Submitted by CustardTrout 167d ago | news

5-year-old Ocean Beach boy exposes Microsoft Xbox vulnerability

A five-year-old boy who worked out a security vulnerability on Microsoft's Xbox Live service has been officially thanked by the company. (Microsoft, Xbox 360, Xbox LIVE, Xbox One)

Alternative Sources
« 1 2 »
joeyisback   167d ago | Trolling | show
windblowsagain  +   167d ago
Wow that's a very basic error.

But it's not a backdoor.

A backdoor is something put in by programmers, so they can access security that's been added on later.

That's more like a complete screwup.
ASTS_1992   167d ago | Off topic | show | Replies(2)
One_Eyed_Wizard  +   167d ago
Exactly. The kid's pretty good too. I guess his young age enables him to think outside the box but he does seem to be a natural when it comes to security... according to his father at least.
frostypants  +   167d ago
My guess is he did it by accident...but it's still very impressive that he realized what he had done and kept doing it whenever he wanted to play those games. Too bad the poor kid got caught...the recognition comes with the fact that he can't pull this stunt anymore...LOL. Hopefully dad gives him some gaming time as a reward.
Ritsujun  +   167d ago
Don't give up, MS!!!!!!!!!
CrazedFiend  +   167d ago | Funny
It IS him.
He is "The One"
3-4-5  +   167d ago
Crazed-^ that made me laugh harder than it should lol
Sheikh Yerbouti  +   166d ago
"M-M-Morpheus..." Thinking of Keanu's lines in Matrix tickles my inner giggle.
fr0sty  +   167d ago
Brief off topic rant: Alright N4G, the ads with sound that play automatically, and re-enable their sound as soon as the next ad rolls... That's some bullshit right there. This isn't examiner. If you have to blast loud commercials through my speakers every time I come here, I may have to stop coming here.

On topic: Microsoft... security... are any of us surprised a 5 year old cracked it?
air1  +   167d ago
Umm... surprised? A little.. now if it was sony then it would have been no surprise at all.
sungam3d  +   167d ago
3 words

Ad Block Plus
BakPAin  +   167d ago
Yes, I am surprised! You act as if it gets hacked all the time or something!
fr0sty  +   167d ago
You guys act like Microsoft has a long history of secure operating systems that don't require constant patching to fix massive security vulnerabilities...
ITPython  +   167d ago
@fr0sty - Wow, people still deal with ads on the net? Firefox + ABP with EasyList filters + NoScript = ad free internet.

Heck, even with ABP disabled I still see no ads on N4G thanks to NoScript.

You need to get with the times man, and I sure HOPE you still aren't using IE, lol.

OT: Pretty cool this kid figured this out, although I am surprised he gave up his secret! When I figured stuff like this out as a kid I kept it to myself so I could enjoy it!
#2.4.5 (Edited 167d ago ) | Agree(3) | Disagree(1) | Report
ITPython  +   167d ago
This is an interesting security flaw, I wonder if all it takes to get into somebody's account now is to know their email address used for that account, then use the same process this kid did.

Would be funny if this guys account gets 'hacked' since it clearly shows his accounts email address in the pictures, lol.
Back-to-Back  +   167d ago
Gotta love the terrible programmers at Microsoft. They offered me a job last summer and lucky for me I was able to turn it down because I got a better offer from another famous company.
Eddie20101  +   167d ago
Microsoft often say after all we are a software company at the end of every sentence has made a boo boo in there software that was meant to keep someone from accessing an account, it was broken by a five year old child, very simply I might add.

The little boy is cute and very smart, but should this be taken as a ahh moment.
mrmarx  +   167d ago
gov spying you want links?
barb_wire  +   167d ago
Nice they gave him some games and 1yr Live.. but considering the size of a security hole he exposed.. they were a little cheap.
vallencer  +   167d ago
They didn't have to give him anything. That's what's wrong with people now a days. You'll get rewarded for doing something or finding something that isn't supposed to be there but the rewards aren't enough. Everyone always wants more.
adorie  +   167d ago
He didn't have to tell them a damned thing either.

