Five-year-old uncovers Xbox security flaw

Avatar By Aaron Sims | 6 years ago

Meet Microsoft’s newest security researcher: a five-year-old boy.

Kristoffer Von Hassel, aged five years, discovered a security flaw in the Xbox gaming system while trying to gain unauthorized access to his father’s account.

According to a report that aired on San Diego’s KGTV television station, Von Hassel uncovered the back door while attempting to log into his father’s Xbox profile. After typing in an incorrect password, the boy was taken to a second verification screen, where he found that by simply filling up the password field with spaces, he could access the account.

“I was like yea!” said Von Hassel to the local news station.

While most parents might be somewhat concerned about their child circumventing password protections to view possibly inappropriate content, not Robert Davies, the boy’s father. Davies works in computer security and is now one proud parent.

“How awesome is that!” said Davies in the interview. “Just being five-years-old and being able to find a vulnerability and latch onto that. I thought that was pretty cool.”

Microsoft did too apparently. For reporting the security loophole, the company gave Von Hassel four free games, $50, and a 12-month subscription to Xbox Live. Additionally, the boy’s name is listed on the page where Microsoft recognizes the security researchers who helped make Microsoft online services safer by finding and reporting security vulnerabilities.

“We take security seriously at Xbox and fixed the issue as soon as we learned about it,” said the company in a statement. “We’re always listening to our customers and thank them for bringing issues to our attention.”