New Xbox360 Disc Protections? Bans to follow?

I noticed the other day that when FIFA’09 for Xbox360 is patched with the latest update, the flags that specify what media the game is allowed to run from have changed. Originally it was allowed to boot from a standard original Xbox360 disc, however now it is only allowed to boot from a new media type which is basically an updated version of the original Xbox360 disc type.

Those who have ever looked into the depths of the Xbox360 disc authentication scheme know that a “new” type of disc authentication has been in the works since the Xbox360 was released. It is known as the AntiPiracy v2.5 checks, or AP2.5. Is this FIFA’09 patch a sign that AP2.5 is finally going to see the light of day? If so then the ban hammer is going to come down hard. Don’t say I didn’t warn you :)

The original Xbox360 game disc was reffered to as DVD-XGD2, which I presume stands for Xbox Game Disc version 2 (with version 1 being the discs used on Xbox1). This new Xbox360 game disc just seems to be reffered to as an “updated DVD-XGD2” , however to avoid confusion I will call this new disc type “DVD-XGD2.5”. Also since I am a lazy typer I will remove the “DVD-” prefix for the following text.

Based on what I remember from when I looked into the disc authentication, I can see three possibilities. In order of likeliness they are:

1) Possibly the XGD2.5 disc is actually physically the same as the XGD2 disc but has support for extra unknown challenge/response checks.

XGD2 discs are authenticated by a series of challenge response pairs. The Xbox360 sends challenges to the dvd-drive and then the drive sends back responses to these challenges based on information on the disc in the dvd drive. If the Xbox360 deems the responses to be correct, the disc is authenticated.

Current Xbox360 dvd-drive hacks work since the challenge/response pairs are stored in the security sector on the disc, meaning that all possible challenge/responses are known in advance. The best way for MS to solve this problem is to use challenge/response pairs that are not known in advance to the dvd-drive. So if a hacked dvd-drive receives an unknown challenge it will not have the correct repsonse to send back, therefore the authentication will fail and the copied game will not boot.

MS could do these extra checks when you connect to Xbox Live, and could even save unknown challenge/response pairs to a file on the flash of your Xbox360 in order to do the checks offline. They could also save challenge/responses to your flash when you update your console via Live or an update on a game disc.

 

 2) Maybe the authentication of XGD2.5 is a superset of the XGD2 authentication. Therefore the FIFA’09 game could be pressed on the new XGD2.5 discs and still pass the XGD2 authentication checks. Then when MS is ready to initiate AP2.5 checks they could patch the game to only boot if it’s disc passes the XGD2.5 authentication.

 

3) Or else I may just be wrong and there is no new disc type or it is totally seperate to AP2.5 :)

53 thoughts on “New Xbox360 Disc Protections? Bans to follow?

  1. For starters, you are PIRATES. You steal software from those who work hard all day to bring it to you. Piracy is stealing and is a felony. There is no way you can justify it. If you don’t like their prices or business practices, then you simply don’t buy their product.

    Here’s thought you dipshits, why don’t you just go buy the game you want, play it and enjoy it.

    I hope that you are all caught and get felony records, thereby ruining any employment opportunities you have in your futures.

  2. I’ve approved this first “why don’t you buy your games” comment so I can point out that the post was about possible changes to the Xbox360 disc type, not about promoting piracy or copying of games.

    This is simply a blog where I will post things that I have looked into because I find them interesting. If you actually read my post you might notice that I mention ways that MS could stop copied games from working.

  3. “rebel says:
    April 21, 2009 at 11:46 am

    For starters, you are PIRATES. You steal software from those who work hard all day to bring it to you. Piracy is stealing and is a felony. There is no way you can justify it. If you don’t like their prices or business practices, then you simply don’t buy their product.

    Here’s thought you dipshits, why don’t you just go buy the game you want, play it and enjoy it.

    I hope that you are all caught and get felony records, thereby ruining any employment opportunities you have in your futures.”

    Rebel, everyone has a right to think and say as they wish, but before you spout off your mouth, did you ever consider not everyone is a pirate, and everyone has a right to learn? How is it breaking the law practicing a hobby that allows you to get better?
    Sadly I feel sorry for you, you seem very narrow minded, but I reckon you do some research before you start to paint everyone with the same brush.

