QUOTE(barloue @ Nov 23 2007, 03:01 PM)
is it possible that they arnt detecting us in this way at all but are actually reading the firmware. wouldnt say it is impossible as they want us to think that it is the games to stop people figuring out the right reason cause they are busy trying to figure out the games. couple of reasons
1. WE can dump the firmware onto our flashing devices so why cant they?
2. A lot of people that have been banned (including mysel) reported that thier xbox was on even though they knew it was turned off. in most cases it went on for a few seconds restarted then went on again for another few.
so is it possible that the first time was to set the xbox into mode B (like we do) but in their own way and were able to restart it and read the dumped firmware. automated computer doesnt recognise the firmware as original , resets the dvd drive back to normal and bans the xbox.
I myself leave my ethernet connected all the time as does my brother and we are both banned. know 2 people who werent banned and it just so happens that they dont leave the cable in when they dont use it.
so suppose we need to know who got banned that DOESNT leave the ethernet in when not in use or who got banned while using the xbox.
if that is the case then couldnt we just leave it disconnected when not in use so they couldnt do that?
just a thought
1: Several reasons.
Always keep in mind that despite the variation of hardware, the xbox360 is still ONE console. Microsoft, and their IT department, for both legal and practical reasons have to treat that console as a individual, and not a mixed and matched hardware prototype.
What this means, is that all of their practises, whether it be a xbox live update, features, or security implementations MUST be done consecutively for ALL hardware. The method MUST be universal.
Methods of detecting firmware are different for each drive. Some of them are impossible (at the moment) from a console side, because the code simply does not exist in the kernel. Yes, these things HAVE been looked at, very carefully. We can also log any debug commands that are sent to the drive (manufactorer cdb unlock cmd e.g.) to see how the console interfaces with the drive. This is how we have 'logs' for xbox live. This is how we see the commands that are being sent to the drive.
Now, considering that, you would need to find a universal mean's to capture flash data from each vendor's hardware. With the samsung, benq, and hitachi v78/v79 they have walled themselves in. Their own securities that were an attempt to prevent us from reading and writing to the flash, will prevent them from accessing their own hardware. Keep special note that the way WE do it, is not a traditional means. It is a specific *vendor* command (thats right, NOT microsoft code, vendor) that will allow us to unlcok. In order to use that command, microsoft would either have to own the rights to that code, or broker a special agreement with the vendor to use it. And, coming from industry standards, that will NEVER happen. No vendors will give another company their secrets, or permission to use for any reason.
That is why microsoft is currently doing what they can, reading specific disc information (Disc size, SS, DMI, PFI) and matching it against a database of known checksums. Each disc when goes to gold will be pressed. Each master press will give a different SS, possibly different DMI. Some games (halo 3 for e.g.) have up to 8-10 different variations of presses (different SS/DMI/PFI combinations). These values are recorded and stored by microsoft, and utilized as checksums against the logging methods via xbox live.
I personally believe that the criteria is very complex, and that in some situations the banning is automatic (i know a guy who saw 4 friends banned at the same time) and in some situations likely analyzed by a team before pressing that 'ban hammer'
In regards to your "2" reasoning. I have absolutly NO idea whatsoever what you are rambling about. The entire thing is false. Please dismiss such notions, as they are entirely untrue.
QUOTE(BenJeremy @ Nov 23 2007, 03:02 PM)
Quite true. At least two of the more recent "releases" needed fixes, so I'm sure COD4 is not the ONLY culprit, and there may have simply been a timed check of the game, a procedure sent downstream when the game "checks in" to Live. The "waves" thing is indeed a smart tactic, and everybody needs to keep in mind that they are using this tactic - your ban has little to do with what you are doing at the time of the ban, and not getting banned for some is a big "YET", not a sure thing.
It is most likely that your Xbox 360 gets "tagged" by the server at one point in time, followed by a ban at a later point in time. This is done to create disinformation in the ranks fo the underground, and obfuscate the real trigger. The first thing that needs to be established is if Microsoft found a way to detect hacked firmware directly, or if they are using an indirect method.
As I stated last time this happened (The "First Wave"), bannings of people using MS28 drives pretty much precludes direct detection, since Firmguard prevents accessing the firmware on a normal Xbox 360 - it's essentially a black box. It was subsequently determined that Microsoft was accessing the game discs in such a way that revealed, indirectly, that the firmware was hacked, and the game disc was not original.
Primarily, "Round 1" exploited non-stealthed discs, and a quirk in the Hitachi firmware that gave up the special sectors in one big "fetch" that should have not worked (a bug that exploited both the quirk in the firmware and the unique sector layout of the backups). Since then, we've gotten the iXtreme firmwares, which protect against much of this.
The missing piece, however, is that backups cannot be perfectly validated without a database of some sort to insure they are "perfect" data copies of the originals, at least as far as anyone accessing it through a hacked drive can tell... as I stated in a previous post, no firmware can validate this, because it would require a large database that gets updated with new releases, and there's no practical way of doing this in firmware (and firmware cannot access the internet, so an online database is not possible).
Lately, the release groups seem to be incredibly inept. If they can't do the job right, they should stop doing it altogether, because it seems like every other release is NOT a data perfect copy of the original. It might be that Microsoft planted these bad releases themselves or it might just be that the moron making the backup is incapable of drooling without his mother's help. Whatever the case, if you need to backup your games, use your Xbox 360's drive to do it, or get a Kreon (with a couple more models added, there's no reason not to have one). Microsoft knows what the correct data CRCs are, they can easily use signed code downloaded to your system to check it against the disc you are running, and only your diligence and care can prevent Microsoft from detecting you.
Yes, I think that COD4 is definitly not the only 'recent' one that may have mismatching data. Also, most of the 'groups' that release such things do use the SH-D16x drives, but there ARE things that can cause complications, and alter data. If anydvd is running, it will cause the drive to freak out. Reading too fast can throw errors, etc.
PS- Nice to see you around
QUOTE(getRAWed @ Nov 23 2007, 03:13 PM)
The CoD4 my friend downloaded from the scene passed all checks in Schtrom.
Read what ben said. He explained it thoroughly enough.
QUOTE(grillo2k3 @ Nov 23 2007, 04:56 PM)
They cant check the game data (crc) it would take to long for them to check plus the log is the same they are checking the same things PFI SS DMI the only thing thats f'ing things up is that the DMI PFI & SS are mixed and dont match the retail copy also I would like to know if you use the stealth files from one and use them in a other game would it still boot i.e. cod4 stealth in a AC game?
Yes and no. I cannot go into full details, because i simply dont want to hand MS information as to how the firmware works. They can make their IT department disassemble it to find out whats going on.
You can use a valid SS from any release, and your game should boot. However, there ARE checks between dmi, pfi and video that will not allow you to boot if there are descreptancies.