Microsoft Responds to Old Xbox Privacy Report

Greg Tito

PR for Dungeons & Dragons
Sep 29, 2005
12,070
0
0
Microsoft Responds to Old Xbox Privacy Report



The Xbox team launched an investigation to find out how credit card information made it to the hard drive.

Last week, a report from a research team at Drexel University in Philadelphia concluded that old Xbox 360s could be dredged for personal information [http://www.escapistmagazine.com/news/view/116568-Beware-Your-Old-Xbox-Stores-Personal-Information], including credit card numbers and personal addresses. The lead researcher Ashley Podhradsky recommended wiping your Xbox hard drive clean before trading it in or throwing it away. Microsoft took the claims of Podhradsky's team to heart, and have put Jim Alkove on the case - he's General Manager of the Security division of the Interactive Entertainment Business at Microsoft. He's looking into the claims, but admits he's having trouble recreating the problem.

"We are conducting a thorough investigation into the researchers' claims," Alkove said. "We have requested information that will allow us to investigate the console in question and have still not received the information needed to replicate the researchers' claims."

He goes on to claim that the Xbox console is programmed not to store sensitive information on each player's hard drive. "Xbox is not designed to store credit card data locally on the console, and as such seems unlikely credit card data was recovered by the method described."

If you have your Xbox refurbished by Microsoft, they make sure to wipe the drives clean themselves. "Additionally, when Microsoft refurbishes used consoles, we have processes in place to wipe the local hard drives of any other user data.

"We can assure Xbox owners we take the privacy and security of their personal data very seriously," Alkove said.

This whole story reeks of "He Said, She Said" but it's refreshing to hear a company like Microsoft going to bat for users at even the barest mention of impropriety. Perhaps Microsoft has learned from the misfortune of its rivals and want to avoid the shitstorm Sony went through last year. [http://www.escapistmagazine.com/news/tag/psn%20down?from_search=1]

Permalink
 

Dastardly

Imaginary Friend
Apr 19, 2010
2,420
0
0
Greg Tito said:
Microsoft Responds to Old Xbox Privacy Report
Watch. It'll come to light that they just happened upon a system where the user had credit card info on there, and just had it set to remember their password. The blame will end with the user favoring convenience over care.
 

mjc0961

YOU'RE a pie chart.
Nov 30, 2009
3,847
0
0
Greg Tito said:
"We are conducting a thorough investigation into the researchers' claims," Alkove said. "We have requested information that will allow us to investigate the console in question and have still not received the information needed to replicate the researchers' claims."
I said it a few days ago and I'll say it again here: these researches are massive scumbags. By refusing to help Microsoft out with what they found, they're either doing one of two things:

1. Lying about this entire thing, in which case they're scumbags for trying to scare people and making Microsoft look bad.

2. They actually did find something, in which case they're scumbags who clearly don't care about the safety of other people's personal information. If they did, they'd help Microsoft out so they can patch it up quicker.

So from a regular guy who wants to enjoy his 360 in peace, fuck you Drexel University researchers.
 

RaikuFA

New member
Jun 12, 2009
4,370
0
0
So nothing about the accout hackings? Really?

This company needs to wake up.
 

Pyrian

Hat Man
Legacy
Jul 8, 2011
1,399
8
13
San Diego, CA
Country
US
Gender
Male
mjc0961 said:
So from a regular guy who wants to enjoy his 360 in peace, fuck you Drexel University researchers.
So quick to judge, but you should at least allow them to pass the buck back (since all MS has done for sure is passed said buck). Have you considered any alternative explanations? I've got a few:

1. DU got the request for information and it doesn't make the slightest bit of sense.

2. MS hasn't actually submitted the request yet (likely).

3. MS referred the situation to their marketing department, and nobody with any relevant expertise has examined the issue at all (more likely).
 

drkchmst

New member
Mar 28, 2010
218
0
0
I kind of would like to know what MSoft's alleged special HDD wiping scheme is exactly. Do they wipe it 8 times? Do they write 1's or 0's several times? It would be kinda nice to know. It's not like it should be a proprietary secret as we all have the option to do it when we format hard drives.
 

anonymity88

New member
Sep 20, 2010
337
0
0
Pyrian said:
mjc0961 said:
So from a regular guy who wants to enjoy his 360 in peace, fuck you Drexel University researchers.
So quick to judge, but you should at least allow them to pass the buck back (since all MS has done for sure is passed said buck). Have you considered any alternative explanations? I've got a few:

1. DU got the request for information and it doesn't make the slightest bit of sense.

2. MS hasn't actually submitted the request yet (likely).

3. MS referred the situation to their marketing department, and nobody with any relevant expertise has examined the issue at all (more likely).
4) The information might be in transit.
 

Kargathia

New member
Jul 16, 2009
1,657
0
0
drkchmst said:
I kind of would like to know what MSoft's alleged special HDD wiping scheme is exactly. Do they wipe it 8 times? Do they write 1's or 0's several times? It would be kinda nice to know. It's not like it should be a proprietary secret as we all have the option to do it when we format hard drives.
Not to mention this is only happens when re-selling through Microsoft. No mention whatsoever about what the console itself does when you set it to wipe all data in preparation for a "normal" second-hand sale (which I assume most of them to be).