Microsoft really seemed to be ahead of the curve with console security. They really thought this through back in 2005 or so, to the point where clearly, they knew people would hack the drives to rewrite the serial number. It's probably for the best that they never actually did anything about the knowledge that gave them, but they clearly stayed a step ahead of the game. As much as I hate it, their actions show a great deal of respect towards the ingenuity of console hackers, because if they didn't, they would've never bothered to do such an effort thwarting them. Compared to the Nintendo Wii, which had a decent security model that was ultimately ill-fated due to several fatal flaws in both hardware and firmware, and the PlayStation, where Sony seems to have a continual problem developing security measures that hackers and modders can just completely ignore, Microsoft really pulled it off. I still wish game consoles would allow you to just run your own code. Xbox has dev mode, which I haven't ever used since I generally do not buy game consoles, but it does seem like the absolute best option that's been available to consumers lately. Before then, it was OtherOS (ill-fated,) PS2 Linux (cool but kinda limited,) and Net Yaroze? Which seemed awesome to me, but unfortunately was a relatively uncommon good. Beyond that, official escapes from the walled garden are truly scarce. A sad reality that will get worse when measures like remote attestation finally make their way to general purpose computers. Remember: you can never have nice things. Ever.
Every time I hear about the XBox's platform security, I think back to this talk [1] about how Microsoft protected the XBox One. A lot of it boils down to clear requirements and good engineering, and many of these technologies are now showing up via Project Pluton.
and many of these technologies are now showing up via Project Pluton.
More awareness needs to be made of how this will have a devestating impact on end-user freedom. They're attacking the PC, one of the last holdouts of general-purpose computing freedom. Remote attestation will make it so you "can" technically run your own hardware and software (and that's what the FUD-spreaders will always say), but you'll be denied access to lots of, increasingly online, services.
Edit: nice, downvotes. Hello corpo-authoritarians, we know what's up :-)
Apple (and to a lesser extent Android) have already gone this route, and Windows 11 originally wanted to push _hard_ on enforcing the presence of more platform security. DRM schemes already perform remote attestation before you can stream 4K Netflix.
Linux and Open Source may be one of the last remaining barriers to this becoming widespread. It's one of the main reasons I whole-heartedly support Valve and their Steam Deck ambitions, and encourage everyone to do the same. Money trumps everything else, so as long as the money to be made from supporting SteamOS > money thought to be saved from piracy, I believe we can still thwart this.
Is there any mechanism for it to validate that the thing connected to the display output is an unmodified monitor which also implements DRM? Otherwise it would be almost trivial to have a device with HDMI-in that gets a pixel perfect feed of the protected stream.
You can produce pixel perfect rips. But since the resulting video file is so large you will "need" to compress it, and then you get compression on compression artefacts.
It would be really interesting to make a video compressor that specializes in "recompressing" previously compressed data. A simple version could be special handling of common compression artifacts and trying to detect various transforms and trying to take advantage of the detail already removed instead of removing additional detail.
If you knew the codec used originally you could even try to (near) perfectly reconstruct the original bitstream. Especially if you know various codec parameters and some side-channel data (such as which video data is contained in which encrypted blocks) it may be possible to relatively efficiently search for the bitstream that decompresses to the data that you are seeing.
Yes, indeed. Pixel perfect rips of already compressed streams, immensely blowing up the size and requiring another round of lossy compression to actually be useful.
Sure, but you get to push your encoder settings far less than you otherwise could. You always end up with either significantly bigger files or significantly lower quality.
> Remote attestation will make it so you "can" technically run your own hardware and software (and that's what the FUD-spreaders will always say), but you'll be denied access to lots of, increasingly online, services.
It's good to raise awareness of the centralization risks of remote attestation. One pro-security, pro-freedom alternative is local attestation, e.g. to a USB security key running OSS firmware under user control. Widespread use of user-controlled attestations would make it harder for cloud services to impose unilateral requirements, requiring negotiation among competing objectives.
One remote attestation scenario could be disaggregation of critical apps into dedicated on-device VMs which look like cloud lambdas/functions/unikernels. Remote attestation could be done for a special-purpose VM (e.g. banking), leaving other general purpose OS VMs unrestricted. This is possible today with Windows Hyper-V on secured-core x86/Arm hardware, Android 13 with the pKVM hypervisor on Pixel 6/7 hardware, and the HP/Bromium AX hypervisor.
> what are they going to say when it's supported in Linux and we open source it ... the Pluton team also uses Linux daily, builds TWO Microsoft Linux distros, and upstreams Linux kernel features.
On servers, a forward-looking approach is being taken with OCP Caliptra, an open root of trust that will precede booting of the main SoC (including Pluton) and mandates open firmware that must be dual-signed by both the OEM and the datacenter owner. It is an early attempt to forestall ME/PSP/BMC Groundhog Day. If it succeeds on OCP servers (where datacenter owners have power to negotiate with OEM/ODMs), perhaps more transparency and owner control/veto can be brought to client devices, https://twitter.com/platformsec/status/1533398356088737793.
One pro-security, pro-freedom alternative is local attestation
What's the point? That's about as useful as running your own CA. The fact is, those pushing remote attestation want remote centralised control and they're going to care that you have your own attestation infrastructure as much as they'll care that you have your own CA, i.e. they're not going to be satisfied because they're trusting their own, and not yours.
the Pluton team also uses Linux daily, builds TWO Microsoft Linux distros, and upstreams Linux kernel features.
That's even scarier. If the only form of "supported" Linux becomes Microsoft Linux (with its own unique brand of spyware and other crap forced on you due to RA), don't say we never saw it coming: Embrace, Extend, Extinguish... or perhaps that last E should now be Enslave.
If it succeeds on OCP servers (where datacenter owners have power to negotiate with OEM/ODMs), perhaps more transparency and owner control/veto can be brought to client devices,
We already had "owner control" until they started trying to take that away from us. We don't need nor want attestation at all. No means NO!
> they're not going to be satisfied because they're trusting their own, and not yours.
This cuts in both directions. Unlike signing certificates, attestation is not a zero-sum fight over a single monolithic measurement attribute that can only be A or B, it can support a goal of having A and B, e.g. as disaggregated VMs. If a cloud wants subset B, then the user/owner/enterprise local attestation can insist that the client must also have subset A, otherwise it can reject subset-B-without-A. Also applies to multiple clouds with conflicting requirements.
Enterprise clients connected to centralized clouds are not the same as consumption-oriented DRM, where the decision is grant/deny. Enterprise client devices generate business data that is sent to the cloud, and they consume data/compute/apps from the cloud. If businesses stop sending data to the cloud, the hybrid workflow breaks down. It's not as one-sided as Netflix DRM.
> We already had "owner control" until they started trying to take that away from us.
