Who Would Have Thought that MacBook Batteries were Vulnerable to Hacking?
In what can probably be called the most lackluster hacking threat imaginable, it would appear that Apple MacBook batteries are susceptible to hacking. According to a new Forbes report, the fault lies with the battery control chips. Apparently they are vulnerable to attack and can leave a MacBook bricked or worse.
According to Forbes, security expert Charlie Miller who first discovered the vulnerability states, “The batteries’ chips are shipped with default passwords, such that anyone who discovers that password and learns to control the chips’ firmware can potentially hijack them to do anything the hacker wants. That includes permanently ruining batteries at will, and may enable nastier tricks like implanting them with hidden malware that infects the computer no matter how many times software is reinstalled or even potentially causing the batteries to heat up, catch fire or explode.”
Apparently, Mr. Miller discovered two distinct passwords after going over a 2009 MacBook battery software update. “Using those keys, he was soon able to reverse engineer the chip’s firmware and cause it to give whatever readings he wanted to the operating system and charger, or even rewrite the firmware completely to do his bidding.” After that Miller could manipulate the battery functions at will.
It may seem like a trivial point of attack, but by going after the battery control chip, a skilled hacker could potentially install all kinds of malware and it would be incredibly difficult to delete.
According to Miller, “You could put a whole hard drive in, reinstall the software, flash the BIOS, and every time it would reattack and screw you over. There would be no way to eradicate or detect it other than removing the battery.”
Miller plans on exposing this potentially devastating threat at this year’s Black Hat
security conference in August. He is also expected to demonstrate a potential fix for the problem. Hopefully, Apple will issue an update soon after to protect MacBook users from malicious battery hacks.