Re: [Full-Disclosure] FW: FEEDBACK: Testing Microsoft and the DMCA
From: Hotmail (firstname.lastname@example.org)
From: "Hotmail" <email@example.com> To: <firstname.lastname@example.org>, <email@example.com> Date: Fri, 18 Apr 2003 21:32:33 -0700
so i understand this...
ITS ILLEGAL TO TAKE ANYTHING APART AND STUDY IT AND TALK ABOUT IT ???? I
belive I can do whatever it is I choose to do with a product that I
purchase. Next it will be illegal to throw away your xbox because someone
might get it out of the rubbish and use it.. or heaven forbid.. LOOK INSIDE.
----- Original Message -----
From: "Jason Coombs" <firstname.lastname@example.org>
Sent: Friday, April 18, 2003 8:01 PM
Subject: [Full-Disclosure] FW: FEEDBACK: Testing Microsoft and the DMCA
> -----Original Message-----
> From: Jason Coombs [mailto:email@example.com]
> Sent: Friday, April 18, 2003 4:58 PM
> To: firstname.lastname@example.org
> Subject: FEEDBACK: Testing Microsoft and the DMCA
> I'm an author and computer forensics/infosec expert who recently authored
> book about information security and Microsoft Internet Information
> (IIS) that Microsoft Press was planning to publish... They opted not to
> publish my book after they got a chance to read it; perhaps fearing that
> acknowledging flaws and pointing out weaknesses in their own products
> undermine their position with respect to prosecuting DMCA violators.
> After reading your article concerning "Hacking the XBox" I thought you
> be interested in my story as well. My literary agent pitched my book to
> and it was rejected rather abruptly and with no discussion (odd,
> that I've been published by both Wiley and Hungry Minds/IDG Books in the
> My plan, if I can't find a publisher willing to take the 'risk' of
> details of vulnerabilities in IIS, is to give away my book as an open
> manuscript/electronic book in order to educate people who use Windows
> operating systems and IIS on critical security countermeasures. There's no
> reason for Microsoft customers to be kept in the dark about necessary
> precautions simply because publishing the forensic details threatens to
> in prosecution of those responsible, or in the case of Microsoft Press,
> threatens to take Microsoft's DMCA teeth out of their big fat head.
> Jason Coombs
> Testing Microsoft and the DMCA
> By David Becker
> Staff Writer, CNET News.com
> April 15, 2003, 4:00 AM PT
> newsmakers Taking a break from working on his doctoral thesis,
> Institute of Technology (MIT) graduate student Andrew "Bunnie" Huang
> that it might be fun to poke around the security systems protecting
> Microsoft's Xbox game console.
> With a little creative tinkering and a measure of precision soldering,
> quickly isolated the main public security keys. Although legally prevented
> from sharing the keys with the world, he described his methods in detail
> widely distributed research paper, helping spur a wave of Xbox-hacking
> has led to the development of Xbox versions of Linux and other homemade
> After graduating from MIT last year, Huang set up his own consulting
> specializing in reverse engineering. But he still has some more Xbox
> that he'd like to share with the world--that is, if only he can find a
> Click Here.
> Huang's recently completed book, "Hacking the Xbox" was recently dropped
> Wiley subsidiary Hungry Minds, citing possible legal issues under the
> controversial Digital Millennium Copyright Act (DMCA). The Department of
> Justice recently used the DMCA to shut down ISOnews.com, a Web site partly
> used to distribute Xbox-hacking tools, and to imprison the site's owner.
> Plans to self-publish the book hit another snag a couple of weeks ago when
> Americart, a provider of online shopping cart services, declined to sell
> book because it feared getting sued. But Huang remains determined to press
> this project through to completion.
> "The thing I have to emphasize is that the book itself is not criminal,"
> said. "It'd be like saying that breaking and entering is illegal, so you
> write a book on how locks work."
> Huang spoke with CNET News.com about the book, the importance of hardware
> hacking and his willingness to serve as a DMCA guinea pig, if necessary.
> Q: What have you learned to do with the Xbox since your research paper was
> A: I did a lot of work but if I talked about it I'd get in a lot of
> did some work with a few people who were trying to figure out alternate
> methods to get to the Xbox hardware without necessarily involving the
> copyrighted code Microsoft has--basically finding backdoors in the
> initialization and boot sequence.
> I helped out one guy in particular who was critical in figuring out the
> that's used by everyone today. It is basically a flaw in the system
> initializer that lets you put code anywhere in the system that you want
> From there, I backed off and got kind of quiet. Things were starting to
> up, and a lot of people were starting to move into piracy and other very
> controversial issues. I sort of became a fly on the wall and gave people
> advice in some key areas.
> And then Wiley approached you about writing a book?
> Yeah--Wiley has the "Dummies" series, and wanted to create a similar line
> introductory hacking guides: hacking TiVo, hacking the Xbox, hacking your
> player. The book overall is an education book. I try to teach people as
> as possible how to do hacks on their own and try to avoid as much as
> the really cookie-cutter, boring stuff.
> So it's not just, "Here's how you install this mod chip?"
> There are a few pictures of mod chips installed...but it's more like
> how a mod chip works, and here's how people used reverse engineering to
> out how Xbox security works. It's trying to give a novice hacker or
> who has very little experience the confidence he or she needs to open up
> box and start playing around with the stuff on the inside. And there's
> a running dialogue about the experiences that I had getting into the Xbox,
> including the legal issues.
> It ends with a brief section on where things are today. That's where I
> mod chips. But the book is really encouraging people to learn their own
> Was there much discussion of legal concerns with the publisher?
> When I first started working with them, they realized that it was a touchy
> subject. They had me develop an outline, and when I went over it with
> lawyers, they said, "Yeah, this should be OK."
> Then I got a call (a few months later) during which they basically said
> had some turnover in the legal department and weren't feeling so good
> the book now. I don't know if this had anything to do with it, but right
> around the time that they gave me they call, the Department of Justice
> down ISOnews.com and they were sort of beating on the doors of a lot of
> chip guys.
> Has the ISOnews.com case had a chilling effect beyond your work?
> I think that it's had a major chilling effect. Maybe the reason that
> started (backing out of such publishing deals) this is that the DMCA has
> become such a hot topic. A lot of companies aren't willing to really push
> their content directly through a public trial. The whole idea of taking a
> person and making an example of him seems to have backfired. They tried
> with a few guys and it didn't work.
> I think a lot of companies are starting to take more indirect attacks. To
> a really bad analogy, instead of going for the mafia boss, you take out
> guys in the street, the little mod chip vendors.
> I want to put a stake in the ground and say, "Hey, I strongly believe what
> doing is legal.
> They're trying other techniques within the word of the law to put a damper
> this activity without getting bad press.
> If they were to go ahead and take any Xbox-Linux guys and crucify them for
> running Linux on the Xbox, they'd have the whole open-source crowd really
> in arms. There'd be a really big negative mark on the Xbox.
> So even though Microsoft has said, "You guys can't run Linux on the Xbox,"
> they're not going to really do anything about it in the short term. It's
> hurting their revenue enough to have them fight a battle on principle.
> Are you afraid personally of the possible consequences of publishing the
> Oh yeah. Lately it's been really day-to-day. I get a lot of e-mail from a
> of people, and sometimes you see the subject line and freeze for a moment,
> thinking, "This is it, they're coming to get me." And then it just turns
> to be an innocent question. But the fact that Americart felt it had to
> my book shows how jittery people are.
> So how are you going to sell the book now?
> There's always PayPal, I guess...Although someone pointed out to me that
> PayPal has an explicit clause that says you can't use the service to sell
> chips. Even though this isn't a mod chip per se, it might be construed as
> technology or a tool under the wording of the DMCA.
> The big question that I had when I published my paper at MIT was whether
> would be considered a copyright circumvention tool under the DMCA. I think
> it's wildly unrealistic to think that a court would agree with such an
> expansive interpretation of a tool. But to a limited degree, they might go
> along with it.
> Beyond the question of what's a tool, there are still a lot of questions
> whether mod chips are copyright circumvention devices at all, since they
> other, legitimate things. Would it be useful to have a court opinion on
> It would be. I think that part of the reason I decided to go ahead with
> book is that I'm really tired of hearing, "Well, there's three cases that
> never went to court, but here's the direction in which they kind of
> There's no real stakes in the ground about this.
> There's a lot of fear, uncertainty and doubt. And the longer the people
> want to enforce these laws can cast the shadow of fear without ever having
> bring something to court, the more effective they are. This type of
> is kept underground and under control.
> I want to put a stake in the ground and say, "Hey, I strongly believe what
> doing is legal and it's beneficial for people to know about this stuff."
> don't know about it, then the bad guys are going to figure it out and
> going to take our lunch. Maybe I'm being a fool by saying this, but if
> wants to challenge me on this, I think it's something we need to talk
> a court of law. I don't know where I'd find the resources to defend
> I am taken to court, then I'll figure it out.
