In this guide, I will explain both why and how one should hack the Xbox to run unsigned code and accept hard disk upgrades. This has been written up many times, but most of the guides are pretty old and out of date. This one will eventually also be old and out of date, but right now it's new.
Hacking the Xbox: Why
A hacked Xbox running Xbox Media Center
Microsoft included various features in the Xbox system which are intended to prevent you from altering it. While this is a necessary measure in making futile attempts to prevent software piracy, when you alter the Xbox to sidestep these so-called "safeguards" designed to prevent you from fully utilizing your hardware, you open up a new world of functionality. The system, which can now be had for a third of the original price or less, operates as an excellent media player and as a personal computer. Xbox Media Center ("XBMC") is probably the finest console-style media center available today, featuring support for many media types, audio visualizations, networking, Python scripting, skins, and all kinds of other goodies. There are various versions of this program in process on other platforms, including Linux, Windows NT derivatives, Mac OS X, and the Xbox 360, which are unified to varying degrees, but the Xbox provides a relatively compact package
The Xbox features a 733MHz Intel Coppermine Celeron with 128kB of cache, an 8 GB (or 10GB limited to 8GB) hard disk, nVidia graphics with hardware T&L, and 64MB of DRAM. It also had 10/100 Mbps ethernet standard, and the four controller ports are just USB ports with different connectors. Controllers contain hubs and play host to memory cards, which are just USB flash drives with other, also different connectors. Adapters exist to convert various devices to and from these connectors, including Xbox to USB-A and USB-A to Xbox. Adding a hub to one of the latter permits the attachment of mice, keyboards, storage devices, et cetera. Finally, the Xbox has excellent hardware for video output to televisions, although it only supports up to a 1080i resolution (via component video cables, which are more than adequate for a 1080i signal.) When using an ordinary PC with TV out, driver problems that leave the system difficult to control (due to being difficult to see) are commonplace, but the Xbox does not have this sort of problem. The A/V connector also includes both analog and digital audio outputs, and depending on the type of cable used, this may be available for AC3 and DTS passthrough support.
XBMC's feature list, in addition to the items mentioned above, includes animated screen savers, program launching support, networking including a FTP server and SMB, FTP, and XBMSP client support, smoothly animated skins based on nVidia pixel shaders, and just a general polished-ness that is truly awe-inspiring. Some of the most entertaining scripts are pretty buggy, and the official script repository website is perpetually broken (meaning the internal script-based script installer is as well) but the users who prefer simplicity can install a single pack with the application, skins, and a package of (mostly) working scripts and the bleeding-edge types like myself can track SVN builds (if you have broadband, this is easily done with an included script) and the SVN script repository -- which is hosted by google.
In order to accomplish all of this, it is necessary to load a patched ROM BIOS image into the Xbox. Without exception these are all patched versions of the original Xbox BIOS. This is a necessary step to running unsigned code, besides Linux. Without getting into detail as to where to get files and how to install them (the former I will not do, the latter is the subject of the next section) there are three major options to consider: modchip, "TSOP reflash", or Linux-only (cromwell), which I will discuss at the end of this section. Installing a modchip involves opening the Xbox with a T15 Torx driver, removing some of the guts, and clipping (or soldering) something onto the motherboard. The TSOP
In addition, in order to build software which takes advantage of the full capabilities of the Xbox, it is necessary to use the Microsoft Xbox XDK. This software development kit (or "SDK") is legally unavailable to anyone without an Xbox development system, which is in turn available only to those who are licensed to produce games for the Xbox. There is an OpenXDK which is reverse-engineered and thus legal, but it does not (yet?) provide the full functionality. There is also hope that the open-source nVidia driver project "Nouveau" will provide video functionality beyond a simple framebuffer to Linux on the Xbox, but today the XDK is basically the only real choice for any software which seriously exercises the graphics hardware. For this reason, it can be slightly difficult to locate software.
Microsoft originally promised that the Xbox would be a sort of miracle media player able to stream content from both your PC and the internet. Eventually, Xbox Live users were provided with video streaming software, but it required that the files be hosted on a Windows PC (or a very close facsimile) and only supported a handful of media types. In addition, in order to get a decent music player with karaoke, All that functionality is present within XBMC; with scripts you can get internet lyrics, shoutcast streams, Youtube videos, Apple movie trailers, CNN news video, and all kinds of other fun stuff. This is the kind of thing that Microsoft can really never accomplish, for two reasons: One, it requires too much effort to stay on top of all the video formats; and two, it's contrary to their goals of controlling as much media as possible, which includes encouraging consumers to recode video in Microsoft formats. Frankly, however, I am quite content that they are basically looking the other way and focusing on doing business. Suing your customers is seldom a very good idea, and I for one would never have purchased an Xbox without this hacking potential.
