| Prologue-README.1ST | p. 1 |
| The Video Game Console Market | p. 2 |
| About Hackers and Hacking | p. 4 |
| The Politics of Hacking | p. 7 |
| The People Behind the Hacks | p. 11 |
| Voiding the Warranty | p. 15 |
| Tools of the Trade | p. 15 |
| Tools to Open Things Up | p. 15 |
| Tools to Attach and Remove Components | p. 17 |
| Tools to Test and Diagnose | p. 18 |
| Tools for Design | p. 20 |
| Deconstructing the Xbox | p. 22 |
| Safety First | p. 22 |
| Remove Case Screws | p. 22 |
| Remove the Top Cover | p. 24 |
| Move the Disk Drives | p. 25 |
| Remove the Disk Drives (Optional) | p. 28 |
| Reassembling the Xbox | p. 28 |
| Thinking Inside the Box | p. 31 |
| Reading a Circuit Board | p. 32 |
| Circuit Board Basics | p. 32 |
| Components | p. 34 |
| Test Points | p. 39 |
| Xbox Architecture | p. 40 |
| High-Level Organization | p. 40 |
| Functional Details | p. 42 |
| CPU | p. 42 |
| Northbridges and Southbridges | p. 45 |
| RAM | p. 46 |
| ROM | p. 47 |
| Odds and Ends | p. 48 |
| Pattern Matching | p. 48 |
| Comparison: Xbox Versus the PC | p. 49 |
| Contrast: Xbox Versus the Gamecube | p. 50 |
| Installing a Blue LED | p. 53 |
| What You'll Need | p. 54 |
| Removing the Xbox Front Panel | p. 54 |
| Removing the Front Panel Circuit Board | p. 58 |
| Installing the Blue LED | p. 59 |
| Reassembling the Front Panel | p. 63 |
| Debugging | p. 65 |
| Building a USB Adapter | p. 67 |
| Starting Materials | p. 67 |
| Strategy | p. 69 |
| Implementation | p. 69 |
| Replacing a Broken Power Supply | p. 73 |
| Diagnosing a Broken Power Supply | p. 74 |
| Replacing the Power Supply | p. 76 |
| Strategy | p. 77 |
| Procedure | p. 78 |
| Building the Xbox Power Cable | p. 78 |
| Installing the Replacement Power Supply | p. 84 |
| Operating with the Replacement Power Supply | p. 85 |
| Debugging Tips | p. 86 |
| The Best Xbox Game: Security Hacking | p. 89 |
| First Encounters with a Paranoid Design | p. 90 |
| To Snarf a ROM | p. 90 |
| An Encounter with Microsoft | p. 92 |
| Analyzing the ROM Contents | p. 93 |
| A Brief Primer on Security | p. 101 |
| Who Needs Security, Anyways? | p. 101 |
| A Brief Primer on Cryptography | p. 104 |
| Classes of Cryptographic Algorithms | p. 105 |
| SHA-1 Hash | p. 109 |
| TEA | p. 111 |
| RC-4 | p. 113 |
| RSA | p. 114 |
| The Rest of the Picture | p. 116 |
| Reverse Engineering Xbox Security | p. 119 |
| Extracting Secrets from Hardware | p. 119 |
| Eavesdropping a High Speed Bus | p. 122 |
| Tapping the Bus on a Budget | p. 122 |
| Building the Data Logger | p. 129 |
| Determining the Bus Order and Polarity | p. 131 |
| Making Sense of the Captured Data | p. 131 |
| Sneaking in the Back Door | p. 137 |
| Back Doors and Security Holes | p. 138 |
| Visor Jam Table Attacks | p. 139 |
| MIST Premature Unmap Attack | p. 140 |
| Microsoft Retaliates | p. 141 |
| Reverse Engineering v1.1 Security | p. 142 |
| The Threat of Back Doors | p. 147 |
| More Hardware Projects | p. 151 |
| The LPC Interface | p. 151 |
| LPC Interface on the Xbox | p. 152 |
| Using the LPC Interface | p. 153 |
| The Other 64 MB of SDRAM | p. 155 |
| Xbox VGA | p. 157 |
| Mass Storage Replacement | p. 158 |
| Developing Software for the Xbox | p. 161 |
| Xbox-Linux | p. 161 |
| Installing Xbox-Linux | p. 162 |
| "Project B" | p. 166 |
| OpenXDK | p. 171 |
| Caveat Hacker | p. 173 |
| Caveat Hacker: A Primer on Intellectual Property | p. 175 |
| Classical Intellectual Property Law: An Overview | p. 175 |
