checks and hence allowing the console to start any other program from that point on.
Note that in the case of a softmod, only the copy of the BIOS in memory is altered. The originally loaded BIOS in the TSOP/modchip remains untouched. Also note that if an altered BIOS was already stored in the TSOP/modchip, the softmod will not be able to correctly perform it's patching process; that is to say, softmods typically cannot function at the same time as hardmods.
Drive Locking
An unmodded Xbox requires that the installed hard disk drive have a special lock on it. Most standard IDE HDDs are lockable - If a lock is applied, then a special passcode must be used by a system in order to read or write to the drive. When the Xbox boots, it unlocks the drive, but the security system requires the code to be issued every time the drive is powered up.
The HDD passcode used to lock an Xbox drive is based on the serial number of the drive, and a special HDD key which is stored in the EEPROM.
The console will boot to an Error 05 if you attempt to start it with an unlocked drive, or an Error 06 if you attempt to use an incorrectly locked drive.
During a console's boot process the check for drive locking is performed prior to the point at which a softmod can start. Therefore, this type of mod cannot circumvent this security measure - the attached drive MUST be correctly locked to be used in a softmodded (or otherwise unmodded) console.
Recovering the HDD key from the EEPROM of a given console allows you to lock any drive for use with that system, and also allows you to unlock the drives so that other systems (such as your computer) can access them.
It's possible to allow another system to read/write to a locked drive using hotswapping (even if you don't have access to the passcodes). This process involves allowing the console to unlock the drive, then attaching it to your computer without removing the power supply - the drive does not power down, and hence does not relock.
Alternatively, a hardmod allows you to remove this limitation from your BIOS completely. You can then use any unlocked drive with your system.
See Also
- 17 Mistakes Microsoft Made in the Xbox Security System at Xbox-Linux.org - A far more detailed treatise on how Xbox security functions.
