More from Free60 Project: XCP and Hypervisor details

' Gprime recently sniffed the network traffic to/from the Xbox 360 and noticed that everything downloaded from xbox live arcade is done as a (encrypted) .xcp file. It's done so over an HTTP (unencrypted) protocol on port 3074. '

Some details about these files have been posted on the Free60 wiki:

It's been found that Xbox360 Live Arcade downloads files with the extension .xcp over unencrypted http on port 3074 for content distribution.
- They appear to have no headers and be symmetrically encrypted. (This information from conversation in #free60)
- It may be possible to use the avatar downloads to glean more info about the file format.
- The communication is pure http and you can redirect traffic to a local webserver, however it does checksum the file

- Content downloaded with licenses are locked to a 360 at purchase
- Box A downloads trial
- Box B can run the same downloaded trial
- Box A upgrades trial to full
- Box B can only run in trial mode (if available)
... read more

Angerwound said these .xcp files are probably the same format as the ones used on the XBOX1 Content System (XCP):

Basically, they are an encrypted .cab file. XBOX1 downloads these from MS to the cache partitions and then extracts/installs the content.

There are a few SDK applications that create these archives such as 'BuildOffer' or 'XLast'. I'm sure some research into those applications would result in how to extract these little packages.

Some details about the IBM sHype Project (Secure Hypervisor) have also been found on IBM.com:

sHype is a hypervisor security architecture developed by IBM Research, in various stages of implementation in several hypervisors. sHype is designed and developed in close collaboration with the IBM Systems and Technology Group. Our main goal is to provide a secure foundation for server platforms, providing functions such as:
- Strong isolation, mediated sharing and communication between Virtual Machines.
- Attestation and integrity guarantees for the hypervisor and its virtual machines.
- Resource control and accurate accounting guarantees.
- Secure Services.

Earlier information told us the Xbox360 CPU has a hypervisor that verifies the running state of the kernel, making sure there is no modification (RAM checksums), else the Xbox360 panics and blows up! All interrupt/exception handling is done by the hypervisor.