So the Xbox One has been hacked into. Bypassing security restrictions, the hacker was able to access another person’s account without knowing the password.
Embarassing news for Microsoft, don’t you think? Here’s what makes it worse. The hacker in question was a five year old.
Kristoffer Von Hassel clearly observed his father on his Xbox, and wanted to do the same. He managed to log into his father’s Xbox Live account, and circumvent all the security measures through a simple loophole concerning the password.
So how did the little guy go about the hack? Well, his father put a password on his Xbox Live account to prevent his son from accessing it. The kid started off trying something into the password box to access the account, which contains games. Normally, the Xbox Live account is programmed in such a way that if a user types the wrong password, he/she is taken to a second screen for verification. When Kristoffer saw the screen prompt him to fill in the password again, he only filled it with spaces. On doing so, he found out that the Xbox One allowed him to access the account!
Unfortunately, as Kristoffer celebrated his discovery by playing games on the account, his parents caught him. They realized that the game he was playing was one that they did not give him access to. Then his father, Robert, asked him to demonstrate how he managed to get in. He then recorded a video of his son, and submitted it to Microsoft.
Little Kristoffer was initially nervous that his father was going to find out what he had done. But he seemed excited about that fact that he had breached the security measures of one of the best companies in the world.
The kid, from San Diego in the US, has been credited with the title of ‘security researcher’ by Microsoft through his action, which brought the company’s attention to the glitch. As if that was not enough for the little boy, the company sought to reward him for reporting the ‘major security loophole’ in the Xbox One. They gave him four free games, a cash amount of fifty dollars, and a 12 month subscription to Xbox Live. This was an amazing prize, given what it actually took for the boy to simply access the account!
Microsoft issued a statement in this regard, which said, “We’re always listening to our customers and thank them for bringing issues to our attention. We take security seriously at Xbox and fixed the issue as soon as we learned about it.” And true to their word, the password issue was resolved, promptly.
The proud father, a researcher working in computer security, said that this feat was not the first in ‘hacking’ – Kristoffer had previously managed to access his parents’ smartphones, despite the toddler lock they had.