HomeQJ.NETXbox 360The Real Score on Stealth Media

The Real Score on Stealth Media

xbox360First of all, Stealth Media is NOT firmware stealth. Reading the firmware for changes is not controlled by the firmware itself, it’s a low-level hardware function which cannot be stopped by firmware code. A last minute firmware check routine was incorporated by MS and was already found in V1, as they knew the firmware code was not signed. This check routine calculates a checksum and returns that to the host.

What Stealth Media IS about is creating a backup disc  that will appear to the Xbox360 host in exactly the same form as an original. There are four main aspects to Stealth Media: PSN Lockdown, PFI (Physical Format Information) Sector, DMI Sector (Disk Manufacturing Information), and the Video Partition.

IThe PSN Lockdown process involves two parts:

1) Before disc authentication (security sector,challenge response) is performed, the drive will only allow PSN reads that are valid, as defined in the PFI sector. This is the current standard video partition, and requests to read outside this range is not allowed. Thus, no more reading of the PFI, DMI, and SS sectors’ backup.

2) After disc authentication is performed and the drive is unlocked, only the valid PSN reads from the range defined by the Security Sector are allowed; this is the standard game partition. As in the first part, any request to read outside of this range is not allowed.

The PFI Sector (Physical Format Information) is within the lead-in and contains information about its physical format. This contains Disc booktype, start PSN, end PSN, and Layerbreak. As of the moment, all Xbox 360 and Xbox1 games have these similar PFI information. The Writable media, or backups, contains information such as Media Code/Manufacturer ID and Media Product Revision number. Requests for this information is redirected to the PFI sector now at $04FB1D (for Xbox 360 backups) or $0605FD (Xbox 1 backups). If it does not exist (pre V3 backup), a seperate embedded PFI is used for Xbox 360 and Xbox1.

The DMI Sector (Disk Manufacturing Information), like the PFI, contains information about the Disc manufacturer. This is currently different for each Xbox360 and Xbox1 game in each region. Requests for this information is redirected to the DMI sector at $04FB1E (for Xbox 360 backups) or $0605FE (Xbox 1 backups). A pre V3 backup always returns blank information for this.

When Extreme V1 was released into the market, the disc build included a blanc video partition, as it wasn’t required for games to boot. The standard Video Partition from any game is included with the stealth firmware, and this can be checked by the Xbox360 host. Stealth backups will still boot with non-stealth firmware but will make the backup detectable.

None of these extra disc checks are currently being performed, but it won’t be long before a game will.

xbox360First of all, Stealth Media is NOT firmware stealth. Reading the firmware for changes is not controlled by the firmware itself, it’s a low-level hardware function which cannot be stopped by firmware code. A last minute firmware check routine was incorporated by MS and was already found in V1, as they knew the firmware code was not signed. This check routine calculates a checksum and returns that to the host.

What Stealth Media IS about is creating a backup disc  that will appear to the Xbox360 host in exactly the same form as an original. There are four main aspects to Stealth Media: PSN Lockdown, PFI (Physical Format Information) Sector, DMI Sector (Disk Manufacturing Information), and the Video Partition.

IThe PSN Lockdown process involves two parts:

1) Before disc authentication (security sector,challenge response) is performed, the drive will only allow PSN reads that are valid, as defined in the PFI sector. This is the current standard video partition, and requests to read outside this range is not allowed. Thus, no more reading of the PFI, DMI, and SS sectors’ backup.

2) After disc authentication is performed and the drive is unlocked, only the valid PSN reads from the range defined by the Security Sector are allowed; this is the standard game partition. As in the first part, any request to read outside of this range is not allowed.

The PFI Sector (Physical Format Information) is within the lead-in and contains information about its physical format. This contains Disc booktype, start PSN, end PSN, and Layerbreak. As of the moment, all Xbox 360 and Xbox1 games have these similar PFI information. The Writable media, or backups, contains information such as Media Code/Manufacturer ID and Media Product Revision number. Requests for this information is redirected to the PFI sector now at $04FB1D (for Xbox 360 backups) or $0605FD (Xbox 1 backups). If it does not exist (pre V3 backup), a seperate embedded PFI is used for Xbox 360 and Xbox1.

The DMI Sector (Disk Manufacturing Information), like the PFI, contains information about the Disc manufacturer. This is currently different for each Xbox360 and Xbox1 game in each region. Requests for this information is redirected to the DMI sector at $04FB1E (for Xbox 360 backups) or $0605FE (Xbox 1 backups). A pre V3 backup always returns blank information for this.

When Extreme V1 was released into the market, the disc build included a blanc video partition, as it wasn’t required for games to boot. The standard Video Partition from any game is included with the stealth firmware, and this can be checked by the Xbox360 host. Stealth backups will still boot with non-stealth firmware but will make the backup detectable.

None of these extra disc checks are currently being performed, but it won’t be long before a game will.

Related Posts

Add a Comment

Your email address will not be published. Required fields are marked *