Print

[ej2095+1]

I fried a benq drive (Talking about black smoke etc)

So i took the drive apart to have a look at the damage black cooked chip.

So I thought what the hell will send back to Msoft to see if they would replace the drive (and they did was amazed)

Anyways it came back with a new lite on drive (Fantastic)

It came back with the original mobo ( as i had doodled on it with a UV pen)

So I am wondering if there is a :-

Large database with the console serial and the corrospnding key that exists?

Or

The repiar guys have a way to extract the key from the mobo??

[ToBbErT]

Im not 100% about this one but im pretty sure they just read the key from the mobo.Most likely they have programs and hardware to decrypt everything and read the key.

[ej2095+1]

QUOTE(ToBbErT @ Mar 31 2009, 03:03 PM)

Im not 100% about this one but im pretty sure they just read the key from the mobo.Most likely they have programs and hardware to decrypt everything and read the key.

Wonder why no info has been leaked out from these places yet....

[ToBbErT]

Well my info could be completly false.If there was such a method like i explained i also think it would have allready been leaked out.

[ej2095+1]

Would still be intresting to find out exactly how they replace drives etc etc..

We need an insider lol

[ToBbErT]

Lets kidnap an employee  

[torne]

When the console is manufactured, it is plugged into a network on the production line somewhere and booted up. The hypervisor notices that the CPU key is unset, and enters a special mode for factory programming: it connects to a secure server over its ethernet connection and then generates a CPU key and the other keys stored in the keyvault. During this process, it basically communicates all this information to the server in the factory: the result is that MS probably have a big database of what console serial number has what keys.

[ej2095+1]

QUOTE(torne @ Apr 1 2009, 01:16 PM)

When the console is manufactured, it is plugged into a network on the production line somewhere and booted up. The hypervisor notices that the CPU key is unset, and enters a special mode for factory programming: it connects to a secure server over its ethernet connection and then generates a CPU key and the other keys stored in the keyvault. During this process, it basically communicates all this information to the server in the factory: the result is that MS probably have a big database of what console serial number has what keys.

And i bets that one hell of an encrypted server!! (Hang on its a MS server)

That would be a very handy list to have

[kaneda_77]

Hmmm, I wonder.

How many lights displayed when you fried ur drive? So they just replaced the drive?

I pulled my working system out and sent back one that the original drive was lost to. (The case was also painted over and warranty void)
I got back a system that has the serial coded to the mobo/drive that matched the case. I was surprised that since they can do that, they should be able to read that the mobo that I sent in, didn't match the case. Consequently, I have 2 systems showing the same s3rial.

The tech's at M$ have been very generous to me, I have no complaints.



Torne,
My understanding was that the mac address was the id that they link the keys to, serial numbers would have to be changed when they swap out motherboards on their refurbs/fixes. Of course, I am only guessing, but it seems like linking it to the serial number wouldn't make sense for the reason that they are changing and having to go back to adjust them.

[xbox360dude]

QUOTE(ToBbErT @ Mar 31 2009, 08:10 PM)

Lets kidnap an employee  

best Idea I evr heard  ......wait...why not kidnapping jolly old Bill himself...or the bold headed morons made RROD....jolly good......

[torne]

QUOTE(kaneda_77 @ Apr 3 2009, 01:52 AM)

My understanding was that the mac address was the id that they link the keys to, serial numbers would have to be changed when they swap out motherboards on their refurbs/fixes. Of course, I am only guessing, but it seems like linking it to the serial number wouldn't make sense for the reason that they are changing and having to go back to adjust them.

I can't see any reason why the MAC address would be used for this; the MAC would *also* change if you swap out the motherboard, since the default MAC of an ethernet interface is programmed in at manufacturing. But, I didn't say the serial was necessarily the ID they use: they probably have *all* the per-console data for every console recorded. There are loads of unique identifiers on the console from various places, some of which can be changed and some can't: the serial number, MAC address, CPU key, DVD key, Live key, various keys used for signing local content, etc.

[kaneda_77]

Yes, I suppose that is true. But the MAC address could have the drive and key tied to it before reaching a console/serial number. Which means that off the line, they would have that unique identifier even though it can be changed. I forgot that I changed my mac address on my psp a while back, i forgot that they could be changed.

what's the live key and where do i find it. I am going to compare my 2 "like" boxes to see if there are any differences.

[torne]

No, the factory set MAC address of an ethernet controller generally can't be changed. Software can set the MAC to anything it likes at runtime, but the actual address in the controller is normally one-time programmable or at least requires an undocumented procedure to change. The PSP plugin that changes the MAC just sets it every time you turn it on.

Associating the drive with the ethernet controller would be weird. Why would you do that? The drive key is in the keyvault; so are all the other keys; it's going to be those.

The Live key is the key used to authenticate to Xbox Live via MS's weird not-quite-Kerberos implementation. This is the key that you get banned by. All the per-box keys are in the keyvault, encrypted with the CPU key.

[ej2095+1]

so there for teh hardware does exist along with the software to alter the keys etc etc ....

Time to take a trip to germany repair plant get some ski masks lol

[torne]

MS can change all the keys except the CPU key if they want to, yes.

The CPU key can't be reprogrammed once it's set because once each efuse is blown it can't be reconnected, and it must have an equal number of 1 and 0 bits to be valid. As long as you know the CPU key, you can replace the keyvault with any other set of keys you want.