Home : Security : News

Apple batteries can be hacked, says researcher

It's possible to hack Apple MacBook batteries, but you might not be able to blow them up just yet.

By Tom Brewster, 25 Jul 2011 at 10:05

It is possible to hack Apple MacBook batteries, with the potential to set them on fire, notable security researcher Charlie Miller believes.

Miller will talk about how to compromise an Apple battery by taking over its “embedded controller” at the Black Hat conference in Las Vegas next month.

That controller – the chip responsible for charging the battery - is used in a large number of MacBook, MacBook Pro and MacBook Air laptops.

“I will demonstrate how the embedded controller works. I will reverse engineer the firmware and the firmware flashing process for a particular smart battery controller,” explained Miller, who currently works as Accuvant Labs' principal research consultant.

“In particular, I will show how to completely reprogram the smart battery by modifying the firmware on it. Also, I will show how to disable the firmware checksum so you can make changes. I present a simple API that can be used to read values from the smart battery as well as reprogram the firmware.”

He said hackers with the ability to control a working smart battery could cause safety issues, such as overcharging or fire.

To hack the hardware, Miller found he first needed to crack a four-byte password needed to unlock the battery from “sealed mode,” Kaspersky’s Threat Post reported.

He then had to find another password to gain full control of the battery.

“You can read all the firmware, make changes to the code, do whatever you want. And those code changes will survive a reinstall of the OS, so you could imagine writing malware that could hide on the chip on the battery,” Miller said.

“You'd need a vulnerability in the OS or something that the battery could then attack, though.”

Despite his best intentions, Miller was unable to make the battery explode or set on fire.

He will release a tool at the Black Hat conference to change default passwords on the battery’s chip so the hacks will no longer work and the device will be permanently locked in sealed mode.

Email to a friend

Print this page

< Previous Security : News Next >

1 comments

You need to Login or Register to comment.

Charlie Miller likely to be used in terror attacks

It is possible to hack Charlie Miller, with the potential to set him on fire.

You can gain access to his brain by leaving subliminal messages in the arrangement of tomatoes on his pizza, which encourage him to over exercise until he spontaneously combusts. Additional messages in the arrangement of the black olives can ensure that he does this adjacent to important US military installations.

The situation is made worse by Domino Pizza's lack of facilities to sign pizza's to check that they have not been tampered with.

However improbable this may seem, its more likely to come to pass than Charlie's own contentions.

By Henry_3_Dogg on Tuesday Jul 26

Latest Security Analysis & Insight

What is your password worth?

Would you be tempted to sell off company passwords for a fee? If not, seems like you're in the minority, acccording to research.

More Security Analysis & Insight

Latest Security Reviews

Check Point 2210 Appliance review

Rating:

Check Point's new 2200 Appliances combined enterprise level network security with an SMB price tag. Its software blades provide a wealth of features, but do they complicate deployment? Read this exclusive review to find out.

More Security Reviews