Mac notebook batteries can be hacked!!!

The chip that helps control your Mac notebook's battery could be the latest target for attackers.


A report in Forbes today details the findings of Accuvant security researcher Charlie Miller, who claims to have found rather lackluster security guarding the firmware that controls various notebook battery functions and data stores.

Culling through a battery firmware update Apple released back in 2009, Miller pulled out two passwords that would grant access to that firmware, giving would-be attackers the ability to alter readings sent back to the OS and even add small software programs that stay off the hard drive. Miller noted that he outright permanently disabled seven notebook batteries during testing.

A key part of the exploit, Miller told Forbes, was that the batteries use the same passwords, making it an easy hack once you have the right credentials. Potentially complicating that is the fact that Apple builds its batteries into its notebook computers versus making them removable. That change began in 2009 with the 17-inch MacBook Pro, and trickled down to the other models, resulting in considerable battery life gains at the expense of easy replacement. This means if a battery were to somehow be compromised, it's a trickier fix. At the same time, it means potential attackers need to gain control of that system before they can do anything, short of taking apart the machine.

So far the hack is a proof of concept, and has not yet been documented in the wild. Miller told Forbes he plans to detail the exploit as well as show off a fix at next month's Black Hat security conference in Las Vegas.

An Apple representative declined to comment on Miller's findings.

Source: #-Link-Snipped-#


You are reading an archived discussion.

Related Posts

Win my eternal owing should you help me! Hi ALL! Confused Newbie here! 😐 Was hoping to get some help for this qualification project. I'm an aspiring Chemical Engineer, still...
Is there a good btech tutor available in delhi which can teach subjects like microprocessor,computer architecture, signal and systems be it home tuition or not?
if a blog has good content but not a popular one,still adsense will be approved for that blog?
Hello , Engineers from all over the world . I am in a bit of dilemma and I know most of the people are experience here so I need your...
CEans, As promised, we've updated CrazyEngineers forum to revamp our text editor. Earlier text editor had its own shortcomings and didn't really go well with the needs of formatting. The...