With the exception of IBM POWER / Talos servers that have open firmware including the BMC, most servers depend on many blobs, so there has been little transparency for owners, never mind control. One has to start somewhere, and Caliptra starts at the beginning, with an open silicon+firmware RoT that can potentially evaluate some of the myriad blobs and processors and devices needed to bring a server online.
> More awareness needs to be made of how this will have a devestating impact on end-user freedom. They're attacking the PC, one of the last holdouts of general-purpose computing freedom.
This situation reminds me of the fuss around Palladium, a solution which seemed to be abandoned by Microsoft on its merits:
The PC will eventually lock up more. Free general-purpose computing will remain on things like Raspberry Pi (and many other variants). There will be Windows computers, like we now have Macs, and Windows-incapable computers to run Linux (or whatever else open OS).
RPi boot path includes the GPU/VPU, which runs a binary blob based on an older version of ThreadX RTOS, whose upstream is now called Azure RTOS ThreadX. Work on an open-source replacement has been slowly inching forward for a few years.
Arm, including the quirky RPi, is not comparable in openness to x86 general purpose desktops, which were a happy confluence of accidents, determined individuals and scrappy businesses. That is still worth defending, if only to slow the slide backwards.
M1 Macs have a unique take on hardware security that can co-exist with general-purpose computing for open-source Linux, and Apple's vertical integration. https://archive.fosdem.org/2022/schedule/speaker/xeno_kovah/. Hopefully Asahi Linux will succeed in creating a relatively maintainable port for multiple generations of Apple Silicon.
Free general-purpose computing will remain on things like Raspberry Pi
Leaving aside the debatable nature of how open and free a RPi is, what's the point of "general-purpose computing" when it can't actually be used? When/if you need a locked-down machine controlled by some central authority to do what you can still do today with a free and open one, i.e. create and consume media, interact with services, communicate with others, etc., how much value does a truly libre computer have? It's almost like the "just build your own platform" argument when it comes to censorship.
Not to mention that no design is absolutely safe, and if security enclaves like Pluton get exploited to run backdoor, it'll be a lot harder for end user to detect.
> these tiny parts usually run with high privileges and dramatically impact the overall system. In such cases, MTE/CHERI play pretty nicely - they help ensure that whatever bugs we have in these areas are killed at their root cause (probabilistically/deterministically). This is exactly why MSR, MSRC and Azure Silicon pushed for this AMAZING project of CheriIoT ... scaling CHERI down to RISC-V32E, the smallest core RISC-V specification. I’m very excited about this project, and I hope once we will open-source the ISA and the prototype, more folks across the industry could join.
That is a direction that would benefit everyone: open silicon and open firmware for the most security sensitive components. It is technically possible and at least some humans in big companies understand the importance to future would-be-digital civilizations.
There was a PSEC 2019 talk on Azure Sphere (IoT), with some details on Pluton security features and the Microsoft Linux hardened kernel based on OpenEmbedded/Yocto. Briefly mentioned is Microsoft's QEMU emulation of Pluton for CI/CD and their segmented architecture for delivery of 10 years of Linux security updates to the device, even if the IoT vendor goes out of business leaving the application firmware unmaintained.
I love the newest entrant to the console wars, who decided to just run their game store on a Linux computer, optimize the UX a bit and make it all work great with its chosen hardware. Currently maybe a bit underpowered, but shows great promise and I believe the Steam Deck has a bright future in front of it.
The Steam Deck has sold fewer than 1% the number of Switches sold, which tells me there is far more to selling a console than the technology. Well, that’s an obvious statement, but I think many of us tech people commonly under-appreciate all the “non-engineering” components to making a product successful.
I think “optimize the UX a bit” is what they did, and it falls very woefully short of what they need. Especially when it arguably has a far bigger and better library of titles.
I hope Valve doesn’t throw in the towel after the first round. The Steam Deck idea can be a killer one. It just needs a lot more UX polish and marketing.
Huh? I don't even think there Are official Steam Deck sales numbers. The best I can find was that they shipped over 1 million last October, not sold. But that was actually not long after they BEGAN shipping units. Not only that, but we're comparing it to the Switch, which is one of THE best selling game consoles ever. However, in its first year, IIRC, it actually "only" sold around 10 million units. That suggests that in its first year, the Steam Deck sold at least around 10% of what the Switch sold (although the deck was a lot more supply constrained, so it may have been higher if not for that.)
Since Valve doesn't share actual numbers, or at least has not done so yet, it's really hard to judge, but I think you're painting a picture that is at least a bit too pessimistic. I don't know if Valve actually expected to outsell stalwart console vendors, but I would actually guess they DID outsell the PS Vita's first year. That's really not too bad for a foray into a saturated market with a somewhat niche and admittedly even somewhat immature product.
Steam Deck probably has a bright future, but I'm most interested to hear if they had any success breaking into the market in Asia, as it seemed like that was a big push for them and probably generally one of the hardest markets for Valve/Steam, for a variety of different reasons. I have to guess the sales numbers in North America are pretty good based on how quickly we went through the preorders.
The PS Vita is an apt point of comparison - a beautiful piece of hardware that performed fantastically (and in my opinion much more impressive for its time than the steam deck) - that is considered to have been a complete failure.
Steam Deck really is an interesting comparison. It must be frustrating that Valve releases Steam Deck to fanatical reception if you feel like PS Vita was a better product for it's time. Even though PS Vita may have been a great product, it's possibly one that simply was not at the right place or time. I really think that Sony needed to win, not just sell modestly.
A big and weird part of this is simply because Valve is different. Still a corporation, still flawed, but certainly, if nothing else, definitely different. They have an appeal almost reminiscent of how people once regarded Google a long time ago. They've gotten a solid reputation for playing the long game with respect to building their ecosystem, and in that regard, Deck feels like a product many years in the making: the Steam client and games library, Proton and DXVK, the overlay and other middleware libraries, the multiple iterations of SteamOS, and many more endeavors all came into the product that the Deck is today.
Meanwhile, PS Vita did not have the luxury of the depth of consumer goodwill that Valve has, even if Sony has many times the breadth of consumer goodwill; worse, it needed to bootstrap it's ecosystem, whereas Valve has committed to bringing it's entire existing ecosystem to Deck instead. Valve also had the luxury of not being a traditional video game console vendor, and thus I don't think it elicited as strong of a reaction in the "console wars" either: I do not think that people view it the same. And hell, I don't think Valve does either. It has an aggressive starting price, and thus definitely can compete, but it seems probably still profitable. At the higher end, it's priced more like a gaming laptop, and thus the enthusiast gear that you would expect. I think they landed themselves a nearly unloseable situation with Deck. Because it's basically just an extension of their existing Steam ecosystem, it's essentially a value-add at worst. I would bet it acts more complimentary to other consoles, and there are probably few Deck owners without at least one other game console.
