Xbox 360 Forensics (part 2)
Lately my blogging energies have been redirected into my study, namely a communications plan and a research proposal.
The communication plan was for a persuasive communications class and the aim was to be able to devise a plan that could realistically alter the attitudes (and hopefully the behaviour) of an audience, it was a fascinating exercise that I don't plan on repeating any time soon. It turns out that I'm not much of a public relations hand and while I think I grasped the theory writing up a viable strategy for a hypothetical situation was harder than I expected.
More relevantly the research proposal is for my upcoming final project (dissertation?) and it involves creating a tool to automate the extraction of useful information from an Xbox 360. Seriously I didn't come up with the topic —my supervisor suggested it— isn't that awesome? So I've been spending a lot of my time reading xbox modding forums and reading the few bits and pieces in academia on the topic.
Things that I learnt:
- The xbox 360 is easier to access than the original due to a lack of ATA security lock down
- There is an xbox file system that is mostly just a clean up of FAT
- The xbox 360 uses a big-endian version of this operating system due to its PowerPC architecture
- People go to great lengths to install homebrew operating systems and play pirated games
- There is a lot of information that might be accessible via someone's xbox
- Most Windows users use a defunct program called Xplorer360 to read/write to xbox 360 file systems
- For Linux the choices are a BSD example implementation uxtaf.c or x360 a GPLv3 FUSE driver
- Actually there's a kernel driver available too if you're into that kind of thing
In the mean time, watch this Google Tech talk about the Xbox and Xbox 360 security systems: