17 Mistakes Microsoft Made in the Xbox Security System

This article is about the security system of the Xbox and the
mistakes Microsoft made. It will not explain basic concepts like buffer
exploits, and it will not explain how to construct an effective
security system, but it will explain how not to do it: This
article is about how easy it is to make terrible mistakes and how
easily people seem to overestimate their skills. So this article is
also about how to avoid the most common mistakes.

For every security concept, this article will first explain the
design from Microsoft's perspective, and then describe the hackers'
efforts to break the security. If the reader finds the mistakes in the
design, this proves that Microsoft has weak developers. If, on the
other hand, the reader doesn't find the mistakes, this proves that
constructing a security system is indeed hard.

This paper dated 2005-10-25, has been submitted to the 22nd Chaos Communication Congress and will be presented on December 29th 2005, 18:00, at the Berliner Congress Center, Berlin, Germany.

You are invited to comment on this article on the Discussion Page.


Author: Xavier Ashe

Entrepreneur, Infosec Executive, CISSP, CISM, Ironman triathlete, traveler, UU, paleo, father of 8, goyishe, gamer, & geek. http://linkedin.com/in/xavierashe

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s