Comment by nemothekid

4 years ago

There's a really good presentation, by a Microsoft Platform Security Engineer, detailing the lengths they went through to ensure only properly signed executables run on the Xbox One and really answers your question. One of the tools they developed, HVCI, was later incorporated into Windows Hyper-V.

https://www.youtube.com/watch?v=U7VwtOrwceo

2 comments

nemothekid

rrdharan 4 years ago

VMware actually filed and was granted a patent for the same technique, years earlier, though to my knowledge they never used it for anything (not even for counter offensive purposes against MSFT :).

https://patents.google.com/patent/US7984304B1/en

monocasa 4 years ago

Microsoft would have had proof of using the technique earlier. It was designed into the Xbox 360, so it would have been already taped out by that priority date.