I have been working on this on an off for a little over a year now. Collectively I have spent 6 solid months doing reverse engineering and programming to make this happen. [...] There are NO modifications to the dashboard running on the development console, no patching, no bypassing security checks, nothing. All of the code I have written is 100% compatible with the code the console runs, for both devkits and retail consoles. The network code is the same between the two. There are no private keys that are used in the xbox live code, so this will work on completely unmodified retail consoles as well, provided I have the needed keys to decrypt kerberos tickets (hdd key, online key, etc). All of the kerberos and SG replies are authentic, there are no replays, no spoofing data, nothing hacky. This is simply a test of the connection to the xbl server. For a full account sign in there is more work needed for the online services.
More info: http://assemblergames.com/l/threads/open-source-xbox-live.44462/page-15#post-928275