Mostly computer security, Internet culture, and information warfare. Mostly.
Tuesday, January 4, 2011
Xbox 360 Forensics: Part 1
My research activity is coming to a head and I thought I'd let you all know how it is going. My early explorations were plagued by a plethora of hardware and software failures. The Xbox 360 thoughtfully provided to me by my University had a damaged hard drive which took me longer than it should to diagnose because I had to eliminate my procedure and imaging equipment as possible sources of errors. My setup is a little weird since I'm studying on the road, I'm using an Ubuntu virtual machine on my Dell Laptop and a cheap Xbox 360 -> USB hard drive connector and I was worried about issues arising from the level of indirection. The error that manifested was quite strange, the first 40Gb or so of the image would copy fine and if copying in a reverse order the last 40Gb would also copy fine. I tried imaging from the host OS, tried using a different USB adapter and even directly attached the drive using SATA. My tentative conclusion is that the middle platter of the 120Gb drive was damaged and any reads on it would fail. During this stage I voided some warranties (always fun) and learnt that inside the fancy casing Xbox 360 hard drives are standard laptop drives. I replaced the pictured drive with a 60Gb drive from a local games store and I was in business. A quick: