Support NeoGAF

[winjer]

Here is the video of the authors explaining the full process at the Reverse Conference.

Launched in 2013, the Xbox One's security story is often reduced to a single word: unhackable.Beneath that banner is a security architecture where every obvious target is both hardened by platform specific mitigations and disposable. Usermode, kernel, hypervisor, and system firmware are independently protected, signed, and bound to a morphing key tree, so exploiting one version does not buy you the ability to decrypt or run future updates and content. Only one piece of critical code lies outside that safety net: the tiny, carefully constructed bootrom of the Platform Security Processor, burned directly into the system's custom AMD SoC.Microsoft engineered the bootrom as a fortress. A minimal complexity, hardened core with purpose built hardware countermeasures, fault tolerant software patterns, randomized stalls, and layered runtime redundancy to maintain tight control over the earliest boot stage. As the anchor for the entire chain of trust, this code is expected to perform a measured cryptographic boot while withstanding multiple targeted glitches from a persistent physical attacker, detecting power, memory, and control flow irregularities to avoid compromise.This bootrom represents an unprecedented escalation in platform security, offering only the faintest side channels to study its execution. Every experiment becomes a patient probe: a guided reverse engineering effort stacking scraps of signal, reading the tea leaves of carefully shaped faults, and weaponizing subtle side effects to wrest control of a legendary security core and shatter the Xbox One chain of trust once and for all.When you whisper your secrets into the dark heart of the system and, for the first time in history, it whispers back, "unhackable" starts to sound less like a property and more like a challenge.

 

[GrayChild]

It took the PS5 5 years to be hacked. Xbox One was impenetrable for 13 years.

Based Phil.

 

[winjer]

Based Phil.

Not Phill. It was all due to Tony Chen.

 

[Ellis]

It took the PS5 5 years to be hacked. Xbox One was impenetrable for 13 years.

Based Phil.

PS5 required that you were on an incredibly old FW at the time it was cracked. Most users would have updated, so only a small number of people made use of it.

 

[IbizaPocholo]

Here is

Analysis Trailer Hardware  Thread 'The original Xbox One was hacked after 12 years'

Mar 15, 2026

The original Xbox One was hacked after 12 years

Microsoft's console has been approached.

ixbt.games

Marcus Gaasedelen gave a presentation at the RE//verse 2026 conference. The security researcher talked about hacking the Xbox One.

The console was released more than 10 years ago and until recently was considered by many to be "unhackable", but a loophole in the protection was still found.

The Xbox One is hacked using a hardware attack, Gaasedelen soldered wires and manipulated the voltage at certain points when the system was booting, which disrupted the execution of instructions...

• IbizaPocholo
• Replies: 2
• Forum: Gaming Discussion

 

[kevboard]

I am still wondering why Microsoft went so insanely hard with the jailbreak prevention on that system... absolutely over the top
and all while being the least interesting system to jailbreak ever, since Dev Mode exists for homebrew stuff lol.

but this is good for game preservation and eventually a full homebrew PC translation layer I guess.

 

[Zathalus]

That's some pretty impressive protection MS went with. Such a complete difference to how Windows is.

 

[Dirk Benedict]

Not Phill. It was all due to Tony Chen.

Based Chen.

 

[Danny Dudekisser]

Is it because it was difficult to hack, or because nobody cared enough to hack it?

 

[Moondoggy]

You are all free to partake in this, just remember, Papa Phil will find you.

 

[ReBurn]

I have a VCR Xbox One in a closet somewhere. I should dig it out and check this out.

 

[Pasta la Vista]

Works for Xbox one x?

 

[Bry0]

I am still wondering why Microsoft went so insanely hard with the jailbreak prevention on that system... absolutely over the top
and all while being the least interesting system to jailbreak ever, since Dev Mode exists for homebrew stuff lol.

but this is good for game preservation and eventually a full homebrew PC translation layer I guess.

Tbf each gen Xbox consoles have usually been the hardest compared to its peers. A lot of that just comes down to MS being a software company. They have experts on staff just due to the nature of what they do and everything on the OS side being done in-house.