As a competitor to Nintendo's gaming handhelds and as a successor to the PSP, it seems like consumers largely rejected the PS Vita. Maybe in an alternate universe where Sony took an entirely different approach to the ecosystem and marketing of the PS Vita, things could've gone very differently.
For what it's worth, I've never owned a console of any kind in my life, but I would really like to own a Steam Deck.
Though I could buy the Steam Deck now, I am eagerly waiting for Steam Deck 2 just to see if there are lessons-learned-improvements from the first iteration.
> Though I could buy the Steam Deck now, I am eagerly waiting for Steam Deck 2 just to see if there are lessons-learned-improvements from the first iteration.
Just wait for the Steam Deck 3, where they'll solve all the problems that don't even exist yet on the Steam Deck 2. Or better yet, might just wait for the Steam Deck 5 just to make sure they've finally ironed out all the kinks.
Not sure why you're so antagonistic. I don't know you or how you live your life, but as an unsolicited advice, perhaps you could have a moment of introspection. Cheers!
I will acknowledge my precious comment was a tad antagonistic, sorry.
I'm just saying, if it's something you want, it fits your needs today, and you've got the budget for it, just buy it. Don't wait for the "what if the next generation is better?", Because of course the next generation will probably be better, if it comes out. But this fits your needs well enough today, and it's something you want, and there will always be something newer supplanting whatever you buy in the future as well.
So if you're thinking you'll wait for the 2 because it'll be better than the original, why get the 2? Won't the 3 be better? And of course, the 4 will be better than the 3, so maybe you shouldn't buy the 3 but instead wait for the 4. But what if there's a 5th generation...
Why would I buy the iPhone of today, won't the one next year be faster? And the one the year after that be faster than next year? Why would I buy the one this year when there will probably be a better one available eventually?
I just never got this line of reasoning. Could you share why you'd wait for the 2, but not the 3?
It's a very strong pattern that the gap between version one and version two is much bigger than anywhere else, with much bigger flaws existing and being fixed.
I'm very surprised that you don't seem to be aware of this, and treat it purely as n versus n+1.
It just recently became available to purchase without a waitlist, they are still learning about hardware production, supply chains and other things they haven't done at the same scale before. Give it some time, especially when comparing to Nintendo who've been doing it for decades.
The Switch is the fifth best selling console of all time. That's not at all a fair comparison, especially given the difference in price point and how long the Switch has been on the market.
On the other hand, it's plausible that the Steam Deck could hit within 50% of Vita, the Wii U or Gamecube, which is amazing for Valve's second push into the console market, and immensely profitable, given Valve owns pretty much the only avenue with which people will be buying games for it and gets a 30% cut, on top of the Deck being significantly more expensive than any comparable console, now or historically.
Steam Deck is also very much not like those consoles.
When the Game Cube "fails" as a product, all the worlds Game Cubes become just cubes that you can't do anything interesting with.
If Steam Deck "fails", it becomes merely a funky form factor PC. Plug it into a monitor via USB-C and it's a full desktop computer. With a surprisingly okay price for that, too!
In what universe can Wii U or Game Cube be considered "failed"? They were hugely successful. You need a much better definition of failure than "not number one".
I don't get this. Hacking was huge on the 360, as was piracy that JTAG thing using the cooler runner and browning out the processor after slowing it, there were multiple mod chips and finally the ODEs coming out the wazhoo.
The funny thing about security is it's about the weakest links they find.
So you can harden link A as much as you want if link B is a dud all the extra work on A was wasted energy.
What's most impressive is Xbox realised this and added in Dev mode.
What's shocking is Sony knew this from the PS2 era and gave it up!
I had an xecuter mod on the first Xbox and a 2TB hard drive, you could do so many many things with Xbox Media Center on the very first Xbox - FTP your games over.
TBH the Xbox 360 console was like a refresh of XBMC. One of the greatest things about the 360 out of the box was it played popular video codecs directly from USB storage - unmodded!
Unheard of at the time.
I had an early model PSX console in high school and bought the plug and play mod chip online in 2000 or so. Rented a lot of games and bought a lot of verbatim blue bottoms
Later a USB plus 1 wire mod chip for the PS2 that let me play backups and homebrew
>TBH the Xbox 360 console was like a refresh of XBMC.
According to sources, a modified original Xbox running the latest XBMC was put on the center podium, was shown off, and the executives had ordered the engineers to "make the new xbox do this"...and it was.
The 360's early media capabilities were absolutely unheard of for the time
I was blown away when half way through the setup of my 360 my desktop running Vista helpfully chimed in saying it found the 360 and offered to let me stream all my MP3's right to it while playing games
Apple and Amazon are only now adding the group watch functionality that Netflix had on the 360. I really don’t know why this fell off because it was really popular within my friend group and we’d watch a movie together a couple times a month.
I have an Xbox 360 that has never played a game in its life, but served many years as a media center extender. Microsoft really did get that thing right.
> What's shocking is Sony knew this from the PS2 era and gave it up!
This applies to the whole early XBox story. Microsoft learns the right lessons... Sony learns the wrong ones.
XBox vs PS2: XBox was faster, but PS2 launched earlier, was cheaper, and had more games, so won the generation.
XBox 360 vs PS3: Sony reacts to Microsoft by making the PS3 more powerful than the 360 and more expensive. Microsoft reacts by getting more games and really doubling down on Halo (the biggest draw to XBox back then). XBox wins the generation.
FWIW the "PS3 is faster" is still debated to this day, mainly due to the Cell's "weird" architecture
If you remove the SPE's from the equation (which many developers did) the PS3 has a much slower 2 Ghz Dual Core PPC64 CPU, while the Xbox has a 3.2Ghz Triple Core (6 thread) PPC64
The extra threads aren't directly as useful as games back then were almost entirely single-threaded, a trend that has only begun to really change course in the last decade or so (partially due to the Xbone and PS4 having anemic Bulldozer derived CPU's that had weak single-thread performance)
IIRC it's not even a dual core but a single core with two threads.
Sony really dropped the ball with the PS3 chip.
It's a shame they invested hundreds of millions or even billions in this new, hot, complicated to use chip, only for it to be completely surpassed by off the shelf x86 parts.
Sony though the chip would be so good they could sell it to be used in super computers for years to come, but by the time it was out, x86 had basically caught up and no customers cared about buying their cell processor.
And then they took this strategy into the XBox One generation: everyone gets a Kinect! For $100 more than the competition! And it's always listening, and you have to have it connected for the system to boot!
Piling onto that with "we're getting rid of game sharing or the resell market" and "our new console is going to be your entertainment hub, i.e. it's going to be jammed full of shit most gamers don't want!" and the launch was just... ugh.