Even without making any potentially compromising decisions, the "cromwell" alternative BIOS for the Xbox can be used to load Linux. Popular choices include two Knoppix derivatives, Xebian and XDSL. Knoppix is based on Debian Linux; XDSL is based on Damn Small Linux, which is based on Knoppix. However, by simply including support for the fatx filesystem, usb input devices, and nforce ethernet, you can easily build a linux kernel that will boot basically any derivative once the cromwell BIOS is installed. While this provides only a simple framebuffer interface, it does allow the use of any supported resolution. 64MB doesn't take one very far, but the Xbox makes an excellent thin client. Cromwell has also been used to load OpenBSD and FreeBSD.
As you can see, while Microsoft doesn't particularly want you fiddling with their baby, a hacked Xbox has functionality well in excess of most any other media player available. It is a powerful and fun addition to the home theater, made even more enjoyable by knowing that it's being done for a very small price compared to anything else that even comes close. While the current vagaries of "intellectual property" law may repel some, the resulting system is well worth it to many, in effect providing the device that Microsoft promised Xbox users in the first place. And even those who toe the line closely can run Linux on the system and utilize it as a media player in that way.
Hacking the Xbox: How
I'm not going to get heavily into specifics here; there are step-by-step guides to every stage of this process. I hope to link in the best of these as I find them.
Hacking the Xbox is a relatively simple task. The usual method is to open the Xbox and either alter the motherboard to permit the onboard BIOS to be rewritten and reflash the BIOS, or to install a modchip to allow bypassing of the factory BIOS entirely. The means for installing BIOS images onto modchips vary, but reflashing the BIOS is usually done from a special saved game file which is loaded into a game with a buffer overflow in the game loading routine. Once the BIOS is flashed, the system may be altered in any number of ways. The Microsoft "dashboard" (think of it sort of like the computer's desktop) can be replaced, or in fact the entire operating system can be replaced or just bypassed, and Linux loaded. Games and other Xbox software can be copied to the hard disk and played from there, minimizing load time and permitting modification. Depending on the other software installed on the system, it is even possible to modify games or load trainers for them. A variety of other software can also be used to add all kinds of other functionality.
A lot of embedded systems are very difficult to hack. While there is some kind of facility for the factory to initially install the software, in some cases the systems are really just not designed for updates, and their very obscurity makes them difficult to understand. Not so with the Xbox, which is really just a fancy PC and which was meant to be field-updatable. While the Xbox has some nifty tricks which supposedly make it difficult to hack, it "fell" to the "hackers" fairly quickly, and now there are very many hacked Xboxes out there doing all kinds of fun things, and they even played their part in clustering for a while (before they were rapidly outmoded as all PC hardware is.)
"Hacking" the Xbox could mean all kinds of things, including replacing the case or adding neon underlighting, but right now we're talking about enabling unsigned code execution. Xbox game code is cryptographically signed by Microsoft and the Xbox normally refuses to load any software which is not verified in this way. Rather than trying to sign the files, which is effectively impossible, the key is to prevent the system from caring about whether they're signed or not. We do this by replacing the onboard system BIOS, which is responsible for making this distinction.
One we we can replace the BIOS is to actually replace the software code in the onboard BIOS chip. The BIOS is a TSOP-package flash chip which comes from one of several manufacturers. Somehow this name became the name for what was worked on when you did a reflash, although it tells us only about the shape and construction of the chip and not what it does. Hence, it will herein be referred to as "reflashing". Depending on the Xbox version, this is either easy or not so easy. Version 1.0 and 1.1 Xboxes
Once reflashing is enabled, we then load a special saved game, which we can load onto almost any 8, 16, or 32MB flash disk and put into a USB to Xbox adapter, or which we can put into an Xbox memory card loaded into an Xbox memory card to USB adapter on a PC. This game is loaded into one of a few games (mechassault, some 007 games, and others) of the proper version, a buffer overflow is exploited, and unsigned code is executed directly from the stack. The loader is launched, and from this point, the BIOS can be reflashed. Probably the best BIOS to use is the EvolutionX M8 BIOS, which supports any version of Xbox, or a recent Xecuter 2 BIOS, but there are many options.
