Apple laptop batteries can be hacked and destroyed

Tools

Well-known security researcher Charles Miller is scheduled to demonstrate at the Black Hat security conference how to break into the batteries powering several models of Apple's (NASDAQ: AAPL) laptops and "brick" them, which is jargon for rendering something permanently unusable. Miller first rose to prominence when he won Pwn2Own three years in a row and holds the view that the Mac OS X is not more secure than Windows.

The root of the issue is that modern batteries in laptops like Apple's MacBooks incorporate a microcontroller that actively monitors the power level of the battery and feeds this information to the operating system. Other tasks include knowing when to stop charging when the laptop is switched off, and to monitor its heat for safety purposes. While a password is used to protect against tampering, the fact that all batteries ship with the same password means that this rudimentary defense is insufficient to prevent hackers from performing nasty tricks.

Possible attacks include rendering it inoperable by erasing the embedded firmware, permanently damaging it by allowing the battery to discharge completely, or as some fear, causing an explosion by overcharging. Fortunately, additional safeguards such as internal fuses should make an explosion less likely, though Miller says he is disinclined to try too hard on that front.

Another concern is the possibility of inserting persistent malware into the firmware as an attack vector immune from traditional measures such as an operating system reinstallation or even a new hard disk drive. There is no proof-of-concept yet, though I think it is far more likely that Mac malware would attempt to damage a MacBook's battery.

Speaking to Forbes, Miller observed that "these batteries just aren't designed with the idea that people will mess with them." Of his work, Miller says: "What I'm showing is that it's possible to use them to do something really bad." In the meantime, Miller has put together a fix called "Caulkgun" that repairs the vulnerability by changing the default password to a random string, though Miller concedes that this would also prevent Apple from implementing new features via a future update.

For more:
- check out this article at eWeek
- check out this article at Forbes
- check out this article at Mac Observer

Related Articles:
Pwn2Own 2010: The Mac isn't more secure

Does Apple have what it takes to tackle 'Mac Defender' malware?

Google offers $20k for Chrome hack in Pwn2Own

Should cyber attacks be considered acts of war?

TDL-4 botnet is 'practically indestructible,' 'the most sophisticated threat today'

Wi-Fi hacker gets 18 years, highlights danger of unsecured networks