Xbox One premiere was a disaster since the design reveal. I saw it and was like "you must be kidding". Original X1 doesn't look like magnetowid - my magnetowid looks way better! Xbox One S is what X1 should have been since the very beginning.
Hell, they knew it from the PS1 era: Net Yaroze may not have stopped people from trying to hack their PlayStation 1, but it definitely appealed to a part of the crowd that would be most interested in that sort of thing. (And they even included a toolchain! Truly must've been special to be a part of that.)
I think the trouble is that people kept finding ways back from arbitrary code execution in a limited environment to running pirated games and cheating in online games, and Sony continually failed to actually manage that.
It was! I was a pre-teen then but I remember modded controllers and getting into modded lobbies. The only modding I did was USB modding my avatar and gamerscore, only to login a month or so later to the prompt that my account was banned forever.
>their actions show a great deal of respect towards the ingenuity of console hackers, because if they didn't, they would've never bothered to do such an effort thwarting them.
dude. The irony. They bricked our machines and joked about it. They had a fellowship with the FBI.
They (MS and EA) threw OP, the author of this fkn submission, in jail.
Their own Terms of Service and Policy Enforcement page still brags about "pwning the pwnrs" - to this day.
Make no mistake, MS and Xbox still hate us. It's just from a capitalist perspective, its hard to compete with losing PC audience.
Their only selling point is itself, an unhackable console.
They did have restraint. There is a list of console ID's hardcoded in every NAND because originally a few souls had reversed the NAND enough to RSA-sign CON files - they were just gonna ban everyone who had made modified content, but didnt... because of Halo3's File Share incidentally preserving personal RSA keys, making it difficult to reconcile modified content, once spread.
Regarding hacked DVD drives....they did the math and banned millions when it was profitable, ironically.
I should point out that I was not suggesting there was a good relationship between console hackers and Microsoft. Quote from me again:
> respect towards the ingenuity of console hackers
I did not say they had respect for the people, or that what they were doing was good, or anything like that. I'm claiming that from a security standpoint, they took the threat very seriously.
Microsoft legally bullying people is bad, but it's nothing new from Microsoft. Hell, it's nothing new from the console industry either. I actually was not aware of Microsoft putting anyone in jail over the Xbox homebrew/modding scene, but it does not surprise me. I remember what happened with Sony and Geohotz.
Still, from a sterile, technical point of view, I do think that in 2005 they were way, way ahead of keeping their console "secure" according to their threat model. I am never going to be particularly fond of a threat model where the adversary is the customer, but that's not really the point.
It's 95% accurate. The remaining 5% is to hide the identity of Person A.
I would consider contributing to a third episode with a new generation of stories/correbance/trivia, but with the amount of contribution from the feds to correct the record, I feel it would be unwise.
>They (MS and EA) threw OP, the author of this fkn submission, in jail.
It's not like they got jailed because of MS's sheer spite to hackers - no, they made good money hacking MS consoles. Essentially, it's one capitalist against the other, and they had to be aware of the rules of the game.
This was not a security feature at all, it wasn't securing anything? This is purely a feature to allow Microsoft to resell hard drives at 3x the price.
I think you will agree that security in computing is not just "prevent people from getting hacked" or some static goal like that, but rather security is the management of "threats" under a given "threat model".
DRM, for example, is DEFINITELY a form of security software. DRM is an attempt to uphold policies around the access and/or copying of digital data such that access, distribution, etc. is controlled by said policy. Like any security software, it is meaningless if it's trivial to bypass, so it employs techniques to prevent users from modifying it, inspecting it, and otherwise bypassing its security measures.
Similarly, technology that is meant to only allow licensed hardware is largely the same idea. Like SEGA's Trade Mark Security System, although instead of cryptographic signatures, they instead hinged on the threat of a lawsuit. This is still a form of security system, just with a very different model of the threat.
What I am not saying is that these security measures are any good for the consumer. Obviously, these measures are very largely anti-consumer. Arguably there are some potential consumer benefits in limited cases (the most honest answer is probably anti-cheat, because most online games are frustratingly unplayable without some strong approach to dissuade cheating) but that is still not really my point. How is this security? It's simple. It's security against the threat of the end user. It upholds policies that the device vendor would like to impose on the consumer.
A lock is still a security device even if you abuse it to lock somebody in a room against their will.
Nintendo is not far behind Sony in the (in)security department. The 3DS was hacked in several ways including an browser exploit that worked on recent firmware. The 3DS eShop was serving games via CDN with no authentication. And the first edition Switch has a hardware-based exploit that is unpatchable!
To this day, there is significantly better security in your XBox account to protect your in-game collectables than can be achieved by huge enterprises trying to protect their corporate secrets on Microsoft 365.
E.g.: the corporate default settings for MFA show zero additional information. Literally just an “accept” button. The XBox equivalent shows location, etc…
I don’t think Xbox Dev Mode is really worth a damn. You can sideload apps but it’s not a vector for piracy or running Windows or Linux.
PS3 Linux was about as useless as PS2 Linux, because the PS3 had only 256MB of RAM. I put Ubuntu Server on one and used it as a Squid proxy server to route P2P traffic through to the university’s college of computing since P2P was blocked in the dorms. For some stupid reason I totally got away with it. PS3 running in one of the research labs 24/7 routing traffic all day.
> You can sideload apps but it’s not a vector for piracy or running Windows or Linux.
Rephrasing:
> You can sideload apps so it's not a vector for piracy
Most of the piracy scene depends on hackers figuring out how to break security so that they can run [SWEET DEMOS](https://www.youtube.com/watch?v=z8JaG6hQVbA) and homebrew apps on it. By saying "yeah mate here, toggle some settings, pay $90, and we'll even help you break the seal" it completely eliminates the drive that most experienced attackers have to actually attack it.
From what I understand there's an informal bounty among the Xbox and Hyper-V teams that increases on a regular basis for unsigned executables on the Xbox One platform.
I don't think ps2 and ps3 linux were intended to be used, ever. From what i can tell the only reason it existed at all was to allow sony to import it as a computer rather than a game console, which has higher tariffs imposed.
The person I’m replying to make it sound like Xbox Dev Mode came about because Microsoft was tired of trying to keep hackers out, but the reality is Microsoft has kept hackers out. You can’t jailbreak an Xbox One.
If I recall correctly, Microsoft was about to cripple down the Dev Mode, what caused in the community, what led to increased interest in hacking X1, what made MS back off on their decision, after what the discussions quieten down.
I won't claim Dev Mode is their solution to hacker, but there seems to be some correlation.
I’m not sure why crippling a niche feature would drive people to try to jailbreak the Xbox One. It really is a useless feature unless you are developing an app/game for the Xbox One- then you won’t have to spend however much on a dev kit.
