TR Member Perks!

After the vicious DDoS attacks from Lizard Squad to PSN and Xbox Live ruining christmas day for a lot of people, today a group called H4LT leaked on twitter a mega link containing the November version of the Software Development Kit for Xbox One, opening the road for developers to make their own homebrew apps for the console.

After a few hours, H4LT also leaked the documentation for the SDK on the same twitter account.

Bear in mind that this leak will not let anyone mod their consoles or release their own software for the system. To release an application or game on the Xbox One, you still need to go through Microsoft’s official publishing program. But it will surely allow people to fumble with the SDK and possibly look for vulnerabilities in the system.

The Tech Game managed to have the guys from H4LT to answer some questions about their motives of these actions. They claim to do it to encourage the spread of creativity and allow progress to be achieved faster. They hope that releasing the SDK to the public, will be the first step towards homebrew applications being present on the Xbox One. They also claim to have other leaks to release in the near future but do not offer much detail on those.

This new hit on Xbox One bears no dire consequences for the users like recent other attacks did. Still, it means that Microsoft will have a good deal of headaches to deal with starting the new year.

What’s your opinion on this leak? Does the possibility to use independent homebrew software on the Xbox One justify this kind of actions? Will it bring harm to the brand? Tell us in the comments.

EDIT: H4LT dismissed the claims to be an hacking group. The article has been edited to reflect that. When responding to articles saying that they posted the following:

Luigi Savinelli

Staff Writer

Gamer since I can remember and now writer for your enjoyment. Can't say more. Those games will not play themselves

  • Zepid

    The SDK will allow quite a few things, namely the ability to perform test emulation. If you run your ethernet from your modem to your desktop where the SDK is installed, then from a secondary NIC out of your desktop and into your Xbox you can use the Neighborhood functionality. To get emulation working though you’ll need to bridge your connection from the Xbox to the PC though on upstream. And neighborhood can alternatively be used if you have discovery enabled and you’re both on the same subnet.

    This will allow Watson to run which can reveal nifty debug information about a game and even allow you to bypass crashes or bugs that normally occur in shitty games like ASSCRUD Unity.

    It will also allow you to record video, take screenshots, capture dump files, bypass gated functionality (like levels later in game) and even emulation of the actual software on your desktop with the help of the HV on the Xbox.

    You can also use NEWT/NETMON to manipulate packets and network data, or capture it.

    That just scratches the surface. Microsoft’s Xbox One/Xbox 360 SDK is awesome. Just don’t do anything malicious with it please.

    This talk makes me nostalgic of my console development days. Exciting job, but not very stable.

    Edit: That said, I wouldn’t download a leaked tool in this way. You’re almost certainly going to get maliciously modified components. I would avoid it like the plague. Microsoft won’t provide you with the md5 hash so you can check it yourself for consistency.

  • Timothy Lastovica

    As long as Microsoft’s security policy isn’t security through obscurity then I see this helping people that want to homebrew more. After all users with malicious intent were probably the ones that obtained this and have been using it for a while.

  • Alexander Turro

    Back to the good old days of the original xbox. Leaked sdk means that applications developed with the sdk are technically illegal or something of that nature – so in the old days, there was the digital equivalent of finding a secret building and doing a secret knock. You had to go on irc, private message a chatbot a secret code, to which it would respond with a temporary username and password, which you would then use to log on to a secret ftp server, where your password would last long enough to download a single homebrew application.

    So… yeah, if this pans out, that’s probably how this shit is gonna work.