This is one of my favourite security talks of all time www.youtube.com/watch?v=U7Vw... One of the principles it really emphasizes is that if you want to design a secure system, you need to *expect* that any individual component could fail, and plan accordingly. - ThreadSky

retr0.id • 509 days ago

This is one of my favourite security talks of all time https://www.youtube.com/watch?v=U7VwtOrwceo

One of the principles it really emphasizes is that if you want to design a secure system, you need to *expect* that any individual component could fail, and plan accordingly.

Comments

plc.joncaruana.com•509 days ago

Makes sense. Tony Chen is one of my favorite coworkers of all time although our paths haven’t crossed much since the Xbox One days.

retr0.id•57 days ago

A second thing it emphasizes is that, when it comes to hardware security, basically anything can be broken *for a certain cost*

The goal is not to make the system unhackable in absolute terms, but to make sure practical exploitation costs more than an attacker would stand to gain from it

ashwinm.com•57 days ago

This is true for *all* security, not just hardware! The great metaphor: burglars could break down your door if they really needed to; the point of a lock is to make them choose a different house.

retr0.id•57 days ago

for cryptography, in theory, we can make the costs exceed the amount of energy available in the universe, which is for all intents and purposes impossible

(in practice is of course another question...)

retr0.id•509 days ago

It would still be a good talk either way, but notably, the Xbox One has never been meaningfully hacked

johnnyc.bsky.social•509 days ago

I hate that you posted this on a holiday afternoon when I'm at the club with family, so I can't watch it rn =p

catovitch.bsky.social•509 days ago

I bet part of the secret to never having your console DRM broken is ensuring the console has no titles that aren’t also on PC. Microsoft are playing 4D chess here.

retr0.id•509 days ago

This is definitely part of it - also the fact that there's a developer mode.

catovitch.bsky.social•509 days ago

Just thought: It could be useful to unlock the backwards compatibility and upscaling stuff (or even port it to other platforms). Still the best way to play some old exclusives.

mjmtools.com•509 days ago

"Physical attacks" reminds me of this security anecdote - I had the pleasure of working with Charles (RIP) for a few years after college, he was a genius

jadedse.bsky.social•509 days ago

I saw a talk about this at BlueHat a few years ago, there was some amazing stuff there.

gilda.rest•57 days ago

Steils Xbox hacking talks are also great.
One of the oldest hour long videos(afaik) on YouTube is one of them:
https://youtu.be/uxjpmc8ZIxM
https://youtu.be/6fOjGLCctEY

gilda.rest•57 days ago

There /are/ 2 links here.

gilda.rest•57 days ago

Mmmm consistency

retr0.id•57 days ago

oof

gilda.rest•57 days ago

Wait lmfao

gilda.rest•57 days ago

https://youtu.be/uxjpmc8ZIxM?si=TJ9lqt4M7QFQFwnT
Yeah you can totally just paste one link, remove it, and then paste another and the meta stuff doesn't get recalculated???

thomasnet.bsky.social•56 days ago

The sheer audacity of Microsoft doing this talk shows how well they understood how embedded security should work.

thomasnet.bsky.social•56 days ago

1- What you've said
2- Provide an official platform for homebrew
3- Have less incentives to pirate on your platform by having less/no exclusives
4- Discourage piracy teams thanks to 2 and a massive legal team as a deterrent

johnandersen777.bsky.social•57 days ago

Another fun physical security talk:

https://youtu.be/oHf1vD5_b5I

Comments

Posting Rules

Reply