5-Year Old Kid Finds A Security Exploit On The Xbox One, Gets A Researcher Credit


I thought I was a pretty clever kid when I was 5. Other kids ate boogers; I didn’t. Do you know how many gold stars I had? All the gold stars.

One thing I didn’t have, though: an acknowledgement from Microsoft for finding a security vulnerability. This kid does.

In a story that is surely making someone’s day pretty crappy over at Microsoft HQ, a 5-year old kid reportedly figured out how to bypass the account restrictions meant to keep him off of his Dad’s Xbox One.

The trick? When asked for a password, he pounded the space bar a bunch of times, then hit enter. For some crazy reason, this… worked. Repeatedly.

Late April fool’s joke? Doesn’t seem like it. Word of Kristoffer’s 1337-ness comes from ABC10 news down in LA, who notes that Microsoft took the bug seriously enough to give Kristoffer a security researcher credit after the bug was patched.

Sure enough, a quick glance at Microsoft’s security acknowledgements for March lists one Kristoffer Wilhelm von Hassel. He’s one of few individuals on the page whose name doesn’t link to a Twitter account, since he’s… you know, too young to have a Twitter account.

Sure, it’s not like the kid found some buffer overflow that let him execute remote code and turn the Xbox into a toaster or whatever. But he tried something, and it worked, and he knew he’d done something he wasn’t supposed to — enough so to admit he felt a bit nervous about the whole thing. This kid is awesome.

Remember to put this one on the ol’ college application when the time comes, Kristoffer. Pretty sure “Acknowledged by Microsoft as a security researcher at the age of 5″ would open a door or ten.


Via: techcrunch, ABC10News

Save pagePDF pageEmail pagePrint page

Leave a Reply

Your email address will not be published. Required fields are marked *