Xbox security flaw discovered by 5-year-old boy

By Kyle Johnson,

A 5-year-old California boy recently discovered a security flaw in Microsoft's Xbox Live account log in process.

Kristoffer Von Hassel found that after inputting an incorrect password he was directed to a password verification page where if he entered several blank spaces and hit enter, the system granted him access, reports ABC 10 News.

Von Hassel's father originally added a password to keep the boy from inappropriate games, so he noted he wasn't sure he wanted to tell his father about the exploit. "I got nervous. I thought he was going to find out."

Instead his father, who works in computer security, was quite excited. "How awesome is that?" he said. "Just being 5 years old and being able to find a vulnerability and latch onto that. I thought that was pretty cool."

After the discovery of the security flaw, Von Hassel's father contacted Microsoft, according to BBC News. As a thank you for informing their of the weakness in their log in system, Microsoft added the 5-year-old's name to a page that thanks people who have told them about product issues.

Von Hassel also got several free games, $50 and an Xbox Live subscription for a year.

ABC notes that his father explained it wasn't the first flaw that the young boy has discovered. "He's figured out vulnerabilities 3 or 4 times."



Join Our Newsletter

Popular Threads