Xbox password flaw exposed by five-year-old boy

4.6
A five-year-old boy who worked out a security vulnerability on Microsoft's Xbox Live service has been officially thanked by the company.

Kristoffer Von Hassel, from San Diego, figured out how to log in to his dad's account without the right password.
Microsoft has fixed the flaw, and added Kristoffer to its list of recognised security researchers.
In an interview with local news station KGTV, Kristoffer said: "I was like yea!"

The boy worked out that entering the wrong password into the log-in screen would bring up a second password verification screen.
Kristoffer discovered that if he simply pressed the space bar to fill up the password field, the system would let him in to his dad's account.

Kristoffer's name now appears on a page set up to thank people who have discovered problems with Microsoft products.
The company also gave him four free games, $50 (£30), and a year-long subscription to Xbox Live.

Posted:
Related Forum: Xbox Forum

Source: http://www.bbc.co.uk/news/technology-26879185

Comments

"Xbox password flaw exposed by five-year-old boy" :: Login/Create an Account :: 115 comments

If you would like to post a comment please signin to your account or register for an account.

OasisPosted:

Smart kid! At least he's gonna be remembered.

RinPosted:

Amex This is quite interesting.

Why would Xbox give him a 1 year subscription? 5 year old's don't play online.
You'd be surprised. My nephew plays all the time. Xbox live doesn't necessarily mean you have to play online, the apps require gold.

SkalmoldPosted:

I think his future might involve penetration testing. Seems to be his calling.

PolygonPosted:

itomni
Yui Only $50 [30] + Four free games for finding a major flaw like this. Dang, Maybe should get a little more but with the money received + the four games + 1 year membership, maybe the price was right for him. But maybe he should get a little more anyways.


Hes Five REALLY! they gave him $110.


Sorry.
$110 is nothing!
He found a major flaw in the system which could've caused MS a lot of money.

ToquePosted:

That's actually kind of funny! I wonder if he's smart or just got bored and started spamming space

PolygonPosted:

Magi This kid should get a job a microsoft


He is only 5 years old mate...

itomniPosted:

Yui Only $50 [30] + Four free games for finding a major flaw like this. Dang, Maybe should get a little more but with the money received + the four games + 1 year membership, maybe the price was right for him. But maybe he should get a little more anyways.


Hes Five REALLY! they gave him $110.

itomniPosted:

CB9 A five year old, wow. I think he should have got more than four games though


beggars can't be a choosers he got a total of about $110 so that's ALOT for a 5 years old. if he was older he would have probably got better games but most good games has age restrictions so he didn't have much to choose from.

seemywebdesignPosted:

Thank god the OP posted the picture along with the article, i wouldn't have known what a Xbox 360 controller, let alone a 5 year old hands look like 0_o

935Posted:

This is quite interesting.

Why would Xbox give him a 1 year subscription? 5 year old's don't play online.