An alternative to this whole process is to install a modchip. Many types of clip-on modchip are available, with some being more resistant to being dislodged from their place or offering different features than other. Some modchips even offer USB module support so that you can add a screen to your Xbox so that it can do some things without the TV being on, and some will permit switching between various types of BIOS; although this is seldom necessary any more, it is a necessity for the support of Xbox Live!. If Live detects that your Xbox has been modified, your Xbox is banned and your account may be as well. If you're not going to use Live, and you usually want to use your Xbox as normal, you can actually replace Live with another dashboard, and then it behaves substantially normally when it's turned on. Some Xboxes actually have a convenient connector, or at least an area to add one fairly easily, and you can install a modchip onto that connector, or even build your own "cheapmod" modchip. Again, with the version 1.6 Xbox, it is not possible to reflash the BIOS, and a modchip is your only option. You can get modchips as cheaply as fifteen dollars (and even less, in quantity.) Some modchips actually still require that you go through this same process to flash them; others come loaded with the cromwell BIOS, which will only load linux
Just as in Windows you interface with the computer mostly through a program called Explorer, on the Xbox you normally interface with the dashboard (by default, C:\xboxdash.xbe). If you flash the BIOS and do nothing else, you will be able to run unsigned code burned to a DVD which resembles a Video DVD in format (just don't visit Live!.) Just call it default.xbe and put it in the drive, and off you go. But in order to get the truly interesting functionality, it's best to replace the Xbox dashboard. If all you want to do is play games, the typical choices are Avalaunch or EvolutionX. If you want all that fun media playing functionality on a regular basis, you might as well go ahead and make XBMC your dashboard -- it supports game trainers, scripting, remote updates, and all kinds of goodness. The only downside is that it is substantially larger than any other dashboard. The dashboard can be replaced either by replacing C:\xboxdash.xbe with the XBE of your choice, or by loading a BIOS which looks for some other filename first. You can also patch many BIOSes to support the dashboard path of your choice -- to do this with Evo-X M8, use "evtool", a windows application. This program is also necessary to convert the 256k BIOS image into the 1MB image needed for the version 1.0 or 1.1 Xbox.
As previously mentioned, you could also load Linux on your Xbox. Without getting all the way into the subject,
The fruit of all this, including upgrading the Xbox's hard disk, has been discussed heavily above. You can turn the system into an excellent media center, and you can copy games to the hard disk for play later. While this can be and often is abused, it's also valuable to those who actually own the games for a variety of reasons. The games can be safely put away where they won't be scratched, and load times are virtually eliminated in most titles. Grand Theft Auto 3: San Andreas in particular became dramatically more enjoyable once I did this. The process also extends the life of your DVD-ROM drive, because it isn't thrashing all the time. You can also install mods for some games into the system, for example for GTA San Andreas (so long as you have the original version.) And EvolutionX and Xbox Media Center both have support for launching games with trainers, memory patches that alter their behavior (e.g. cheat codes, unlocking areas, et cetera.)
Besides these fun things, there are other programs which can be run on the Xbox. Another game-related item is the console emulator, and there are emulators for the Xbox for the Sega Master System and Genesis, Nintendo NES, Super Nintendo, Game Boy, Game Boy Color, and Game Boy Advance, Intellivision, Wonderswan Color, Apple //gs, Amiga, and so on, and so on. And there are some utility programs to tweak EEPROM settings (for example, HDD unlocking) or to copy the contents of disks to the Xbox for later playback. This, of course, can be done with the file manager in a dashboard like XBMC or Avalaunch or a file manager like boXplorer. Further, the file managers permit copying data over the network, which can be used for making saved game backups (or other kinds of backups.) Doing this is legal if you actually own the systems and games in question, many of which can be had at flea markets, swap meets, garage sales, and even on eBay for extremely reasonable prices. Sometimes you do not even need the system, but in many cases the system has its own ROM and the ROM images are only legal to possess if you own the actual hardware as well (or at least an actual ROM chip.)
Summary
I've explained why you can hack the Xbox, and the broadest strokes of how to do it. I've told you a little bit about modchips (without actually selling you any of them) and about reflashing. You've also read about some of the purposes which can be fulfilled by a dashboard, and heard a little something about which ones are worth installing, and what they do. I've talked a little bit about emulation and about copying games to the Xbox, and about some other utilities you can install as well. I hope that this gives you the broader knowledge to make sense of the subject of Xbox hacking.