The MS service team must/or should at least be able to connect to the x360 for diagnostics, right?
What if they use a similar pcb like anonymous did, to run some infosoftware on a repairstation-PC reading the memory from the x360. Similar to a connection where u can flash the old xecutor2 chips via paralelport.
Anonymous maybe found a debug-thing in konkong and DID tell the x360 to turn into debug/devkit/analyse mode where u can send data to the x360 wich are daisychained to the AVoutput.
Im a noob in hacking so in short:
He needed the Laptop to get some kind of bufferoverflow/debug mode on the x360 via the pcb from the laptop and sent the OSx/linux video from the laptop to the AVoutput of his x360...
Quite possible, except the 'daisy-chained to the AV output' part... There's definitely some custom code running on the 360, the image is not coming from his laptop.
If I'd have to take a guess, I think a combination of 2 things might have happened. 1) Someone found a way to disable/trick the hypervisor to disable memory monitoring and mandatory encryption of executable code. This would be the part of the hack working through the debug port he's accessing with his laptop. 2) A shader exploit was written which overwrites some memory used by the King-Kong demo with the screensaver thingy. This only works with the hypervisor disabled. The modified shader is already on the King-Kong disc he's booting.
When the King-Kong disc has booted to the menu he sends the required bootstrap commands to the debug port, which disables the hypervisor and maybe forces the CPU to a specific part of the KK executable. From there the exploited shader is invoked which overwrites some unused part of main memory with his 'screensaver'. Last but not least the CPU is instructed to jump to the unsigned screensaver code. Of course this is just speculation... Maybe the hack doesn't even use a shader and he just uploads executable code directly through the USB interface... But then I cannot explain what the KK disc is used for...
Either way, I'm getting more and more convinced this might be real... It's going to be interesting times for sure. The big question is: if it's real. will the hole be plugged before the new 360 models are ready? I think if MS knows about the nature of this breach it would be pretty easy to just make the required changes to the new 60nm CPU design that's coming... Or just blow the debug interfaces completely after manufacturing...