When a new console comes out, especially one as high-profile as the Xbox One, it’s not uncommon for its designers to post a reward for anyone who is able to hack its system. This way, the designers can discover security risks as quickly as possible.
They don’t usually expect these discoveries to come from 5-year-olds.
Last week, CNN reported that Kristoffer Von Hassel of Ocean Beach, California, had accidentally discovered a back-door entrance to his father’s Xbox Live account. By entering a string of zeroes into the password verification screen (which appears after your first wrong attempt), Kristoffer was able to trick the advanced gaming system into letting him into his dad’s account. His parents noticed him playing games that were off-limits. After Kristoffer came clean, they filmed him performing the glitch and sent the evidence to Microsoft.
Coincidentally, Kristoffer’s dad Robert Davies works in online security. Instead of being angry, he was impressed. “How awesome is that!” he told local news station KGTV. Apparently, this isn’t the first device Kristoffer has managed to hack. As a toddler, he got past a smartphone’s lock screen. “Just being 5 years old and being able to find a vulnerability and latch on to that,” Robert went on, “I thought that was pretty cool.”
“From the ease of the backdoor which Kristoffer found it is most probably a development backdoor which company’s [sic] usually put for developers and testers,” reported security and hacking site Tech Worm. “From the looks of it, the Microsoft engineers forgot to remove the backdoor while launching the service.”
Microsoft released a statement saying, “We’re always listening to our customers and thank them for bringing issues to our attention. We take security seriously at Xbox and fixed the issue as soon as we learned about it.” Then they gave Kristoffer $50 and a year-long subscription to Xbox Live. It’s not quite $100,000, the amount that Microsoft announced last June it was willing to provide for hackers who were able to find security weaknesses in its newest console, but it is a nice gesture. To sweeten the deal, they also listed Kristoffer as an official security researcher on their website.
High-five, Kristoffer! I look forward to your inevitably prestigious career.
Barring secret back doors, setting up parental controls on your Xbox One is pretty simple. Click here to see how to do it.