  4. Wow, rebel. That’s a bit of a rash generalisation.

    Ever thought that xorloser is just interested in the copy protection system, and how it works? Just likes a bit of harmless hackery, just for something to do?

    If we’re going to start generalising, then I’ll say anyone who keeps venting about how piracy is stealing is an idiot, and you’re a grade A example. Piracy is copyright infringement, not theft.

    Similarly, studying and documenting a copy protection system isn’t piracy. So kindly piss off.

  5. Pirates?….. Arrrrrrrrrr shiver me timbers…

    In the uk for example, you are legally permitted to make a backup of EVERY game you own, and use the backup legally provided you own the original disc.

    But that is besides the point, no harm in research is there?

    Perhaps you shouldn’t assume things?

  6. I can’t believe theres still retards out there who think piracy isn’t stealing, Jesus Christ…

  7. Pirates will never be stopped noobs!

    Pay for your games all that you want, but the hackers will always be one step ahead. Even if this disk check works, it won’t stop it completely.

    Hackers have already upgraded a new version beyond the one currently working for the newle disks that include the 3rd layer update that allows for them to boot games directly from the harddrive. Yeah…. there’s nothing Microsoft can do do stop us.

    Unfortunately for those who stand strong behind their pathetic morals, you’ll have to continue your jealous and angry attitudes towards the pirates, because they are UNSTOPPABLE, and will ALWAYS be one step ahead. Plus the smart ones never get caught, so FUCK RIGHT OFF!

  8. “rebel says:
    April 21, 2009 at 11:46 am
    For starters, you are PIRATES. You steal software from those who work hard all day to bring it to you. Piracy is stealing and is a felony. There is no way you can justify it. If you don’t like their prices or business practices, then you simply don’t buy their product.

    Here’s thought you dipshits, why don’t you just go buy the game you want, play it and enjoy it.

    I hope that you are all caught and get felony records, thereby ruining any employment opportunities you have in your futures.”

    If you care about the biz then go ahead and buy it. Theres no need for you to come and flame the ones that do it. A pirate, wow, cool word. Why should you pay for something that you can get free. Bleh, laws are meant to be follow, bend and broken. The way that I see it, you buy a game, and that makes you 60 bucks poorer, the pirate finds it around, and well, he will only pay a couple of cents on the Electric bill, and a few cents a disc. I call that surviving.

  9. It appears this has turned into a pro-piracy vs anti-piracy debate. The post is about this new disc type and its associated checks. If you have something related to this to comment on please do so. I will not approve any more off-topic comments and I may go back and remove the existing off-topic comments (which seems to be all of them heh)

  10. I buy all my games, but I love figuring things out, and there is nothing more interesting than the xbox 360. Don’t forget that Microsoft have been beaten when it comes to piracy, so discussion should be open about holes in their security so they have a better chance next time around.

    Pirate, learn before you speak. 3rd layer update <—- no, that would be 3rd wave, not third layer… The reason the new disc format would not boot on ixtreme was not because of AntiPiracy2.5 being implemented host side, but because ixtreme firmwares do a crc check on the video partition. Since nxe was added to the video partition, it changed the crc, and so discs were rejected.

    ap2.5 is not just the disc format and c/r related, part of it is already done. Additional drive pairing was implemented, it compares the osigs from a cert in the keyvault to the results from the drive and if it fails there’s a security violation. The other part of ap2.5 does involve extra challenges, a file in the nand and live.

  11. Ive backed up some of my original xbox games succesfully and ill state that the “3rd wave” check doesnt render the xbox game useless.. the only thing you cant do then is go onto xbox live.. Not that you should using a Copied game to start with anyways. The NXE update is inserted into the split video partition… confusing the whole “stealthing” progress of the disc.. Your game will still run even if the checks fail.. Just dont blame MS if you end up getting banned for trying to pull a fast one

  12. …”The reason the new disc format would not boot on ixtreme was not because of AntiPiracy2.5 being implemented host side, but because ixtreme firmwares do a crc check on the video partition. Since nxe was added to the video partition, it changed the crc, and so discs were rejected. ”

    Yeah, you’re wrong… ixtreme does not check the video partition, xtreme does, nxe hasn’t changed anything in respects to how the game boots (exept for the download game option). I have used backed up games (and on live) for almost 12 months… ixtreme can boot all of the three waves of games (only 1.51). So “H” maybe you should ‘learn before you speak’… you don’t burn games so how would you know if they boot

  13. You’re all speculative idiots.. this ‘new thing’ is simply the NXE update being included within the video partition on newer games, and ixtreme pre-1.51 won’t boot anything that doesn’t match wave 1/2 (these new video partitions are wave3, and I think if there was any sort of new protection, c4eva would’ve found it).

