xboxlive2.bin is the new HDD change-detecting code, whose disassembly was
released by SmartXX.  You can disassemble it again to verify that it is the
same as what SmartXX released yesterday.

sigcheck.c checks the signature on the file.  It can be compiled with
something like this in Linux or Cygwin (the math library GMP is required):

gcc sigcheck.c -lgmp -o sigcheck

To run it, you need xboxkrnl.exe (or xboxkrnl.img) from a retail ROM.  This
is to remain legal - it's not a good idea to put the public key literally in
a released file.  The program will extract the public key from the EXE.  To
get this file, just use xbflash or xbtool.

./sigcheck xboxkrnl.img xboxlive2.bin

It will then tell you if the signature passed.

The reason I provided source code is so that it can easily be audited as
being correct.

BTW, those looking for the XDK code that executes this: Look for places that
call XcVerifyPKCS1Signature.  Xbox Live games call it in two places, and one
is the one you are looking for.