It goes both ways,and before you try to play the "some one else would have came along" card, they didn't.
frostypants  +   167d ago
Some people would have been tempted to leak this tidbit on a hacker forum and watch the chaos unfold. A reward is justified. That said, I think what they got is fair...though a small "scholarship" for the kid's future education would have been a nice touch.
#3.1.2 (Edited 167d ago ) | Agree(11) | Disagree(0) | Report
nix  +   167d ago
it's like a kid returning your wallet which you lost because the wallet had your address in it. you gift him something (as a token of appreciation) because he valued the content in your wallet.

the kid could have just taken the money off the wallet and bought something for himself. why should he be bothered about your papers/money/id cards in your wallet?

you can evaluate the situation and have an option of saying just "thanks" or give him something.
GT67  +   167d ago
50.00 and year subscription not bad for child curiosity.

but cracking security for cell phone by holding "Home" is special at age of 1
#3.1.4 (Edited 167d ago ) | Agree(0) | Disagree(0) | Report
Sheikh Yerbouti  +   166d ago
The pride he gave his father is priceless though...and I'm sure his father had something to do with MS being informed and the story getting out, good way to get his security company's name out too.

Me? I just wouldn't let the lil' prick play my XBox anymore and be done with.
#3.1.5 (Edited 166d ago ) | Agree(1) | Disagree(0) | Report
ZombieDust  +   167d ago
Didnt have to give him a damn thing... And assuming the 4 games he got were full price games, he got $350 in gifts, that's pretty generous.
#3.2 (Edited 167d ago ) | Agree(26) | Disagree(13) | Report | Reply
Cathyvon  +   167d ago
Exactly! It actually was a little more than that but you are right!
ZombieDust  +   167d ago
Lol self entitled children are quick to hit that dislike button... I only say this because I am truely curious as to why you disagree and how you became a self entitled brat...
RustedMan  +   167d ago
Hell, I figured Microsoft would throw in a five dollar coupon to Subway, not 350 dollar prize...
GeofferyPeterson  +   167d ago
Lol! Funny as fu€k!
raWfodog   167d ago | Trolling | show | Replies(3)
grailly  +   167d ago
The security hole isn't that big...It's just logging into a local account, basically logging into the account of someone in your family.

It could be a problem in case of stolen or sold xboxs I guess...
frostypants  +   167d ago
Excellent point.
Belasco  +   167d ago
And what would you suggest he receive? A scholarship? A million dollars? A new car?
DFogz  +   167d ago
A small scholarship fund would have been nice.

A lot better than giving a 5-year old a bunch of games when his dad was trying to get him to stop playing them in the first place.
Sheikh Yerbouti  +   166d ago
I think four games and free XBL for a year is plenty for a five year old. Plus it is a good start for he resume...

March 2014 - April 2004 Independent security consultant for Microsoft's XBox Live.

Aug 2014 - June 2015 Kindergarten.
aragon  +   167d ago
i agree he shoula got a console and accessories and a year of live and xbox music
maddskull  +   167d ago
It's xbox live support so I think that it is a miracle they gave him something
GUTZnPAPERCUTZ  +   167d ago
air1  +   167d ago
They gave him $300 in games and live and through in another 50. How much more they should have given the 5 yr old?
TheSaint  +   167d ago
'cheap' and 'MS' are synonymous.
ShowGun901   167d ago | Trolling | show
MASTER_RAIDEN  +   167d ago | Funny
this is why i choose to pay for xbox liv----

mezati99   167d ago | Trolling | show
svoulis  +   167d ago
Although this is a very obvious error and Microsoft shouldn't have let it get through, it was awesome of them to do what they did for that family. Even the smallest motivation can change that kids future.

Kudos to the Son and I am sure that the father is more than ecstatic over the entire thing.

4 Free games a 50$ Giftcard and a year of Gold is a great gift for that.
Cathyvon  +   167d ago
So is his grandmother ;-)
True_Samurai   167d ago | Off topic | show | Replies(1)
ONI5  +   167d ago
Waiting for the memes on this kid as the greatest hacker alive.
Codewow  +   167d ago
What a beast. Figuring out how to break locks at such a young age. If he continues to follow his father, then he is going to be one badass hacker when he's older. No scripts for him.
MasterCornholio  +   167d ago
Wow this kid is amazing. I wonder how good of a hacker he will be when he grows up.

P.S Im not saying that he hacked Xbox Live but the article mentions that he discovered vulnerabilities in other devices.