I believe indora has already said why under your initial comment:
>Most of the piracy scene depends on hackers figuring out how to break security so that they can run [SWEET DEMOS](...) and homebrew apps on it
That's definitely the experience I have with modding scene; piracy is rarely the primary goal. Yes, Dev Mode is a niche feature, but it's a feature appealing to the hacker's niche.
And from what I see, stuff like RetroArch can be run on normal console even without Dev Mode nowadays. Heck, you can play NES games directly in Edge browser without any shenanigans.
Things you could do on a jailbroken PS3 or JTAG'd Xbox 360 (besides playing pirated games) != things you can do on an Xbox One with dev mode enabled, including but not limited to: running Linux; viewing and controlling thermal performance of the console; modding games/enabling cheats; theming the UI; playing game discs made for a different region (e.g. PAL); backup game save files (I think this is a given on today's consoles but it was more restrictive back in the day).
Of course it doesn't give you as much power as a jailbreak would, but it gives just enough power to make putting the effort into hacking the console not worth it.
I just don't think there was really anyone who was putting effort into hacking the Xbox One just because they wanted the feature that they now get out of the box- sideloading/running unsigned code in a VERY sandboxed environment that can't run retail versions of games.
The idea was for gamers to get a feeling what it meant to be a game developer, and as former PS2Linux user, having so many instead trying to make a PC out of Playstation is what killed the fun for Sony.
I’m assuming their “threat model” wasn’t individual users going through sophisticated hoops to install their own hard drives.
More likely they wanted to make it difficult for grey-market vendors of unauthorized disk drives to escape cease and desist orders from Microsoft’s army of lawyers.
Probably helps they are a big OS company but I think they went all out on security because of how severe softmodding scene was on the original Xbox. IIRC there wasn't useful softmods for GameCube or PS2 during the lifetime of the system whereas I knew several people with modded Xboxes with larger drives that they'd rip rentals onto.
Xbox 360 also had XNA, I think you needed a paid membership to actually boot a game on it though. And on the last few Nintendo consoles they've had BASIC programs available letting you write your own software. Obviously there's some limitations there but people have done some neat stuff and it's even possible to do 3D. The original Famicom also had BASIC available.
Xbone is not hacked because nobody care about essentially a boring pc without any memorable games. It will remain in history as another Microsoft marketing disaster. One day it will eventually and silently destroyed to be emulated like all ancient arcades and microcomputer games protections. Every protection can and will be broken.
Regarding unsuccessful money grab, Idea that Microsoft minds forsaw that people will want to upgrade their boxes with cheap generic parts and that must be punished is indeed new, no car manufacturers never did anything like that since 90s.
The keys couldn't unlock the GPU door though (I mean, dev mode apps couldn't use the graphics api). And iirc ram was limited.
To me that allows for some incentive to root/jailbreak the device.
This is the same sort of bullshit that HP has done with their computer hard drives, but with an even more elaborate lock-in by Microsoft in this case. The HP computers came with an OEM Windows CD so you could re-install the OS after replacing a bad hard drive, but if you chose to replace the hard drive with anything other than a "genuine" HP replacement part, the Windows installation would fail. Note that the HP replacement part has half the capacity for twice the price, and a poor warranty.
I spent two weeks sparing with HP over this. They sent me a replacement Windows CD that behaved in exactly the same way, and in the end, they were off their flowchart with no way to escalate the issue. I was able to install the same version of Windows on the computer using a non-OEM Microsoft Windows installation disc. HP Support insisted that it was perfectly okay to replace their OEM drive with something else, and denied any lock-in countermeasures when I challenged them. Either the support staff honestly didn't know about this (probably illegal) policy, or they did know, and were required to deny it.
After this, I actively advised all of my clients to avoid HP hardware. At the time, I advised them to use Dell instead, but Dell has its own problems these days.
I am honestly very annoyed that my 2019 XPS 15 will refuse to negotiate anything higher than 65W over USB-C PD on a non-Dell charger. Their dock does 130W, yet every third party dock, brick, or monitor I use it refuses to exceed 65W.
> I am honestly very annoyed that my 2019 XPS 15 will refuse to negotiate anything higher than 65W over USB-C PD on a non-Dell charger. Their dock does 130W, yet every third party dock, brick, or monitor I use it refuses to exceed 65W.
Until 2021, the official maximum power for USB-C PD was 100W (5A at 20V), and your notebook is older than that. Dell has a non-standard extension for higher power, which uses a higher current (above 6A) and the same voltage (20V); the newer standard instead keeps the same maximum current (5A) and allows for higher voltages. It makes sense that third-party devices implement neither Dell's non-standard extension nor the newer standard (which your laptop could not use anyway), and so are limited to 100W, or 60W if you're not using a 5A cable.
I mean, I'd take 100W. I never used the dedicated GPU so I never get that high. However, standard usage still drains the battery while on a 65W supply.
The whole windows market has been an absolute dumpster fire lately. The "modern standby" issue is infuriating. In a year or two I think the Macbook might honestly be the best linux laptop you can buy. I've got Asahi set up on my M1 and it's borderline usable now. Just waiting on thunderbolt and power management to be done and I could work with this.
This is a feature I want. If someone steals my MacBook, I want it to be worth the scrap aluminium.
Yes there is a case where someone forgets their Apple ID password and lost access to all their recovery methods, but I’ve got my password memorised and written down so I purely benefit from the theft protection.
The statement on the article is ridiculous too. Apple doesn’t prevent the second hand market, you just have to factory reset the thing before you sell it. The most likely case where this is impossible is the seller stole it.
Without being deactivated these are effectively stolen devices. The sin here isn’t on apple, it’s on the previous owner failing to unlock the device. I’m all for this it it means my devices won’t be stolen.
Yes, but it locks out the third-party refurbished market. If a Macbook breaks and the owner chooses to replace instead of repair, there isn't a way to factory reset it. A repair shop has no choice but to scrap the computer even if it's fixable.
Gross. That sounds like it's non-standard, right? One of the many reasons I'll never own a Dell, despite some of their hardware being quite nice in other respects.
This is why pirated software is many times better than the official! I have licensed CDs but still have to use cracked games because of the f*g DRM sh* in the official ones.
The article leads with this, the drives from Microsoft had a massive upcharge compared to regular HDD rates at the time. They were making a pretty penny with these.
Eaton, if you are planning to write more interesting posts like this, please consider adding RSS/Atom (or making it more obvious if it is already there).
I have received other requests for this. I thought about it when I redesigned the site, but didn't think people really used RSS that much anymore. I have it on my list to implement (:
That was a tactic Nintendo used with the gameboy. The courts eventually decided that the logo, when used as an access token like that, no longer qualified for the creative component required for copyright protection.
Strictly speaking, the logo bit wasn't about copyright, but trademark. Specifically there was certain territories that Japan had trademark treaties with, but not copyright treaties. Taiwan if I remember correctly.
