Five-Year Old Boy Exposes Xbox One Security Flaw

[Vegosiux]

Seriously. Didn't they read the evil overlord list?

#12: One of my advisors will be an average five-year-old child. Any flaws in my plan that he is able to spot will be corrected before implementation.

Seriously, Microsoft, one'd think that you'd account for situations like this.

 

[Adam Jensen_v1legacy]

I like the fact that Microsoft awarded the kid with all that stuff. That's some pretty good motivation for a kid to pursue a career in something technology related and to start soon.

 

[Infernal Lawyer]

I've read the evil overlord list and I agree with those saying Microsoft should have read it. That's a pretty massive flaw for noone to have noticed beforehand. Still, at the end of the day they admitted they goofed up and rewarded the kid, so credit where it's due.

Also, that kid's dad is awesome.

 

[Britishfan]

wait.... really? A series of empty spaces is all it takes to hack past the parental control? How did they not pick up on that way back when they were still testing the thing?

 

[Riotguards]

this must have been quite a serious security flaw if they gave him several games and credit

or maybe Microsoft were being generous?

 

[K12]

Not wishing to be "that guy" but the fact that the kid's father is a computer security expert makes me think this story might have been made up i.e. the Dad found the flaw and came up with the story to illustrate how glaring the flaw really is and to make the story more newsworthy and entertaining.

It's perfectly likely that the story as presented is a true account though. Besides, the anecdote isn't really that important in the larger issue of the childishly shit security so who cares?

 

[LordMonty]

Oh come on I already had to poke Microsoft over the frame rate comic Critical Miss did... but if you insist. The new captain at the helm of HMS Titanic, I mean everything Xbox just cannot miss those icebergs he's got his work cut out they just keep turning up those bad calls every week.

But seriously this console is a cluster fuck of bad calls and I really hope they start getting more positives soon(mostly for my poor flat mate who really is a ***** to Microsoft and besides Titanfall hasn't really used the machine or spoke positively about it much at all).

 

[Quazimofo]

this must have been quite a serious security flaw if they gave him several games and credit

or maybe Microsoft were being generous?

It ways maybe a couple hundred dollars worth of stuff retail (including the cash), and likely less wholesale. Considering how much more you would have had to pay someone professional to do something like this it's probably just some cheap good publicity for Microsoft.

Not that I'm trying to discredit Microsoft; it was a wonderful thing to do to reward someone like that for unsolicited contributions tot he quality of your product, and it probably made sure that this kid is going to be a world-class computer security consultant in his future. It's just not really a particularly large expense all things considered.

 

[EHKOS]

I remember I broke into a Brinks safe when I was twelve. Maybe my skills have grown too, brb.

 

[Cid Silverwing]

Getting hacked by a five year old.

I guess MS will be the laughing stock of the industry for the next weeks...

This.

How the actual fuck did an oversight like THIS go uncorrected?

 

[Lazule]

Funny.

Guess this is another reason why I'm not getting the Xbox One...

 

[Shinkicker444]

This reminds me of the Evil Overlord Rule number 12:

One of my advisors will be an average five-year-old child. Any flaws in my plan that he is able to spot will be corrected before implementation.

MS is clearly needing to expand their recruiting pool.

 

[VoidWanderer]

Apparently Microsoft missed that rule for Evil Overlords. Always let a child look at your plans to find the obvious security flaws.

 

[Knight Captain Kerr]

This kid just might be going places.

But yeah this is a pretty big flaw in their parental control system.

 

[Someone Depressing]

So, Microsoft should be hiring 8 year olds with accidental access to their parents' bank accounts in order to do their testing?

...I'd feel angry for some weird reason, but I'm too busy laughing.

 

[Daaaah Whoosh]

With a growing background in software engineering, I can say I'm not that surprised. Code is always going to have flaws, and there's probably thousands of kids out there trying to break parental controls.
Still, it's never fun trying to explain to your boss how a 5-year-old got past your algorithms.

 

[Elvis Starburst]

Well done guys. Well freakin done. This was a good read~ I am curious what this kid can do next. Also, epic dad here!

 

[Orks da best]

he hacked a phone at 1, hacked a console at 5, what next at 10? a missile silo?

Telling you, this kid is going to either be a genius, or a evil genius.

 

[Revolutionary]

What kind of five year old get's a $500 console? I had to buy all my consoles. I mean this'll be patched in the blink of an eye but still how did they not catch that, and more to the point how is it that no one else caught it until now?

 

[Storm Dragon]

"How awesome is that!" father Robert Davies told ABC 10. "Just being 5 years old and being able to find a vulnerability and latch onto that. I thought that was pretty cool."

I like to imagine that, after the father said this, his wife gave him A Look, after which he quickly added "Um, but he's still in trouble for playing those games."