After several months of silence it was more or less accepted that Microsoft wasnít going to do anything about the firmware hacks that allow Xbox 360s to play backups. Rather surprising, considering the Ďinventorí of the hack confirmed in March already that the mods are easily detectable, and the reports that piracy is running rampant in countries like China. It appears that Microsoft is finally taking action against them though, although they may be hitting the wrong persons.
This thread on the official Xbox.com forums was started by Furydog, who posts with a completely empty gamer profile:
" I have two xbox 360ís and since Friday October 13 2006 I have not been able to connect with my two 360ís. According to MS customer support my status codes indicate that I have MODDED 360ís which I donít. I have contacted several different people and I only one person (GreenJohnny) has responded to me but he was not able to assist me. Although, he did confirm that the status codes I received indicate that my systems Mac addresses are banned because their supposedly MODDED. "
Xbox Support stating there are status codes that indicate a machine was banned for modding? Thatís a new one. To further confirm the story ILBCNU from Xbox Support Staff responds to his post stating they are investigating the issue and apologizing for the problem. No denial or anything, so yep, your modded Xbox 360 is now officially in risk of getting banned from Live or worse.
The fundamental problem with the firmware hack is that itís a so-called Man in the Middle attack on the systemís security. Imagine a phone call between 2 English speaking people, and youíve got control over the line in between. By cutting in at the right moments, you can make it appear to one of the participants that the other one is saying something to him, but itís actually you saying something else and making him believe that itís a valid response. Thatís a simplified explanation of how the hacked firmware works: it lies to the 360 kernel about what the disc is saying about its authenticity. Now imagine if both the speakers on that phone line suspected you were in the middle, and switched to speaking a slightly modified dialect. If youíre still breaking in with the original dialect, itís easily detectable that youíre trying to fool around. Back to the 360, since Microsoft still has absolute control over disc contents and the kernel code, they can simply change the dialect on both sides and thus detect firmware hacks. If they wish, they can take any action they want upon detection, ranging from the simple Xbox Live ban to even bricking your 360 or disabling it to run any newly released games.
There is something slightly fishy about the report though, being that it says the 360 is banned based on MAC address. Those of us familiar with the OSI model and common network implementations will immediately know this is not true, because MAC addresses are part of the Ethernet protocol and live on Layer 2, and never get routed over the internet. In simple terms: your 360s MAC address is not remotely identifiable. An option could be that the Xbox Live login code sends the MAC address itself to the Live servers to be able to uniquely identify the 360, but that would be plain silly since MAC addresses are known not to be unique: they only need to be unique within their physical subnet. A far more obvious solution on Microsoftís part would be to use the console serial number for this, which is embedded in the system anyway and truly unique.
Whatever the details, we can probably consider it a fact that MS is currently acting against modded Xbox 360s, and you should start worrying if youíve got a firmware replacement in your concave box: the Empire is Striking Back.