It would be nice to see rewards that scale with severity. Ultimately they did accomodate me by sending a gift card I can use instead of coupons I would likely have given away, so I appreciate that. Most companies don't offer me anything!
I am an experienced C# / .NET Windows desktop developer of more than 15 years with an interest in file systems, reverse-engineering, and security. Some of my recent security disclosures have been front-page news on major media outlets such as Automotive News[1] and TechCrunch[2].
Currently seeking new opportunities in the C# / .NET and/or security space.
It takes in the RSA signature, SHA data hash, and RSA key type.
Key types are: XE_PIRS_RSA_KEY = 0x0, XE_LIVEDRM_RSA_KEY = 0x1, XE_DEVICE_RSA_KEY = 0x2 (this is the Sata verification key), XE_XSIGNER2_RSA_KEY = 0x3
It uses key type to load the corresponding public key from memory at static addresses, then verification takes place.
Glad everyone enjoyed the writeup! I have several more interesting writeups planned, including a significant hack disclosure (not Xbox/gaming related), so keep an eye out (:
I have received other requests for this. I thought about it when I redesigned the site, but didn't think people really used RSS that much anymore. I have it on my list to implement (:
The dash is one of the last things loaded on the nand. At that point all the critical stuff has been loaded. They also had to compress the dash for storage on the nand, or else the file system would have went beyond capacity.