A Preschooler Finds Major Xbox Security Bug, Earns $50 Reward
A five-year-old prodigy accidentally discovered one of the biggest Xbox One security bugs that enables anyone to log in to password-protected user accounts without the correct password. The boy discovered the bug while trying to access his father’s account. Somehow, Kristoffer Von Hassel figured out a way to bypass the Xbox one login precautions. Once he entered the wrong credentials, he filled in the second password entry with spaces, gaining access to his father’s personal account. We can only imagine his excitement when he succeeded in accessing his father’s account and getting hold of his father’s stash of videogames – stuff he shouldn’t be playing with.
Excitement quickly turned to panic because the boy thought his father would find out he penetrated his account without permission, but the boy’s father, Robert Davis, was not mad. In fact, he thought his son’s ability to break into an Xbox live account was actually very “awesome.”
“Just being five years old and being able to find vulnerability and latch onto that. I thought that was pretty cool,” he said in an interview to San Diego news.
At the age of 1, Kristoffer was able to bypass his parents’ smartphone toddler lock, so this is not just a simple case of luck. New generations appear to be technically savvy as they come, because they are born and live with technology.
But the father’s wrath was not the only thing that worried the boy. He was afraid Microsoft would come and steel his Xbox, something that he had learned from his father, who works in computer security. Nevertheless, Davies reported the bug to Microsoft. The company released an urgent patch and added Kristoffer on the list of “security researchers” in its March 2014 edition of contributors list.
In addition, the company rewarded the family with $50, 4 games and a one-year subscription to Xbox live. It’s not a big deal, and doesn’t compare to a Brazilian guy who recently landed a job at Facebook and a $33,500 bounty for locating a security exploit in the Facebook code, but either way it’s not bad for a five-year-old.
Microsoft released a statement about the bug fix, “we are always listening to our customers and thank them for bringing issues to our attention. We take security seriously at Xbox and fixed the issue as soon as we learned about it.”
I wonder what this prodigy kid will come up with next?