  14. \Caleo says:
    April 21, 2009 at 9:54 pm

    You’re all speculative idiots.. this ‘new thing’ is simply the NXE update being included within the video partition on newer games, and ixtreme pre-1.51 won’t boot anything that doesn’t match wave 1/2 (these new video partitions are wave3, and I think if there was any sort of new protection, c4eva would’ve found it).\

    If it was related to the wave 3 checks then C4eva wouldn’t have posted this in IRC.
    FIFA 09 xblive log in a few hours, more then!

  15. Caleo : You are underestimating Xorloser…

    Xorloser : Thank you for the information, it was explained in a simple way :)
    I hope that some of you will find a trick so that the fight will never end (fot the sake of art)

  16. The only way they will be able to do a challenge/response that will work to stop the copies is at the FW level with the drives.

    Since disk will always have to come from a master, there is no way to change it for every disk. Unless your the MPAA who watermarks movies and that cost A LOT.

    The new Fifa patch may be for a boot off HD patch? Anything that is going to combat ‘backups’ will be a system patch not a software update.

    Software updates will combat certain exploits but that is irreverent because there are ways to mod the 360 with out using dvd media.

  17. I’m pretty sure the newest update for FIFA 09 was only to enable Ultimate Team mode…..

  18. Ok, I’m a little confused. Are you saying that a backup of FIFA09 will NOT boot on current iXtreme after it has downloaded a patch from XBOX LIVE? That’s what it sounds like… And if that’s not the case and it DOES still boot, I’m curious to know how you discovered this.

    Any info would be awesome.

    Thanks

  19. How this could even be implemented. Most of this will be rehashing what xorloser has already stated in the blog post, so my apologies for that in advance. If the valid response is not on the disc, then how will the system authenticate? xorloser offered up two theories, but I see flaws in both of them.

    1. The first theory is that the responses could be downloaded from Xbox Live, and then stored on the system’s onboard flash. I really don’t want to see this happen, and frankly I don’t think it will. This sounds like an internet connection to your Xbox 360 would then be REQUIRED to even play games that you have purchased. This would be a public relations nightmare. We have already seen how bad the DRM policies of the Xbox 360 have affected legitimate customers. People who purchased content on Xbox Live and had their systems fail on them, and there was no way to transfer their licenses. It wasn’t even possible until the media put some pressure on them. A DRM scheme requiring an internet connection to even play games would be even worse.

    2. The other theory, which seems more plausible, is to have a small title update included on each game disc. This title update would install the new responses into the flash. The problem with this one is what authorizes that update? You got yourself a chicken-and-egg scenario with that one, and you haven’t bolstered your security at all.

    So I don’t know where they are going with it, and I don’t understand it enough to make any guesses, but if anybody feels like chiming in on my comments, I would love to be enlightened.

  20. 1) chris: With absolutely no respect, you’re wrong. Why do you think ixtreme1.51 was released, ask c4eva yourself, wave 3 was discovered and 1.51 was the result. I’m not going to sit here and fight about who knows more, because I will win, and you will not. Hopefully xorloser will control your idiotic posts.

    2) Let’s get 2 things straight here. Xorloser knows more than c4eva, and c4eva doesn’t know everything. I know that first hand. A lot of the info he gets is from other people, who he doesn’t thank (*shakes fist*) I really hope this discussion stays technical, there’s enough of these idiots infecting every other part of the xbox scene.

    3) Apparently juan doesn’t know what burst cutting area is, or that this isn’t 1996. Also, the exploit only works on a very small number of consoles, if you have a a console that doesn’t have memcmp updated to compare by word, but that leaves out a lot of consoles.

    4) This protection is not new, as xorloser said. It has existed for years but has just not been seen to be implemented. Everything is there in the kernal, hypervisor, and most, but not all, drive firmwares.

  21. Interesting reading..

    Im confident the cat n mouse game will continue for many years to come,

    I do not promote or condone the use of piracy however there is only a small percentage of users actually using pirated games on xbox live and i think its funny watching them pouring money at a problem that appears to only affect a small amount of people,

    It would seem that only Jasper and Opus owners are affected, unless theres data stored on the hdd for upload upon connection, rarred up the entire stealth database is only a few MB, so its plausible…

    Good luck to all the guyz… C4eva, Textbook :D, Maximus, SeaCrest, and the crew :)

  22. yay another newb posting here. bAN01TgAZ nobody cares that you have access to the stealth db, that has nothing to do with this so brag elsewhere.

    The people you meantioned don’t understand ap2.5. Also, it’s not just jasper/opus owners affected by this.

  23. Can anyone comment on the new Call of Duty: World At War Update? Could this be possibly unlocking some new anti-piracy measures? or is it just a simple update?

  24. First of copyright is a civil issue not criminal, so rebels argument is just plane wrong not to mention a complete fantasy from his ignorant of not understanding imaginary property laws. He should look at the law before he tries to instil his ignorant narrow ant humanity views.

    Oh by the way don’t like hacks get the hell off the internet, that’s a bloody hack you evil swine.

    Now back on to the good stuff,

    Very interesting xorloser, so by your findings you think that this already implemented from as early as 2008 games very interesting.

    My thought on this was what about specific defects on games withy respect to have different detects (globally) for each game which would but the ownerness on host.

    Microsoft defiantly have a interest in this if what I have seen is true to no next gen to 2013 (makes sense with this current climate).

    This would certainty bugger things up.

  25. I don’t play PIRATE game.
    But i very wish can play homebrew soft in my ps3.
    So nice job. Xorloser

  26. I definately support the general tinkering and messing around of games and video consoles. How different is it from the kids who look at what makes a car work?

    However, the problem with supplying certain details is it allows others to do exactly what you may not want them to do (hacking/pirating).

    Despite what people think, it does effect others. Demigod is a good example I can think of, where pirating may very well ruin/destroy the game. When 18,000 out of 120,000 are the only legit users, it doesn’t help make the game last.

    People seem to think that piracy will never really hurt things, when it really can. Especially those small companies who try to make their own games for systems (like WiiWare). People pirate those and download them for free, and without enough money the company doesn’t produce anymore.

    It’s the same with the homebrew stuff. Yes, it’s nice to make your own things. However, the people who made the programs possible do so, knowing fully that the majority of people are going to use it to get around things and cheat. Though it’s funny they blame the companies in charge and expect them to fix it, instead of trying to do it themselves.

  27. I think the term ‘competitive’ can have different meanings to different people. There are competitive people who strive for that thrill of competition when things are close, neck and neck, and live for those moments.

  28. You wrote: “current Xbox360 dvd-drive hacks work since the challenge/response pairs are stored in the security sector on the disc, […] So if a hacked dvd-drive receives an unknown challenge it will not have the correct repsonse to send back, therefore the authentication will fail and the copied game will not boot.”. Also, the original discs work because “the drive sends back responses to these challenges based on information on the disc in the dvd drive”. So I wonder – why can’t the hacked drive do the same – send the response not from a precomputed table, but based on the information on the disc. I assume that the copied disc is not a 1:1 copy of the original (as otherwise no firmware hacks would be necessary), but the hacked firmware could account for the (known) differences, couldn’t it ?

  29. “So I wonder – why can’t the hacked drive do the same”

    Because the copied disc is lacking the information required to perform these checks. The missing information is over many many sectors, and the checks can be done over any range of sectors, so in order for a hacked firmware to be able to replicaet these checks, all the missing data from the “many many sectors” would have to be stored somwehere that the disc can access it.

  30. “all the missing data from the “many many sectors” would have to be stored somwehere that the disc can access it.”
    So why not just store it? Does the original disc have larger capacity than the dual layer dvd copies? Or is reading of this “missing information” problematic?

  31. It is a combinaion of two things:

    1) There is data in areas of the disc that are you cannot write to on a blank burnable disc.

    2) There is data that you cannot write with a burner

  32. One thing I am left wondering is how can such a disk be possible. What I mean by this is if there are no specified pairs, then how will the disk “verify” a check for these hidden checks?

  33. I would ask you this then Xorloser..

    If this data can not be written, then can it not be read from somewhere else? Of course it can, but I guess the rub is a “practical” way. Couldn’t a modchip of some sort, with some memory on it, intercept the challenges and return the correct value from it’s own memory? Obviously this would be kind of tiresome, having to constantly update the memory based on what game you are playing (if it could not hold all the challenge information; I don’t know how large it is), but I wonder if a direct connection could not be established between say an external hard drive or something of the type and the chip that would preload the correct responses before the game itself is booted. Or if sent dynamically over LIVE, grabbed straight from the mobo?

    I was wondering your thoughts on this; I am very interested in this kind of thing

  34. is their anyway to downgrade to a older dash?kernel? i read something about either soldering a resistor or the mb .. or putting some solder on it somwere.. cant find it now .. lol …

    been playing my burnt copy of halo 3 mythic(odst disc 2) since before it came out… on line… every day… till today….

    seen all this info.. and not gonna risk the hammer till the new fw comes out… wanted to take a few banned machines and mess with them though..

    they are real cheap now 😀

    also .. heard you can reprogram the flash .. or nand chip somehow to replace “keyvault” file from clean box(no video or no audio boxes now have a use). .. and get back onto live… anyway… you guys rock..

    thanks for taking time to help (sarcasm)HORRIBLE(sarcasM) hackers like me …

    FREE THE WORLD>.. FREE INFORMATION

  35. It is signed by Microsoft so you cannot alter it. Perhaps you can replace it with a different signed console id from another xbox however.

  36. Very interesting stuff here :-) First of i only have a clean xbox no hacked stuff but i find the reading very interesting.

    To those that rant about that its wrong and that this kind of info promotes piracy. Dont you think that these bloggs and sites are monitored bu the companys ?? So this info actualy help companys like MS to make there systems even more secure 😉 So in the end its a “win/win” situation for everyone.

    Us(That are generaly interested) – Have something to read
    Pitates – Can play backup games
    MS – Can make the box more secure

    So keep the info coming :-)

  37. Sorry to revive the issue but, Xorloser I was wondering if you have re-visted this ‘issue’ snce the Xmas bannings? Do you think they were perhaps a direct result of silent implementation of DVD-XGD2.5 and that current users of LT are fooling themselves if they think they wont be flagged to banned next Xmas?? Or do you think it’s possible C4eva has been monitoring Nand/live originated challenges and has these responses coded into LT (I see only vague mentions of ‘checks found’ in his latest update)

    PS: Everyone should be able to implement their right make backups of their own originals. -Sorry but I had to comment-

  38. @Rebel

    Heres a thought, Go take English lessons then come back to us when you can grasp the basics, thanks.

    Obvious troll is obvious.

    Oh and this shit comes around every year. Until the new dashboard is out nobody knows shit and it’s all just pure speculation.

    Best advice – Don’t fuck around with the beta dash, hold off on burning new discs (especially Fable 3 as that seems to be the main culprit at the moment) until the update is rolled out and hold off on updating until you can see what the fallout is.

  39. Pingback: Xbox Dashboard NXE 360 Update 2.0.12606.0

  40. “Why don’t you freaking buy games”

    Buying the X360 is already expensive enough, for those who have parents that are minimum benifits, 65euro’s a game is more then expensive enough. And seriously the developers work all day? Well I dont care if they don’t get a NEW JACUZI FOR FUCK SAKE!!! Back off, I’m a pirate and I’m PROUD OF IT! Besides that I won’t be console banned because,

    1 I’m extremely precautious, I’ve taken every single known step that I could to ensure that I wont be banned.
    2 I’ve done allot of research and I consider it safe as long your not a jelous, unpatient and retareded moron
    3 With my experiences of cracking lot’s of Adobe software and Flightsim addons, I’ll alway’s fucking know what I’m doing.

    Believe me what the developers charge for 65euro a game is way beyond the limit it should be, they’re making 400% revenues for FUCK SAKE. Fuck them, fuck everyone who critizes Piracy, it’s just a fucking way of life. And if I could safely… I would pirate hardware a long fucking time ago.

    FUCK YOU ALL ; )

    The Seadragon consumes them all!

  41. Pingback: New protection confirmed in the Kinect dashboard

Leave a Reply

Your email address will not be published. Required fields are marked *