Xbox security flaw discovered by five-year-old child

Kristoffer Von Hassel managed to log into his fathers account without the right password

Heather Saul
Saturday 05 April 2014 12:27 EDT
Comments

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

A five-year-old child has been praised by Microsoft after discovering a flaw in the security system of their Xbox Live service that allowed him to hack into his father's account without needing a password.

Kristoffer Von Hassel managed to log in to his father's Xbox Live account. When the password log-in screen appeared, he simply pressed the space button a few times and hit enter.

In doing so he managed to enter the system through a back door without needing to enter a password.

"I got nervous. I thought he was going to find out," Kristoffer told television station KGTV.

"I thought someone was going to steal the Xbox."

His father Robert Davies, who works in security in San Diego, said he had noticed his son playing games he supposedly couldn't access.

Mr Davies said he reported the issue to Microsoft, which fixed the bug and listed Kristoffer on its website as a "security researcher."

Microsoft has since fixed the flaw and added Kristoffer to a list of recognised security researchers.

A Microsoft statement says "we take security seriously" and thanks customers for highlighting issues.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in