> The big game companies seem to paint all hacking as enabling software
> What's your rationale for why it's useful to hack the hardware?
> There's this thing called fair use that pretty much had been protected
> the DMCA came out. It says that if I take my hard-earned money and buy a
> of hardware--whether it's a hammer or a razor or a computer--I can take it
> home and do what I want.
> The real critical issue is if it turns out that Microsoft can put a ban on
> people running their own code on a piece of hardware.
> I don't have to just use a hammer to pound nails. Same goes for a computer
> a video game machine.
> The real critical issue is if it turns out that Microsoft can put a ban on
> people running their own code on a piece of hardware. That'd enable people
> develop monopolies over hardware by simply securing the hardware to
> cryptographic in the software base. Microsoft could start offering
> to hardware makers to install a Palladium chip that only runs Windows on
> and people who remove it are guilty under the law. Eventually, you just
> up the whole world.
> That's the whole crux. We're going to investigate this hardware and run
> on it and push things a little. We need to figure out really soon what
> going to do to the industry and whether this is something of which we need
> be afraid.
> Right after I did the paper, I worked with a guy to find the avenues to
> completely bypass the Xbox security systems. And what we ended up with was
> amazing. It was a concatenation of four bugs from various vendors that
> it to happen.
> It's a real-life example of why I think Palladium isn't going to
> vendor is going to have some small bug that individually doesn't mean
> but when you stack 'em together, it becomes a big security hole. And once
> commit it to silicon, it becomes a billion-dollar bug.
> So it sounds like a big part of your motivation is educational?
> Oh yeah, a very large part of it is educational. When I first started
> this, I asked my professor if he thought there was academic merit to it.
> was really positive. The security community has been debating for a long
> about how we secure chip buses--do we just make it really fast and take it
> of the realm of hackability? This sets a data point for what it takes to
> extract data out of a high-speed bus. It's a real meat-and-potatoes
> security--what can go wrong and what can be done about it.
> Do you expect your work to be reflected in the design of Xbox 2?
> I think it will be. Nvidia had to scrap a bunch of chips because Microsoft
> rotated the (security) code, and I think that was at least, in part,
> specifically because of what I'd done.
> With the Xbox 2, there's a couple of different directions they could take.
> They could say, "Fair use is fair use. Go ahead and run Linux on it, but
> catch you copying games, I'm going to nail you good." Or they'll try to
> down even more cryptographically.
> There are things that they can try. But there's a dozen attacks that I've
> in my back pocket and that other hackers have kept in their back pockets
> nobody's even talked about. Those will come out if Microsoft tries to
> the hardware again.
> What do you think of the James Bond hack for running unsigned software on
> That looks really promising for freeing Linux to the mainstream. It either
> spells the beginning for a new age in Xbox hacking, or it's the demise.
> it's such a potent weapon against the Xbox that Microsoft will have no
> but to start enforcing stronger policies on hacking, or they may have to
> change the hardware. Or they could decide to back off and let Linux
> But I think it's going to tip the scale somehow.
> And this is just one exploit. There are probably a lot of others. The
> that I'm looking for a is network attack, where you just plug it into the
> network, run a script on the PC and send a specially formed packet to the
> Xbox, and voila, you've got your code in the Xbox. That's the kind of
> I'd look out for being an incredibly huge problem for Microsoft.
> Has the rationale for running Linux on an Xbox been diluted, now that you
> buy a $200 Linux PC from Wal-Mart?
> People talk and joke about that a lot. But there are a couple of things to
> realize. One is that those $200 PCs don't have anything close to the
> power that the Xbox has. And most of the Linux applications for the Xbox
> not been geared toward turning it into a Web server or a word processor.
> want to turn it into a media center and have the box under their stereo
> that stores videos, digital audio and other stuff. The Xbox is really
> handy for that. And they use Linux because it has all these great tools
> working with media.
> What the appeal for you to doing reverse engineering work?
> I think it's an important area and it's fun. I really like security more
> anything else, so I've been working on TEMPEST-style surveillance
> looking for security holes that should be fairly obvious, trying to raise
> awareness for the public that information isn't as safe as it is thought
> Something like a public service job?
> I guess you could say it's public service. What it boils down to is either
> someone's going to write a paper and say there's this vulnerability, or
> going to find out the hard way. One of my goals as I do this exploration,
> for my own fun than anything else, is to be able to say it was this easy
> this hard to break your hardware, and here's what you can do to remedy it.
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
Full-Disclosure - We believe in it.