Alternatively, he did try it, and just doesn't want to admit it because there is no Xbox One bug hunting program so he could be charged under the existing computer hacking laws.
It is not about this case in particular, but what often "bugs" me is the fact that there are people discovering exploits in these locked-down devices --- which could open them up significantly --- and actually advocate/report to get them fixed, making them even more locked-down. I understand that some of them are in it for the $$$, but even when there isn't, they still do it. The phrases "digging your own grave" and "locking yourself out" come to mind... it all seems rather Orwellian.
There is an exemption for security research when it comes to violating the DMCA by breaking crypto & also, it would be his device so honestly, no one is going to really care. Even when it was technically illegal to break device encryption I was doing it and reporting vulns to vendors with no issues because it was in good faith. Low risk.
You cannot be charged for hacking something you own under any existing hacking law. In that case it would be an authorized access, so there is no crime.
