Security researcher finds hack vulnerability in Mac battery chips

Jul 26, 2011 by Bob Yirka report

( -- Research consultant Charlie Miller, currently with Accuvant Labs, has made it known that he intends to demonstrate a security hole in certain Mac laptops at next month’s Black Hat security conference. In an interview with Forbes, he says the chip that controls the battery can be hacked because Apple uses only two passwords for the firmware for all of their laptops, which he says he’s been able to figure out, which of course means, others with less noble purpose could do it as well.

Miller claims to have figured out the security breach by examining a firmware upgrade Apple sent out in 2009. Being able to breach the firmware in the chip means he can alter settings such as those that monitor the battery and the interface between it and the operating system. Miller says he’s “bricked” or killed the batteries in seven laptops, presumably to prove that it wasn’t a fluke, and believes if he wanted to, he could cause the batteries to ignite or even blow up, though that is still debatable as the batteries themselves come with a fuse to prevent such an occurrence.

Miller says he’s found he can hack into MacBooks, MacBook Pros and MacBook Airs, and says he’s notified both Apple and chip maker Texas Instruments of his findings, but says he hasn’t heard anything back from them. He also says that he believes this vulnerability is particularly insidious because if a hacker did manage to breach the battery firmware and implant malware, the user of the computer, upon discovering something wrong, wouldn’t be able to eradicate it unless he or she thought to remove the battery, not something most would think of right off the bat. It should be noted here that just because a hacker gets into the battery chip, that doesn’t mean they’ve got a clear shot to the operating system and the rest of the computer. Chipmakers do add additional security measures to their chips so a hacker would have to be able to hack that part as well in order to embed malware that could do other things besides just mess with the .

Miller also says he’s developed a "fix" for the problem, a patch that will change the password on the firmware to a random number, though users who apply it will no longer be able to get firmware upgrades from Apple.

While this discovery by Miller does indeed highlight a serious vulnerability, it’s not like it’s one that is confined to just Mac laptops or even laptops in general. Most computers have several chips in them with programmable , protected only by simple passwords, and their vulnerabilities are well documented. What’s truly interesting is that more hackers aren’t trying to sneak in via this approach; though no doubt Miller’s presentation will serve as a reminder to those with nefarious intent who may have forgotten about such vulnerabilities or simply haven’t been paying attention.

Explore further: System to automatically find a common type of programming bug significantly outperforms its predecessors

add to favorites email to friend print save as pdf

Related Stories

New explanation postulated for Fermi paradox

Apr 12, 2011

( -- Enrico Fermi, the famous Italian physicist, once asked the question; if intelligent life has come to exist many times in our galaxy, why is there no sign of it? It’s a clearly valid point, when you consider ...

Hackers cause Sony major financial, reputational damage

Jun 08, 2011

Information security expert John D’Arcy, assistant professor of information technology management at the University of Notre Dame, says this week’s hacking attack on Sony Corp. is yet another example of the significant ...

Recommended for you

Blue Freedom uses power of flowing water to charge

40 minutes ago

Good friends may decide to tell you something that is not true but nonetheless sustaining: Nothing is impossible. That was the case of Blue Freedom co-founder who asked his friend if it would be possible ...

Special ops troops using flawed intel software

1 hour ago

Special operations troops heading to war zones are asking for commercial intelligence analysis software they say will help their missions. But their requests are languishing, and they are being ordered to use a flawed, in-house ...

Applications of optical fibre for sensors

5 hours ago

Mikel Bravo-Acha's PhD thesis has focused on the applications of optical fibre as a sensor. In the course of his research, conducted at the NUP/UPNA-Public University of Navarre, he monitored a sensor fitted to optical fibre ...

Twitter chief vows to help Indonesia fight disasters

5 hours ago

Twitter chief Dick Costolo said Thursday the microblogging site planned to work with Indonesian authorities to warn people about natural disasters that regularly hit the archipelago, from earthquakes to volcanic ...

Virtual robotization for human limbs

5 hours ago

Recent advances in computer gaming technology allow for an increasingly immersive gaming experience. Gesture input devices, for example, synchronise a player's actions with the character on the screen. Entertainment ...

User comments : 1

Adjust slider to filter visible comments by rank

Display comments: newest first

Tark Dom
1 / 5 (2) Jul 27, 2011
This is a completely exaggerated threat. There has been a total of ZERO incidents of this hack being exploited in the wild. This is a prime example of an interesting bit of research being used to stoke fear and grab headlines. We see a lot of this in the security industry. IOActive did this for years. It looks like Accuvant is assuming their role as a top purveyor of FUD.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.