URL : http://www.theregister.co.uk/content/54/30627.html 9 May 2003 'Banned' Xbox hacking book selling fast By [39]Kevin Poulsen, SecurityFocus Posted: 09/05/2003 at 09:32 GMT Hacker-engineer Andrew "Bunnie" Huang says he's already pre-sold between 400 and 500 copies of his self-published tell-all "Hacking the Xbox: an Introduction to Reverse Engineering," weeks before its scheduled May 27th publication date, despite -- or perhaps because of -- looming suspicions by some that the book skirts the edges of legality. "It' s about getting the book out there on principle, because I can't find a publisher willing to publish it," says Huang. "I think it's controversial, but not illegal." With chapters on "Soldering Techniques" and "Installing a Blue LED," Huang's how-to may not seem an obvious candidate for joining Huckleberry Finn and Harry Potter on history's sad list of once-banned books. But Microsoft, the maker of the Xbox, has taken a dim view of home modifications of the game console, focusing its litigious ire in particular on "mod chips" that allow Xbox owners to run software that Microsoft hasn't approved and licensed. With a mod chip installed, users can run everything from virtual juke boxes to the Linux operating system on the game platform -- as well as pirated copies of Xbox games. Last year, a Microsoft lawsuit temporarily shut down the Hong Kong-based company Lik Sang, which sold mod chips over the Internet. And last month, mod chip entrepreneur David Rocci was [40]sentenced to five months in federal custody for conspiracy to violate the Digital Millennium Copyright Act. Rocci was the proprietor of a U.S. website that sold mod chips and helped users locate pirated copies of Xbox games to run on their modified machines. Huang says his book describes some types of mod chips -- explains how they work, and what lessons they offer designers of secure hardware platforms. For example the "Matrix" chip installs solderlessly over a test port manufacturers left on the Xbox motherboard. "You don't leave these test structures on the motherboard, if you want it secure," says Huang. Another chapter helps readers replace the machine's firmware -- a mod chip trick used by sophisticated pirates and tinkerers. "They can be used by the pirating community, and they can be used by the Linux community -- so that one chapter that talks about firmware devices plays to the Linux community," says Huang. "I believe that should be a legal activity." DMCA Fears The book also revisits a technique that cemented Huang's reputation as a hardware hacker last year, which involves building custom hardware to intercept an encryption key as it crosses the Xbox's internal high-speed bus. To avoid legal complications, Huang published his research paper on the technique only after receiving permission from Microsoft, negotiated with the help of EFF attorney Lee Tien. "To get the paper published in the first place we had to negotiate a legal mine field," say Tien, who went on to contribute a chapter on the legalities of reverse engineering to Huang's book. But Huang didn't get Microsoft's blessing for Hacking the Xbox, which goes beyond discussing a single hacking technique. The book aims to teach readers how to think like a hardware hacker, using the internal secrets of the game console the way a med school teacher uses Gray's Anatomy. With the boundaries of federal copyright law, particularly the DMCA, unclear, Huang says tech-publishing house John Wiley & Sons got cold feet and withdrew its plans to publish the book sometime after Rocci's guilty plea. Wiley didn't return phone calls on the matter. Unable to find another publisher, Huang elected to sell the book himself through the Web. He dug into his own pockets to fund a print run of 1,000 books, which he says will be delivered to his home later this month. "It'll be only a matter of two weeks when a pallet of books comes to my doorstep," he says. "Every book will be boxed by my own two hands." Huang began accepting credit cards through his [41]website this week, after already selling nearly half of his initial print run through a PayPal account. He says he's barely reached the break-even point. "He's not going to make a huge amount of money," says Tien. "He thinks that it's worthwhile stuff. That it's interesting, and it's teaching people." "Mainly, at this point, it's boiled down to a political battle, for the freedom to tinker," says Huang. "For my entire life I've been playing with hardware. This is the first time someone's told me I can't play with hardware because it's illegal." Related story [42]MIT grad student shows how to read Xbox security key" [reg_bullet.gif] [43]Cash'n'Carrion Reg Shop [44][hardhome;area=hardhome;pos!=2;sz=160x600;tile=1;abr=!ie4;abr=!ie5 ;ord=100054?] 41. http://hackingthexbox.com/