Are the batteries in Apple Inc.’s laptops too smart for their own good?
Security researcher Charlie Miller has found a potential security weakness that potentially allows a hacker to take control of a MacBook – or even have it explode.
“These batteries just aren’t designed with the idea that people will mess with them. What I’m showing is that it’s possible to use them to do something really bad,” Miller said, according to a blog post on Forbes.com.
Miller is currently a researcher with the consultancy Accuvant, Forbes said.
Laptop batteries contain a microcontroller that monitors the power level and lets the laptop’s operating system and charger respond appropriately.
Such microcontrollers can even regulate the heat they generate.
But Miller said that when he examined batteries in several Macbooks, Macbook Pros and Macbook Airs, he found the batteries’ chips are shipped with default passwords.
Potentially, he said anyone who discovers that password and learns to control the chips’ firmware can use the batteries to hack into the MacBooks.
Miller said he plans to expose and provide a fix for a potential attack using the microchips that control their batteries, at a Black Hat security conference in August.
That includes “permanently ruining batteries at will, and may enable nastier tricks like implanting them with hidden malware that infects the computer no matter how many times software is reinstalled or even potentially causing the batteries to heat up, catch fire or explode,” Forbes said.
He also said he plans to release a tool for Apple users, “Caulkgun,” that changes the battery firmware’s passwords to a random string.
Miller also sent Apple and Texas Instruments his research to inform them of the vulnerability, although he has yet to get a reply from Apple.
“No one has ever thought of this as a security boundary,” says Miller. “It’s hard to know for sure everything someone could do with this.”
Criminal potential
Forbes quoted Miller as saying one can install persistent malware on the chip that infects the rest of the computer to steal data, control its functions, or cause it to crash.
“You could put a whole hard drive in, reinstall the software, flash the BIOS, and every time it would reattack and screw you over. There would be no way to eradicate or detect it other than removing the battery,” he said.
He said few IT administrators would think to check a battery’s firmware for the source of that infection.
Worse, the chip could re-infect the computer again and again if it is not discovered.
Blowing up
Forbes said that the disturbing prospect of a hacker remotely blowing up a battery on command may be possible.
Miller said that while the batteries he examined have safeguards against explosions, having a battery blow up on command might still be possible.
“You read stories about batteries in electronic devices that blow up without any interference. If you have all this control, you can probably do it,” he said.
Analyzing software updates
Miller discovered two passwords in accessing and altering Apple batteries by analyzing a software update Apple instituted in 2009 to address a problem with Macbook batteries.
He reverse-engineered the firmware and found how to rewrite the firmware to do whatever he wanted. — TJD, GMA News
– Credit: http://www.gmanews.tv/story/227329/technology/macs-prone-to-hacking-via-battery-report
Sharkey says: I’m guessing that confidential source is one of the pink slipped Sony Network Operations Center employees. We’ve already heard security experts outside of Sony accuse the company of not doing enough to protect customer data, but if someone on the inside is coming forward, that’s a whole other can of worms. Amid a handful of other lawsuits against Sony over the PSN breach, this one officially becomes the one to watch.
In the midst of all the 
Meanwhile, there seem to be plenty of other hackers with a similar idea. A group calling themselves Team Web Ninjas has dedicated a 
