Xbox password flaw exposed by five-year-old boy

4.6
A five-year-old boy who worked out a security vulnerability on Microsoft's Xbox Live service has been officially thanked by the company.

Kristoffer Von Hassel, from San Diego, figured out how to log in to his dad's account without the right password.
Microsoft has fixed the flaw, and added Kristoffer to its list of recognised security researchers.
In an interview with local news station KGTV, Kristoffer said: "I was like yea!"

The boy worked out that entering the wrong password into the log-in screen would bring up a second password verification screen.
Kristoffer discovered that if he simply pressed the space bar to fill up the password field, the system would let him in to his dad's account.

Kristoffer's name now appears on a page set up to thank people who have discovered problems with Microsoft products.
The company also gave him four free games, $50 (£30), and a year-long subscription to Xbox Live.

Posted:
Related Forum: Xbox Forum

Source: http://www.bbc.co.uk/news/technology-26879185

Related Articles

Comments

"Xbox password flaw exposed by five-year-old boy" :: Login/Create an Account :: 115 comments

If you would like to post a comment please signin to your account or register for an account.

-Excite-Posted:

Pininfarina
Cokes
Pics Wow such a smart kid! Atleast he got something from it!


Not really smart more like lucky.


I agree with you cokes. You are very realistic!


Still it is a very good thing to find out.

CartierPosted:

Cokes
Pics Wow such a smart kid! Atleast he got something from it!


Not really smart more like lucky.


I agree with you cokes. You are very realistic!

CokesPosted:

Pics Wow such a smart kid! Atleast he got something from it!


Not really smart more like lucky.

tellPosted:

Wow such a smart kid! Atleast he got something from it!

CyimkingPosted:

This kid was just trying to make things "work" and he got lucky.

AimiPosted:

Dang, that's one smart kid. Good for him! It's cool how he got something cool out of it.

EK6Posted:

Thespian Good for this little boy! I hope his dad lets him get a game he wants!


Yeah! He's going to spend that money in candy. Hahaah.

EK6Posted:

Thespian Good for this little boy! I hope his dad lets him get a game he wants!


Yeah! He's going to spend that money in candy. Hahaah.

MaggardoPosted:

I honestly would've figured, out of all companies, Microsoft wouldn't have let this happen. But whatever, I still think Microsoft is a good company and all, but I thought they would've never had a problem like this. But, everyone, including companies, make mistakes. So it's understandable.

AftermarketPosted:

Resort Wow thats kinda weird that the kid new to report this problem to xbox. Good for him


The kid's dad reported it when he found out... did you seriously expect a 5 year old to know how to report a bug to a company?


Latest Downloads

Latest Tutorials