MacBook batteries vulnerable to hack; could be explosively dangerous

A potentially dangerous security hole in Apple’s range of MacBook battery micro-controllers’ firmware could be exploited to destroy the batteries inside the notebooks, according to security researcher Charlie Miller. When looking into batteries in MacBooks, MacBook Pros and MacBook Airs, Miller found that through using passwords hidden in a 2009 software update designed to fix MacBook batteries, a hijacker could take control of the battery micro-controllers and cause all sorts of havoc.

Miller himself managed to kill seven MacBook batteries through exploiting this security hole, but goes further to explain what someone might be able to do. He claims that you could alter the heat readout chip and cause the battery to explode or catch fire, but didn’t test it himself because “I wasn’t super inclined to cause an explosion [in my house].” He also suggests that you could load malicious software into the battery controller that is deployed when a computer is started, re-infecting the system countless times:

You could put a whole hard drive in, reinstall the software, flash the BIOS, and every time it would reattack and screw you over. There would be no way to eradicate or detect it other than removing the battery. Presumably Apple has never considered that as an attack vector, so it’s very possible it’s vulnerable.

At the Black Hat security conference in August, Miller plans to present his research and also unveil a fix for anyone worrying over the state of their MacBook battery. The tool, named “Caulkgun”, will change the battery firmware password to a random string, preventing hackers from using the default passwords to infect the battery controller. Miller has also contacted Apple and Texas Instruments to notify them of the issue.

Report a problem with article
Previous Story

HP ProLiant ML110 G7, first Windows 8 server from HP?

Next Story

TalkTalk rated UK's worst broadband provider in survey

56 Comments

View more comments

yowan said,
Just buy a regular laptop with Windows instead of poor quality Apple hardware

Are you seriously telling me that you think the battery controller in a windows laptop wouldn't work the same way? Just a matter of someone having to figure out the password or bypass it...

Leonick said,

Just a matter of someone having to figure out the password or bypass it...

Let me know when someone figures out how to do that. Until then it's not an issue.

yowan said,
Just buy a regular laptop with Windows instead of poor quality Apple hardware
YES!!! EXACTLY. You muppets are not cool with your overpriced pretty junk. Get a computer not a toy.

TRC said,

Let me know when someone figures out how to do that. Until then it's not an issue.


I'd be willing to bet that the vast majority of laptop batteries in existence use the same or similar controllers, meaning that many or most of them are likely vulnerable to the same type of exploit.

asdavis10 said,

You fail.


Actually, he wins. How come Mac OSX is the only OS to be this insecure? There are many technical reports putting Windows above Mac in terms of security, yet these enthusiasts still insist that Macs are even the slightest bit secure simply because hackers choose not to use all of the exploits on this OS.

Doesn't matter, I guess. Let them use their insecure OS and see what happens. I wonder who will be bragging about "*nix security" then??

Xerax said,
I agree. A keylogger is much more dangerious than your battery exploding... /s

idiot.

You're the idiot. It's obvious that this wouldn't just affect mac batteries.

AFineFrenzy said,

You're the idiot. It's obvious that this wouldn't just affect mac batteries.

Yet.

Also you can bet that if you phoned up apple regarding this as a worried customer, they would blindly ignore the issue just like that business with Mac Defender(sp?)

Sounds like something you would hear in the list of funny customer complaints on a tech help line

"Hi whats the problem"
"My MacBook's Battery is infected"
...
...
...
"OoooK"

Click

I actually read about the possibility of exploiting the hardware of a computer through software means. It makes sense, since hardware is controlled by software these days (as opposed to the earlier days of computers without operating systems). The thing is, usually the kernel of the operating system is supposed to prevent hardware loops (which is why we have a BSOD or Kernel Panic for Windows/Mac or Linux systems). However, this exploit apparently seems to get past the kernel, I'm guessing. If so, this just proves the insecurity of Unix even more, contrary to some enthusiast's beliefs. The scary thing about this, though, is that all computers contain explosive parts in them that could be activated via a software exploit.

Yes, but this sort of attack is theoretically academic, correct?

I remember a report claiming that hackers could hack into routers and create botnets without even infecting any computers.

Alarmism, if anything. Nothing is completely secure from attack.

XX55XX said,
Yes, but this sort of attack is theoretically academic, correct?

I remember a report claiming that hackers could hack into routers and create botnets without even infecting any computers.

Alarmism, if anything. Nothing is completely secure from attack.


Maybe you should read up on busybox shells, lulzsec, how routers work, etc.

Also just to point out that I don't think this effects many other laptops, generally laptops don't have battery firmwares, they're loaded with a single version and that's it, quite why apple has firmware updates for BATTERIES is something that worries me, do they release models with buggy and untested battery components?

This makes me remember a tech company I worked for a while back. The testing department would constantly get a virus on their computers (MSDOS) used to test a certain board and I would eradicate it, only to have it return some time later. It turned out that one of the testing CPUs had the virus on it (we would insert the CPU in the board when testing it, and remove it once done and use it on another board). We stopped using that CPU and the virus never returned.

Commenting is disabled on this article.