A 5-year-old boy discovered a major Xbox One security flaw that allowed him to log into his father’s account without the correct password. Kristoffer Von Hassel somehow figured out how to completely bypass the Xbox One’s login safeguards. By entering the wrong credentials once, and then filling the second password entry screen with spaces, he gained full access to his father’s profile. He was apparently thrilled with the discovery, telling local television station KGTV that his reaction “was like yea!”
But that elation quickly turned to panic: Von Hassel “got nervous” that his father would somehow find out he’d logged in without permission. He was also concerned that Microsoft would come and steal his favorite gaming machine if they found out about his discovery. But obviously that didn’t happen. In fact, as thanks for reporting the vulnerability, Kristoffer received four free games, $50, and a free year of Xbox Live Gold. He’s also now credited as a security researcher by Microsoft, and we imagine he’s one of the youngest people to have ever been added to that list.
SOURCE : TheVerge