So you could legally make unlicensed copies of Super Mario Bros but they couldn't be called Super Mario Bros. This is why a lot of old bootleg games change the titlescreen to say, say, "7 GRAND DAD[0]" instead of "Super Mario Bros". This behavior actually seems to persist to the present day despite these copyright loopholes having long since been fixed.
Of course there were companies that got around the logo check with custom hardware[1]. And Nintendo themselves got lazy and didn't check the whole logo on the Color. So it's possible to change the boot logo on basically every Game Boy.
The court case you're thinking of has to do with SEGA's Trademark Security System (TMSS) for the Genesis. Sega v. Accolade to be specific. The broad strokes are similar, though - small bits of copying to sell an original unlicensed work are acceptable because console hardware is not copyrightable just because you worked on it real hard.
[0] Fleenstones? Aaaaugh...
[1] The Game Boy BIOS has a TOCTOU bug. AFAIK this is also how Argonaut Software managed to get an in with Nintendo to publish X in Japan.
That case was 1992, which today would not hold up due to the political shift of corporate power. Same as how in the 90's Microsoft couldn't monopolize with internet explorer, yet mobile devices are doing it every day in even worse fashion.
yet mobile devices are doing it every day in even worse fashion.
Which mobile browser has 90%+ market share ala "peak" Internet Explorer in 2004?
I hate being limited to Safari on iOS, but iOS has < 30% market share worldwide. Additionally, browsers are (highly unfortunately IMO) less relevant than in ~2004 when IE had a stranglehold on things.
Worldwide isn't relevant to a U.S. monopoly, and wasn't relevant in the anti monopoly case against MS. Tech got big, made up a significant amount of GDP, and bought politicians. That is why the rules are no longer applied.
That was my thought upon reading that as well. I think Nintendo pioneered this strategy with the Gameboy - if the cartridge didn't start by showing the Nintendo logo, the Gameboy would not boot. And if you used the Nintendo logo without licensing it, it was trademark infringement.
Clever way to prevent un-licensed third-party cartridges.
According to legend at least this was defeated pretty early with Argonaut Software submitting a GB proof of concept that bypassed the boot screen (and was also 3D!). This ended up becoming the game "X".
Sega tried the same thing by having a check for the word SEGA at a certain ROM location on the cartridge for Genesis/Mega Drive games. They were smacked down in federal court in Sega v. Accolade.
The modders could have just as easily decided to go the "you must find the logo on your own" route and written a "select the logo" file prompt into the tools. I find the "they intended to let others sell HDDs" then changed their minds later route more plausible, especially since they never went after the "hacked" drives with bans or anything.
Right, but it doesn't cost Microsoft anything to add their logo as an additional check. If laws or court precedent change, it's already there. (For example, the DMCA came long after the Sega decision)
Seems plausible, since otherwise it would be fairly simple for a third-party accessory vendor to create compatible drives that could legally sell in all the usual places you can buy console accessories.
Trademark isn't going to stop modders, but it would have been effective against legitimate accessory vendors and retailers.
I don't get the value from preventing a customer from modding the device. Presumably, the customer gets more value out of the modded device, which means more sales to the device vendor.
The IBM PC was a runaway success because it was user moddable. IBM failed to recognize this with their follow-on PS/2, which was locked down. It flopped. DEC's Rainbow PC flopped because they tied it to proprietary floppy disks.
Chrysler was loved by hotrodders in the 60s and 70s because the company even published extensive manuals on how to hotrod them to various levels, and supplied the parts!
I put my money where my mouth is, the D language is 100% open source.
>the customer gets more value out of the modded device, which means more sales to the device vendor.
Not sure about the modern xbox, but a lot of game consoles have traditionally been sold at a loss with the expectation of making it up on game licensing fees.
Making more sales at a loss without a significant enough increase in licensing revenue equals a bigger loss. And that's before accounting for the higher support costs of people with incompatible 3rd-party hardware calling Xbox support.
> I don't get the value from preventing a customer from modding the device.
For many, having locked down consoles is a feature not a bug. It massively reduces the odds of coming across people running cheats in online gaming. It still happens, sure. But in the end it is far less common when cheating requires buying hardware modifications from potentially shady marketplaces, soldering things on to the board, potentially breaking your hardware, and potentially blacklisting your hardware on official matchmaking systems.
You're never going to get to zero cheaters, but if you make it more difficult to cheat and make it easier to blacklist expensive hardware it'll massively reduce the odds of your player base encountering cheater in an average match. Encountering less cheaters increases player satisfaction and keeps players playing your games.
I didn't buy a game console for it to be a general purpose computer to do whatever I want, I bought a game console because I want to play games. If I want a general purpose computer to hack around with I'll go buy a Pi or an ESP32 or some other SBC instead of a Switch or an Xbox or Playstation.
Part of the value is also providing assurances to game publishers that their games will be harder to pirate. With the 'rampant' (in many publishers' view) piracy scene on PC, publishers would prefer not to have to also deal with the piracy problem on consoles. By taking on that burden, the console manufacturer makes their platform much more attractive to develop for. It also lets game devs make more mistakes without having their dirty laundry aired out for the world.
Interesting post but was really hoping to understand why some of my saves wouldn't transfer to other 360 consoles. Back when the "red ring of death" was more common, I would be issued a replacement console. When I snapped my hard drive back in and turned on Ninja Gaiden 2, I wouldn't be able to continue my progress. I had the unfortunate luck of this happening several times to me and I eventually quit playing that game.
Years and years later, I worked with someone who used to be at a gaming company and he claimed that apparently it was a quality assurance requirement from Microsoft in order to be published..
Good to know! Back in the days my friend and I figured out that if we bought Xbox Live Arcade games on someone's console with the other person's account, both would effectively own the full game and could play it (albeit not at the same time). We used this scheme to share account passwords and get more Gamerscore out of some titles. My then 14-year old self was quite disappointed to find out he lost all shared games when his console was replaced after a RRoD. I guess these games weren't transferable.
I wonder what would have happened if someone tried using antitrust laws to defeat this. Seems like there was a quite alive market for "third-party HDDs compatible with Xbox 360s" and Microsoft effectively tried to monopolize it. Plus, it seems to me like it could have passed the test of the modern Sherman Act interpretation. MS's actions directly reduced output and increased prices.
I couldn't find what is the size of the RSA key used. Any chance it is small enough to be broken today with bunch of cloud instances and few $100 [1] to spare? It was almost 20 years after all.
Of course cloning another disk is simpler and more practical, but it might be fun to eg. have custom logos on unmodded console.
Wild guess: since the field given in the article is 256 bytes and the signature is probably just padded to the same size as the key, it's probably 2048 bits which is not really easily crackable (any key-specific flaws notwithstanding).
