How is the third-party controller ban enforced?

[Zowayix]

What's enforcing the ban on the implementation end?

If this were a brand new console and new controllers, I would've guessed that both the console and controllers have a hardware private key and a pinned public key, but the consoles are up to 3 years old and the controllers are up to 10 years old. Has Microsoft theoretically been able to enforce this for ~10 years and just chose not to? Or if (for example) the 10-year old controllers don't have a hardware private key, doesn't that make them spoofable?

 

[frozencat]

What's enforcing the ban on the implementation end?

If this were a brand new console and new controllers, I would've guessed that both the console and controllers have a hardware private key and a pinned public key, but the consoles are up to 3 years old and the controllers are up to 10 years old. Has Microsoft theoretically been able to enforce this for ~10 years and just chose not to? Or if (for example) the 10-year old controllers don't have a hardware private key, doesn't that make them spoofable?

might just be hot air hopefully then

 

[RAHelllord]

We won't fully know how exactly it's going to be implemented until it's actually implemented. From articles I've seen Microsoft is quoted as requiring a certain hardware chip inside wireless peripherals to make them work with the X|S. I am assuming similar will be required going forward for other wireless peripherals like controllers. In addition to that they will either likely create a whitelist of previous hardware IDs that are allowed (and thus can be spoofed by cheaters easily) or just tell people to get fucked in totality and lock those older ones out as well citing "user experience" as a reason to do so.

I highly doubt they will be jumping in with the latter, but they might expand to that down the road once people have accepted the first partial ban.

 

[Zowayix]

Thanks! I thought it was already implemented though - the Xbox software can detect a first-party controller vs a non-first-party one, it's just choosing to display a message for now instead of fully ignoring the controller. I'm wondering how this detection that's already there is implemented.

 

[The Real Jdbye]

Thanks! I thought it was already implemented though - the Xbox software can detect a first-party controller vs a non-first-party one, it's just choosing to display a message for now instead of fully ignoring the controller. I'm wondering how this detection that's already there is implemented.

It's probably similar to the Xbox 360 (which uses a hardware TPM chip for authentication, similar to what is built in to many PC motherboards and supported by Windows 11 but presumably an older version)
This authentication was hard to crack (only a few 3rd party "unauthorized" controllers managed to crack it), however it was never enabled on PC so any controller will work there. Seems a full RE was eventually made public: https://oct0xor.github.io/2017/05/03/xsm3/

 

[tech3475]

My suspicion is that either/or a combination of:
1) They always included something which was intended for DRM
2) They included something which is being repurposed into DRM (e.g. some standardised micro-controller which the clones don't include or dont 1:1 copy)
3) They're using the USB Descriptors somehow (e.g. each oem included their brand and most unlicensed controllers didn't just copy someone else ).

 

[linkinworm]

Likely that any xinput device would work as long as it could map the controller correctly. But lisenced devices , ms will share keys and wireless technology protocols. Likely just anything not on a whitelist is being revoked. And the device by serial number is being blocked. Maybe set microcontrollers are being read and parsed against a list of devices with matching controllers for the input. I doubt its anything too fancy but it's both basic enought and hard enought to not be cloned. But catch out fakes