5-Year-Old Discovers Xbox Security Flaw

in News.

San Diego television station KGTV reports five-year-old Kristoffer Von Hassel uncovered a flaw that would allow someone to log into a player’s profile without their password. Kristoffer Von Hassel is a 5-year-old boy who apparently exposed a security flaw in Microsoft Xbox. Result: Now he has got a job in the largest personal-computer software company in the world.
Kristoffer is from Ocean Beach, San Fransisco. His parents are quite used to seeing him play Xbox. However, it was just after Christmas 2013 when they noticed that Kristoffer logged into the Xbox Live account of his father Robert Davies and started playing from that account. Not only was he supposed to do that, but he was videotaped while he was “interrogated” by his father about his offence.
When Mr Davies asked him how he could log into his account, little Kristoffer was excited to show his father how he “hacked” his father’s Xbox Live account. Kristoffer tried logging into his father’s account by typing a wrong password. Thereafter, he was shown a password verification screen. When he pressed the spacebar and hit “enter”, he was allowed to enter his father’s account.
Mr Davies deals with computer security in his profession. He was awestruck by his son’s expertise. He said what his son did was “awesome”. He thought it was “pretty cool” for a 5-year-old to find “vulnerability” in Microsoft Xbox and exploit it.
10 News reported that Kristoffer was no stranger to tech skills. His father said that he could penetrate through the vulnerability of a system around 3 to 4 times. When he did it for the first time, he was just 1. He could dodge the toddler lock screen of a mobile phone. He did so by pressing the home key for a long time. It took him just 4 more years to get through Microsoft’s security flaw. Kristoffer said that he thought someone would steal the Xbox. The bug was reported to Microsoft.
Microsoft could eventually fix the security flaw. It also acknowledged the efforts of little Krostoffer on their Web site. His name was enlisted among the security researchers who helped the company get more secure. For his job, Kristoffer’s “salary” from Microsoft is going to be $50, four games and a one-year free subscription to Xbox Live.
The flaw was discovered after Kristoffer’s father found out he had been playing inappropriate video games on the Xbox One. When his dad, Robert Davies, asked him how he accessed the console, Kristoffer showed him the exploit. Here’s how it worked: After typing an incorrect password, the console jumped to a password verification screen. After typing the space keys a few times then hitting enter, Kristoffer was able to access his father’s Xbox Live account.
“Just being 5 years old and being able to find a vulnerability and latch onto that. I thought that was pretty cool,” Davies tells KGTV.
They reported the bug to Microsoft, and have since fixed the flaw, the company tells KGTV in a statement. They also honored Kristoffer as a security researcher on their website, and sent a gift package including free games and a one-year Xbox Live subscription.

Comments are closed.