Eaton, I was a big admirer of yours back in the Xbox 360 modding scene, and envied your genius and dedication to things like FATXplorer and DevTool. We had common acquaintances (cas, teh1337) and I believe we may have worked together very briefly on a project at one point (I developed XPRC, which brought RPC and a whole host of new modding abilities to JTAG'd consoles). I'd love to get in touch and hear what you're working on now-a-days and see if there's anything we can collaborate on (perhaps a blog article?)!
This is pretty similar to how Nintendo validates game cartridges. They all contain a unique signed header. If you connect to an online game and your game serial number is being used by hundreds of other users, Nintendo can see its a pirated copy and you get console banned from online for all games.
Back in the day StarCraft did the same thing. Except the key generation algorithm was reverse engineered. So even a legit key had the risk of being used online by pirates and being blocked.
The old dredged up Anandtech article is referring to the price of 3.5" disks, but the 360 used something smaller, probably 2.5". An off-the-shelf laptop drive would've been a bit more expensive and a bit more comparable to the $99 that Microsoft was charging.
Of all components, a disk is the only thing that “regularly” fail, that become too small, and have no other security impact, no profit margin (I think)
It’s idiotic MS took this route.
And what’s the downside/risk for MS? Nothing.. if the Xbox doesn’t work anymore, just don’t give any support on that disk
Margins are low on retail drives. Drives MS was selling had _plenty_ of margin. Which is why MS went that way. Also, this saves you from "I bought shitty drive from NoName on alibaba and it doesn't work" support requests.
Still stupid though. Glad Sony out of all companies opened up PS3 they way they did.
Drives MS was selling had _plenty_ of margin. Which is why MS went that way
Maybe? It's hard to say. The linked article comparing the price of MS's HDD accessory to the cost of a contemporary OEM hard drive via NewEgg and yeah, MS's HDD was way more expensive per GB.
There are a lot of extra costs for MS though. Maintaining a separate SKU. Retail packaging. Cost of unsold units. Negotiating a supply of HDDs from e.g. WD which had to keep a production line or whatever open for that model when they otherwise might have phased it out sooner. The plastic enclosures. Etc.
Some of the price/GB differential may well have been gouging but some of it was also certainly overheads such as those I mentioned. There was zero possibility MS's retail Xbox360 HDDs could have been priced identically to the ever fluctuating price of HDDs from the direct sales channel. For a start, how could they reprice the units they'd already sold to WalMart, EBGames, and the like?
My strong hunch is that those official MS HDD's were not very profitable for MS. Otherwise one suspects they would not have tolerated hacked HDDs.
Of course if you want to say their whole strategy was dumb, I agree. Why not just allow consumers to slap the SATA drive of their choice into the 360? Bigger drives = more room for games = customers theoretically buying more games.
> Also, this saves you from "I bought shitty drive from NoName on alibaba and it doesn't work" support requests.
Don't be silly. The user would never disclose that part. It would be "My xbox doesn't work, send me a replacement"
Although the reasonable way to handle this would be for the xbox to detect non genuine drives and report it but not block them. So support would quickly see the cause of the issue.
I still have one of those hacked WD blues. Always served me very well though I no longer have a 360. It serves out its live now as a 320 gb even though it's a 500 because I couldn't find a working 500 firmware at the time and I couldn't manage to get the original firmware back. But it's ok, I'm mainly doing ssd these days anyway.
Glad everyone enjoyed the writeup! I have several more interesting writeups planned, including a significant hack disclosure (not Xbox/gaming related), so keep an eye out (:
It takes in the RSA signature, SHA data hash, and RSA key type.
Key types are: XE_PIRS_RSA_KEY = 0x0, XE_LIVEDRM_RSA_KEY = 0x1, XE_DEVICE_RSA_KEY = 0x2 (this is the Sata verification key), XE_XSIGNER2_RSA_KEY = 0x3
It uses key type to load the corresponding public key from memory at static addresses, then verification takes place.
The articles says that the security sector is RSA-signed using a private key only Microsoft possesses, what if you also change the public key used for verification that is stored in the console?
You’d need Microsoft’s private key to sign the system firmware with a changed HDD verification public key in it (or an exploit undermining the general security chain of the system).
If everything is verified locally couldn't you also change the firmeware verification key, and whatever verifies the firmware verification..etc ?
Isn't it turtles all the way down?
The Xbox 360 security is a lot of turtles and the last turtle is actually baked into the SoC itself so it's impossible to modify. That firmware verifies the next stage and establishes the chain of verification that's very hard to break.
It did get broken eventually (after years of trying!) by figuring out that the CPU stops being reliable at very low clocks, but it was not even remotely easy.
I thought I remember there being adapters which allowed you to use regular 2.5inch hard drives on the xbox 360. Maybe my mind is just tricking me again though.
- 2.0.9199.0 — April 6, 2010 — Allows up to two USB flash drives or external hard drives to be used for storing profiles, game saves, demos and more up to 16 GB each, 32GB combined.
- 2.0.16197.0 — October 16, 2012 — Added support for up to 32GB USB drives.
- 2.0.17349.0 — April 30, 2015 — Added: Able to use USB Storage up to 2TB for Xbox Content.
There was the USB official setup later, but you could also find a hard drive of the same model and flash firmware from a 360 drive onto it. So yes, but not just any drive.
I did this, I remember there being some fairly common laptop hard drive on the list because I found it laying around at home. There was a live cd to boot off of to format it and everything. Memories...
stuff like this is outrageous. i got a steam deck a few weeks ago and decided to grab the base model and an $80 512GB NVMe drive on newegg. the install was easy and i saved a ton of money. that's how hardware should work, especially stuff as easy as drives/RAM.
I love how hackable they made the Steam Deck, you can easily find replacement parts as well. I even remember someone got an external graphics card working on one by using the NVME slot and an adapter to connect it. Of course, that kinda defeats the whole purpose of the Steam Deck lol
Repairability and general hackability are core design goals of the Steam Deck compared to other devices. On the software side, they don't hide the desktop Linux core.
Valve is one of the few companies I don't feel is egregiously cashing in on their market monopoly store fees. The amount of value they give back is astounding. I remember buying a logitech racing wheel and finding it didn't work on linux, when I looked it up I saw a valve employee on the linux mailing list with a patch ready to merge to fix it.
And then there is the incredible work done on Proton. I couldn't have imagined the future of gaming on linux was that Wine would be improved so much you couldn't tell it was being used.. At the time everyone figured you just had to complain in the game forums for a linux version and eventually it would work.
Steam Deck is pretty much the spiritual opposite of everything the console makers and the DRM industry stands for. I'm just waiting for big DRM publishers to start blocking it with excuse of poor DRM security and lockout.
It's sold by arguably the largest DRM provider. Valve just seems think of DRM as a way to keep honest people honest, rather than as something that aspires to be unassailable.
