Apple laptop batteries could run malware, overheat

By on
Apple laptop batteries could run malware, overheat

Releases fix to fill microchip vulnerability.

Batteries in Apple laptops could be vulnerable to hacking, causing them to overheat or run malware according to security researcher Charlie Miller.

The vulnerability, discovered by Miller, would take advantage of microchips within the battery, used by Apple laptops to prevent a battery from charging once it is full to prevent overheating.

As the chips are shipped with default username and passwords, they could allow an attacker to exploit the battery's firmware.

Forbes reported Miller had reverse engineered the battery firmware in the MacBook line of laptops to manipulate commands sent to the operating system and charger.

He said the battery systems were not designed to prevent exploitation.

"What I'm showing is that it's possible to use them to do something really bad," Miller told Forbes.

This could include loading the chips with malware, a process that could mitigate detection.

"You could put a whole hard drive in, reinstall the software, flash the BIOS, and every time it would re-attack and screw you over. There would be no way to eradicate or detect it other than removing the battery."

Researchers asked Miller not to publish the findings but he said he had designed a tool that would encrypt the stored passwords, preventing the attacks.

He planned to release the tool and research at the US Black Hat conference next week.

Apple refused to comment on the vulnerability, but had received information on the research.

Miller has a demonstrated history of finding vulnerabilities with Apple products, including some in the computing giant's MacBook Air, its Safari browser and a denial of service vulnerability in the iPhone using SMS messaging.

Copyright © SC Magazine, Australia

Tags:

Most Read Articles

Log In

Username:
Password:
|  Forgot your password?