10:54
Pokemon Go players helped train delivery robots without realizing it
10:05
New map shows which jobs are most vulnerable to AI
15:30
Security researcher demonstrates first hardware hack for Xbox One
15:00
Trump administration expected to receive $10B fee linked to TikTok US deal
08:40
X makes Grok reply feature in comments available only to Premium subscribers
13:53
Parallels confirms Windows can run on Apple’s new MacBook Neo
10:54
Pokemon Go players helped train delivery robots without realizing it
10:05
New map shows which jobs are most vulnerable to AI
15:30
Security researcher demonstrates first hardware hack for Xbox One
15:00
Trump administration expected to receive $10B fee linked to TikTok US deal
08:40
X makes Grok reply feature in comments available only to Premium subscribers
13:53
Parallels confirms Windows can run on Apple’s new MacBook Neo
10:54
Pokemon Go players helped train delivery robots without realizing it
10:05
New map shows which jobs are most vulnerable to AI
15:30
Security researcher demonstrates first hardware hack for Xbox One
15:00
Trump administration expected to receive $10B fee linked to TikTok US deal
08:40
X makes Grok reply feature in comments available only to Premium subscribers
13:53
Parallels confirms Windows can run on Apple’s new MacBook Neo
10:54
Pokemon Go players helped train delivery robots without realizing it
10:05
New map shows which jobs are most vulnerable to AI
15:30
Security researcher demonstrates first hardware hack for Xbox One
15:00
Trump administration expected to receive $10B fee linked to TikTok US deal
08:40
X makes Grok reply feature in comments available only to Premium subscribers
13:53
Parallels confirms Windows can run on Apple’s new MacBook Neo
A security researcher has demonstrated the first known hardware hack for the Xbox One.
At the RE//verse conference, security researcher Marcus Gaasedelen presented a new attack method called The Bliss Hack, which allows attackers to bypass the console’s security protections through hardware manipulation.
The Xbox One had remained effectively unbroken since its launch in 2013, meaning the console resisted successful hacking attempts for more than 12 years. The new method requires physical access to the device and involves manipulating voltage levels during the boot process to bypass parts of the security system. The attack targets the console’s boot ROM memory, a critical component responsible for verifying the integrity of the system during startup.
Microsoft originally designed the Xbox One with a strong security architecture that includes execution environment separation, virtualization, and strict control over the boot chain. At the center of the system is a hardware root of trust, implemented through a dedicated security processor developed with AMD.
The researcher focused on analyzing the console’s immutable boot ROM, which is roughly 64 KB in size, with about 19 KB containing the core boot code. The attack uses a technique known as voltage fault injection: by monitoring the chip’s power consumption and introducing precise voltage drops during execution, it becomes possible to disrupt certain instructions.
After many attempts, the researcher managed to skip a critical instruction responsible for enabling the Memory Protection Unit (MPU). In the second stage of the attack, the program counter can be manipulated, allowing control over instruction execution in supervisor mode, which ultimately enables the execution of arbitrary code within the boot ROM environment.
The Bliss Hack provides deep access to the console, potentially allowing researchers to decrypt games and system updates or run unsigned code at different system levels. However, the method is not practical for everyday use. It does not work on newer consoles such as the Xbox One S or Xbox One X, which use an updated security architecture with additional boot verification. The attack also requires specialized hardware and a large number of attempts. According to the researcher, a successful exploit occurs roughly once in every million boot attempts.
Editor’s pick
