Microsoft famously said the Xbox One was the "most secure console" it had ever released. That was 12 years ago. Last week, a former Microsoft employee announced he'd finally cracked it — using a $4 microcontroller.
The Man Who Worked There
The ex-employee, Markus Gaasedelen, was speaking at the RE//verse 2026 conference. His hardware exploit, which he calls Bliss, attacks the Xbox One right at the bedrock of its security defenses: the boot ROM.
The boot ROM is baked into the silicon. It can't be patched. No firmware update will ever fix this.
Why It Was "Unhackable"
The reason the Xbox One was "unhackable" was because Microsoft built a layered defense. A custom Hyper-V hypervisor shares silicon with the games, blocking notorious jailbreak tricks like DMA attacks. An ARM-based security co-processor arms the boot ROM with hard-to-cut keys. One-off hardware keyboxes add another layer. And, finally, unsigned code can't be booted up because every stage of the boot sequence locks the doors behind it.
Last generation, the hackers might have lost the war, but they won battle after battle. The Wii fell hardest. The PlayStation 3 shattered. The Xbox 360 crumpled. Meanwhile, the Xbox One just laughed.
How Bliss Works 🔧
Bliss uses voltage glitching — a technique where you collapse the CPU's power rail for a few nanoseconds at exactly the right moment during boot. Two glitches, back to back. The first one breaks the ARM Cortex memory protection setup. The second hijacks a memory-copy operation and redirects execution to attacker-controlled code.
→ The tool? A Raspberry Pi Pico soldered to the motherboard. Total hardware cost is under $10.
→ The catch? The timing has to be so precise that the success rate is roughly one in a million attempts. You could be running the glitch for days before it lands. It also only works on the original 2013 "fat" Xbox One — the Xbox One S and Series consoles have hardened boot ROMs with voltage glitch monitors.
→ The payoff? When it does land, you get everything. Hypervisor access. Full OS control. Game decryption. Private keys. Complete system compromise from the lowest level up.
Voltage Glitching Has History
Voltage glitching isn't new. The PS3 got cracked by a memory bus glitch. The Nintendo Switch fell to a similar technique on its Tegra X1 chip. The theory goes back to a 1997 paper on using hardware faults to compromise encrypted systems.
Why This One Hits Different
What makes Bliss a good story isn't that Gaasedelen was the first person in a dozen years to break the Xbox One's security wide open. It's because two years before he cracked the boot ROM, he was an engineer at the company that built the console.
The preservation angle matters too. Xbox One exclusives — never before playable on anything but Xbox One hardware — can now be ripped and archived. Bricked consoles can be restored. The door to emulation just opened.
The Real Lesson 🔒
The encryption will keep your secrets. The difference between your secrets and your console, though, is that someone out there wants what's locked in your console. Given enough incentive, the bolts shear off and the doors come down.
"Unhackable" doesn't exist. It's a promise that's broken, not kept.
What's the product you trusted as "unbreakable" that eventually broke? 👇
Top comments (0)