In their rush to launch the Xbox 360, Microsoft had some trouble getting its act together. One of the consequences of this was uneven distribution of demo discs to retailers. In fact, it looks like they were so rushed that they accidentally released an unsecured disc — one that can be ripped, read, traded, burned and played in consumer 360s without any special hardware or cryptographic measures.

I couldn't say whether this will provide the exploit that cracks the 360 wide open, but it looks very promising. The next step will be for hackers to hollow out the files on this disc image, inserting their own code and using it to expose the machine's secrets. Something similar happened with the Dreamcast — it's a Pandora's Box kind of situation. If I'm reading the situation correctly, I'd expect to see some significant developments occur very quickly.

On the other hand, this is the kind of exploit loophole that can probably be closed in future hardware revisions -- which we'll no doubt see, given the machine's current bugginess. If I had to guess, I'd say this'll let crackers get their foot in the door on the 360's launch, but that door will be slammed shut sometime soon thereafter.

UPDATE: Nevermind. The code is signed, it's just that the "media flags" have been turned off, telling the machine it's allowed to play the content from a burned DVDR. So the executable files still can't be changed — but it has been confirmed that at least some of the media files can be. Now the trick will be to see whether any of the executables are susceptible to buffer overflow exploits inserted into the media assets. I believe XB360 uses some kind of virtual environment to prevent overflows, so I'm not particularly optimistic about this.

Analogy time: there's a man in a locked room who does nothing but read books. We want to make him do what we want. Normally the room is locked (content cannot be run from writeable DVDs because of the media locks). Now, suddenly, the room is open. But we still can't harm or influence the man (the executable code is cryptographically signed). All we can do is replace what he's reading (unsigned media files). Most of the time he'll read our replacement books and say "this is gibberish"; sometimes he'll read them, take them in but not be seriously affected. But if he has some sort of mental defect (programming error) and can be upset by just the right combination of words, we can reduce him to a blithering mess (buffer overflow) and get him to do our bidding (run arbitrary code).

Needless to say, the odds on a) him having this weakness and b) us finding it are rather long. But it's possible.

Creepy analogy, I know, but it's the best I could come up with.