Major Nelson, aka Larry Hryb, Director of Programming for Xbox Live, lost control of his XBL account over the weekend when it was infiltrated by a dumbass. Oh, this is so, so good.
Is "Eckth Boxth" really so poorly secured that a guy with pubic hair for brains could take over a high-profile account? And isthis "hacker" (assuming this video is legit)really as massive an idiot as he seems?
According to a 2008 interview with Stephen Toulouse, Director of Policy and Enforcement for Xbox LIVE, supposed XBL "hacks" are actually achieved primarily through social engineering:
"We have not found any software vulnerability gaps that allow this to happen. In each case, we've been able to trace back to the attacker having gathered enough information on [his target]."
If that's the case, Hryb was being careless with his private information, or Microsoft's support crew needs some serious retraining.
"Looks like this was very specific and very targeted to Major. I'll look into the details and report back later,"said Toulouse via Twitter,which seems to confirm that a largersecurity hole isnot the issue. But if thehead of programming at Xbox Live can't keep his account secure, how arewe meant to?
It's a double win for us: Microsoft looks ridiculous, andwe get to point and laugh at"Lightzz." It's funny that he tries to sound like a badass while using Windows and struggling to understand his screen recorder, but it's hilarious that he exposed all of his personal information in the process of bragging. His website, lightzz.com, is publically registered, which means that he should probably start looking for a lawyer. (According to his YouTube profile,he's a Russian bodybuilder who injects himself with testosterone. This is probably not true, but makes it even funnier if it is.)
We'll update if we receive any more information about the nature of the security flaw which caused this.
Mar 29, 2010