| Copyright | p. 176 |
| Patent | p. 178 |
| Trade Secrets | p. 179 |
| The Constitutional Copyright Bargain | p. 179 |
| The Traditional View of Reverse Engineering | p. 180 |
| Trade Secrecy and "Improper Means" | p. 180 |
| Copyright Law and the Problem of Intermediate Copying | p. 181 |
| Patent Law | p. 182 |
| New Challenges for Reverse Engineers | p. 183 |
| The Digital Millennium Copyright Act and the Problem of Unauthorized Access | p. 184 |
| Unauthorized Access | p. 184 |
| Circumvention Technologies | p. 185 |
| Navigating the DMCA's Exemptions | p. 185 |
| 1201(f): reverse-engineering for interoperability | p. 186 |
| 1201(g): encryption research | p. 187 |
| 1201(j): security research | p. 187 |
| End-User License Agreements and Contractual Prohibitions on Reverse-Engineering | p. 187 |
| Trade Secrets and the Economic Espionage Act | p. 189 |
| The Responsible Hacker: Ignorance Is No Defense | p. 189 |
| Civil and Criminal Offenses and Penalties | p. 190 |
| Reverse Engineering as "The Freedom to Tinker" and Other Legal Issues | p. 191 |
| Onward! | p. 193 |
| The Hacking Community | p. 193 |
| Hacking Fora | p. 194 |
| Making a Contribution | p. 195 |
| Trusted Computing | p. 197 |
| Taking a Step Back | p. 199 |
| Palladium Versus TCPA | p. 202 |
| Hacking the Trusted PC | p. 204 |
| Looking Forward | p. 205 |
| Concluding Thoughts | p. 206 |
| Where to Get Your Hacking Gear | p. 207 |
| Vendors for Hobbyists | p. 207 |
| Prepared Equipment Order Forms | p. 209 |
| Soldering Techniques | p. 211 |
| Introduction to Soldering | p. 211 |
| Use Flux | p. 212 |
| Starter Tips | p. 213 |
| Surface Mount Soldering | p. 214 |
| Technique for Simple Components | p. 215 |
| Technique for Complex Components | p. 216 |
| Technique for Removing Components | p. 219 |
| Getting into PCB Layout | p. 223 |
| Philosophy and Design Flow | p. 223 |
| Refining Your Idea | p. 223 |
| Schematic Capture | p. 224 |
| Board Layout | p. 226 |
| General Placement and Routing Guidelines | p. 227 |
| Leave Space for Via Fanouts on Surface Mount Devices | p. 228 |
| Decoupling Capacitors Fit Nicely Under SMD Pads | p. 228 |
| Know Your Special Traces | p. 229 |
| Circuit Boards Make Fine Heatsinks | p. 231 |
| Establish Preferred Routing Directions for Each Layer | p. 231 |
| Stack a Board with Orthogonal Layers | p. 231 |
| On Two-Layer Boards, Use Fingers to Bus Power | p. 232 |
| Hints on Using an Auto-Router | p. 232 |
| CAD Tools | p. 232 |
| Board Fabrication Companies | p. 233 |
| Sierra Proto Express | p. 233 |
| Data Circuit Systems | p. 234 |
| Advanced Circuits | p. 234 |
| Alberta Printed Circuits | p. 234 |
| Starter Projects | p. 235 |
| Getting Started with FPGAs | p. 237 |
| What Is an FPGA? | p. 237 |
| Designing for an FPGA | p. 239 |
| Project Ideas | p. 243 |
| Where to Buy | p. 244 |
| Debugging: Hints and Tips | p. 247 |
| Don't Panic! | p. 247 |
| Understand the System | p. 247 |
| Observe Symptoms | p. 248 |
| Common Bugs | p. 249 |
| Recovering from a Lifted Trace or Pad | p. 252 |
| Xbox Hardware Reference | p. 257 |
| Power Supply Pinout | p. 257 |
| Video Connector Pinout | p. 258 |
| USB Connector Pinout | p. 260 |
| Ethernet Connector Pinout | p. 261 |
| ATA Connector Pinout | p. 262 |
| DVD-ROM Power Connector | p. 263 |
| LPC Connector | p. 264 |
| Fan Connector | p. 265 |
| Front Panel Connector | p. 265 |
| Index | p. 267 |
| Table of Contents provided by Ingram. All Rights Reserved. |
