| QUOTE (cap269 @ Mar 8 2004, 10:30 AM) |
| Troed, what you say is true. But the name of the function quoted is XcVerifyPKCS1Signature. ... Verify Signature ... not something like "send spy data to MS" ... I reiterate it is used for creating/checking online gaming transaction signatures, not hardware identification. |
If I wanted to keep something away from prying eyes, reverse engineering or similar, I would definitely name my function to something highly irrational.
The first thing people look for when snooping around is obvious stuff, like strings that could refer to a function, messagebox or whatever, in plaintext.
I mean, would you have believed in this code snippet even more if it was named something like "XBLLiveHDDDetectionToBeUsedForBanningPeopleSoon" which had a subfunction named "GetHiddenHDDInformation"?
Since almost all XBL enabled games contains various routines that sends stuff to the XBL servers, I would not reject this as bogus, nor would I believe it blindly.
But since XBL downloadable content are subject to change and executed on your beloved Xbox, MS can, and most certainly will, change it, to protect their interests both within the XBL service as well as their interest in modded Xboxes.
Regards,
L!M!T