Xbox live certificate accidentally published.

ASSEMbler · Dec 9, 2015

https://technet.microsoft.com/en-us/library/security/3123040?f=255&MSPPError=-2147217396

XboxSurgeon · Dec 10, 2015

Interesting...

rso · Dec 10, 2015

In b4 eejits going all "omg live's borken!1!". That cert seems to be "only" for the website's https connection, no online (as in game) services are likely to be affected at all. Also note there's no Xboxen listed amongst the affected software.

ddxcb · Dec 10, 2015

rso said: ↑

In b4 eejits going all "omg live's borken!1!". That cert seems to be "only" for the website's https connection, no online (as in game) services are likely to be affected at all. Also note there's no Xboxen listed amongst the affected software.
Click to expand...

the xbox one will probably auto update the Cert and that be the end of the attack.

doulomb · Dec 10, 2015

LMAO, while its obviously not a big deal in terms of the potential damage, this is a key management failure on par with sony's ECDSA rng goof.
how the hell do you accidentally release the private keys for a certificate like that lmao

-doulomb

rso · Dec 10, 2015

> auto update on xbone
Well, that's also true for the Windowses, and they did list those.

> how do you even...
Stupidity, plain and simple. Just look at all the private info on github. SSL keys, user credentials in versioned config files, hardcoded credentials in source code...

Lukew · Dec 12, 2015

Log in or Sign up

Xbox live certificate accidentally published.

ASSEMbler Administrator

XboxSurgeon Site Supporter Since 2013

rso Familiar Face

ddxcb Gota J.T.A.G. That Xbone Yo.

doulomb Robust Member

rso Familiar Face

Lukew Rapidly Rising Member

Share This Page

Log in or Sign up

Xbox live certificate accidentally published.

ASSEMbler Administrator

XboxSurgeon Site Supporter Since 2013

rso Familiar Face

ddxcb Gota J.T.A.G. That Xbone Yo.

doulomb Robust Member

rso Familiar Face

Lukew Rapidly Rising Member

Share This Page

Useful Searches