Hope he becomes a white hat.
Vitroski421   167d ago | Off topic | show
Speak_da_Truth   167d ago | Trolling | show | Replies(1)
XiNarutoUzumaki  +   167d ago
10 years of millions of people pay $70 per year for "maximum security"

and a 5 year old finds a flaw
Belasco  +   167d ago
I have paid $35 to $40 per year for the past 7 years, why would you throw out a number like that?
air1  +   167d ago
How else is he supposed to convince him self? Lol
ArmrdChaos  +   167d ago
He'll run this account into the ground and make yet another account. Thus the way of N4G...need more bubbles...make another account.
MASTER_RAIDEN  +   167d ago
guy is not just "throwing out numbers"

first off, nobody cares that youve only been buying it for 7 years because xbox live didnt launch the day you decided to buy it. its not about you. xbox live came out in 2002. so thats 12 years that people have been paying 50-60 dollars a year at least. secondly, not everyone buys their live access for the same price that you do either. honestly most people i know have picked up a 30 dollar 3-month card at one time or another. that means theyre paying well over 60something dollars for xbox live even if they bought a year card right the 3 month expired.
Narutos numbers make perfect sense. good try though.
XiSasukeUchiha  +   167d ago
Just you wait Naruto another 5 year old will find another flaw jk jk but seriously good work for finding this vulnerability.
vikingland1  +   167d ago
Life time of Xbox live and 4 games and $50 should've been the reward. I mean it saved thousands maybe millions of accounts.

But I'm sure the boy is tickled that he got 4 games and $50.
razrye  +   167d ago
Ha ha ha xbox security bypassed by a 5 year old.
wtopez  +   167d ago
Hmm. Smart Kid. Good on him.
BG11579  +   167d ago
Just saw the video. MS actually did good.
But now we know why there are so many updates. ^^
#18 (Edited 167d ago ) | Agree(0) | Disagree(2) | Report | Reply
e-p-ayeaH  +   167d ago
That was a pretty easy hack lol
REALZILLA  +   167d ago
If you ask me they got off cheap. That could have been really big deal. Like RRD BIG. I see a $50k scholarship for this kids. Not even 1 percent of what it would do to repair the reputation of the company. Can't believe it.
JohnS1313  +   167d ago
At least $10,000. I see companies give people more than that all the time for finding bugs. I'm surprised nobody ever found this bug. I wonder if it was around as long as Xbox Live?
Milesprowers  +   167d ago
What is Xbox?
swishersweets20031  +   167d ago
you got to be kidding me.
Rivitur  +   167d ago
Kid was tired of playing kinect titles and wanted to join his kindergarten class on COD.
kriauciuniux  +   167d ago
But really why are we hiding these things from kids?
wannabe gamer  +   167d ago
If he was over 18 they would have tried to go after him and say he was a hacker and ban him for exploiting no doubt lol
Bonerboy  +   167d ago
That's real nice of MS to hook this kid up with some goodies.
mjk45  +   167d ago
MS should have given him a PS4 and paid for PSN and let him loose .
iliimaster  +   167d ago
lol good read that dad must be proud of the little man i would
DefenderOfDoom2  +   167d ago
great story ! maybe he will a great game developer in the near future!
JohnS1313  +   167d ago
Microsoft should have given the kid $10,000 for finding this. Use it for a scholarship. That was a really careless bug.
Howard_Beale   167d ago | Spam
« 1 2 »

Add comment

You need to be registered to add comments. Register here or login
New stories

Review Fatigue

16m ago - Andrew takes a look at how review influence has changed for adult gamers. | PC

On Gaming Journalism Scandals and Where to Go From Here

16m ago - Ray Porreca of Entertainment Buddha writes: "From a simple ethical standpoint, this is inherently... | Culture

eGamer Podcast 98: Double Crunch Of Destiny

1h ago - Recorded 16 September 2014, this is episode 98 of the eGamer podcast. Topics discussed this week... | PC

Final Fantasy Type-0 HD Gets Dual Language Tracks in All Releases

2h ago - Hardcore Gamer: Prepare for plenty of options for your Final Fantasy Type-0 HD language tracks, r... | PS4

Destiny The Game

Now - Explore Mars, Rediscover Venus, Reclaim the moon, Protect Earth. Become Legend. The wait is over! Destiny is now available to play, Pick up your... | Promoted post

TGS 2014: Day 1 – Booth Staff Gallery

2h ago - Parallax Play: "The Tokyo Game Show has begun it's 4 day long event for another year, showing off... | Culture