It's a bit different. The Steam Deck is not locked down like consoles are. You can run anything you want on them. They then additionally allow game devs to use steam as DRM for individual games. But you are still free to run whatever software you want.
Right, it's very different than any other console. It's not particularly out of character for Valve, though, and they are definitely part of the DRM establishment.
They own the libraries, a large part of the build toolchain these game devs are using, and in some cases the game studios themselves. It's already quite difficult for Wine to be compatible with every program, and anti-cheat can be especially problematic. I feel like they can break this if they want to.
Similarly this is the approach Sony took with the PS5. It accepts any sufficiently fast nvme drive via the standard connector - just plug it in and it works. No proprietary expansion card like Microsoft and Seagate are selling for the new Xbox.
The statute of limitations is over, it's time to revel in nostalgia :D
Eaton's gonna be spoiling us, dude has always been an overachiever.
By the way, you DID save my original 20gb security partition - I never told you, I don't think, but I had the original MS backup cable and your software right as that was figured out.
Can't wait for the ultimate "KV.bin" write-up...
>>:"Why would MS add over 4 magnitudes of cryptographic checks to a damn virtual serial number....?"
> Microsoft Corp., the world's largest software maker, loses at least $153 (U.S.) on each Xbox 360 video game console it sells, based on just the cost of components and assembly, a research firm says. Parts such as processors and manufacturing cost $552.27 for each machine that retails at $399, El Segundo, Calif.
With this context it doesn’t surprise me they try to recoup something on each optional hardware upgrade.
When was that? Because at the start of the console your chip might be a cutting edge and incur massive costs, but cost a tenth to produce once it goes from cutting-edge to practiced.
Right, but the above figure is under-shooting if anything since it budgets $0 for software development. Microsoft definitely charged a premium for accessories, seems like a classic price discrimination, wherein the richer consumers were subsidizing the cost of the console (and its development) for poorer ones.
People want these kind of security measures when they buy a game console, because the alternative is easily-modded consoles that people use to cheat in online games. Lots of online games are also not well engineered so cheating can cause crashes and save corruption - for example, modders constantly find bugs in GTA V that can be used to crash GTA Online sessions or even crash single-player sessions where you're playing offline by yourself as long as you're online.
I would prefer that platforms are fully open because it would force game studios and app developers to implement good security that doesn't rely on the client being unhackable.
This is only possible for server-controlled experiences, and it doesn't stop people from botting and aimhacking. Basically unworkable for action games.
And yet there are plenty of action games that remain fun to play while running on platforms that ain't locked down tighter than a jelly donut stash in a weight loss clinic. Botting and aimhacking do happen, but apparently not with sufficient frequency to be a problem.
Quite a few games do use kernel-mode anti-cheat, but it's far from "most" even in the narrow category of multiplayer first-person shooters, let alone multiplayer games in general.
Large studios are installing anti-cheat rootkits for the same reason they used to install anti-piracy rootkits: because they're excessively paranoid about any possibility whatsoever of revenue loss. Anti-piracy rootkits fell out of fashion when enough customers got fed up with them to stop buying games with them; I would be entirely unsurprised if anti-cheat rootkits met the same fate - especially given the recent popularity of devices like the Steam Deck that make shipping such rootkits (for either reason) exceedingly difficult.
----
EDIT: and in any case, I'll take "have the choice to install kernel-level anti-cheat on my machine if I so choose" over "not have that choice" any day.
I will never understand why people buy that locked down, proprietary, DRM infested shit (gaming consoles, "smart" appliances, smartphones, apple stuff etc.) in the first place. .. I would rather have nothing.
It can be nice. It takes mental effort to manage an open system and make sure you don't run anything malicious - a limited, sandboxed environment you can always rely on to work is much easier by comparison.
I do miss the PS3 linux option though. It would be great to have console hardware that boots in two modes - a console mode for playing games, and an open x86 mode for doing general compute. This is especially relevant now that current console are effectively PCs with custom software rather than having specialty instruction sets. AMD even already sells broken PS5 chips as barebones systems! https://www.youtube.com/watch?v=9h08cMFwqRc
If only every child would rather have nothing than a "locked down" Xbox. When I was 13 I didn't really care if it was locked down, but as an adult it matters a bit more.
As an adult, I don't want to have to manage a thing that I would normally use for leisure. Thankfully, we're starting to see devices released that point in that direction -- the Steam Deck is an open device (users can install an M2 SSD if they're willing to open the device, or they can use a standard SD card if they're not), has a full desktop environment available, yet can be entirely used in the device's "game mode" that abstracts and hides the bulk of the device's complexity.
It's possible to enjoy something like a game console while also being aware of their role in the elimination of general-purpose computing. These kind of platforms are where they farm us for technologies like hypervisors, signed-everything, e-fuses, always-online, etc. Consent is easily manufactured when enough people believe that media """needs to be protected""" to exist at all. I still love my 360 though :)
Yeah consoles indoctrinated people and opened the way for stuff like the BMW with the DRM heated seats.
I think similarly, micro-transactions and DLC in games, digital goods, rare loot in WoW, led the way for stuff like bitcoin and nfts becoming relatively popular, and not just being utterly ridiculed by everyone.
The fact is that you don't enjoy these things. These things generate only frustration, its more the time you want to throw these things out of the window than the one you enjoy them. A console that you have to mod just to upgrade/replace its internal hard drive? What the hell? Just because Microsoft can sell you a normal SATA disk for double the price?
I definitely enjoyed my Xbox 360 and didn't give a single damn about not being able to use a non-Microsoft hard drive. I doubt I ever really thought about the fact that I couldn't, it just wasn't an issue.
People want products that "just work" and I don't think it is fair to blame them for that. The problems mainly arise when the locked down stuff breaks or treats the user badly in some way, but even if stuff were not locked down the average person would just sell or throw out their device when it no pleased them anyways.
I'm not blaming users for something. I said "I will never understand". Though I can hypothesize. I think in some cases due to deceitful marketing, users think "This thing will be great! It will do X,Y and Z for me.".. Then they buy it and realize that X is forbidden, Y requires a subscription, and Z is not available in their region or whatever. They are disspointed but they've already bought the thing at that point and make do rather than return it. I have seen this happen to people I know for sure.
I definitely blame the corporation for unethically making products like that in the 1st place, and then also deceitfully marketing them. There should be much stricter laws and severe punishments in place to protect the public.
Most people buy an Xbox to play games or an iPhone for its advertised features, and it does that, so they're happy. If they felt tricked like you said, they wouldn't buy the next generation, especially with iPhones where the competition is way more open.
There are other ways I acknowledge hardware is truly becoming anti-consumer, like removing headphone jacks to sell wireless earbuds. Or Xbox HDDs.
Thanks for FATXplorer BTW, it is very useful.