Endless Paradigm

Quote:A security researcher has found a way to install persistent malware or disable the battery system of Apple's MacBook line.

Former National Security Agency employee Dr Charlie Miller has discovered a way to gain control of the microprocessor embedded in MacBook batteries, which could allow the installation of virtually undetectable malware, or simply destroy the entire unit.

"You could put a whole hard drive in, reinstall the software, flash the BIOS, and every time it would reattack and screw you over. There would be no way to eradicate or detect it other than removing the battery." Miller told Forbes.

The attack is possible because Apple's batteries ship with default passwords, which Miller discovered by reverse-engineering a 2009 software update Apple issued for its MacBook line. After discovering the passwords he then bricked seven batteries while discovering the capabilities of the embedded system.

Malware installed on the battery would still need to find a weakness to cross into the operating system, but Miller said this was unlikely to be a problem, since the system did not appear to have been designed with security in mind.

Besides malware and bricking, Miller discovered how to use the controller to raise the temperature in the battery. In practice safety fuses would most likely burn out before the device exploded, since most recorded instances have involved contaminants in the battery power supply such as metal fragments, but the possibilities for mischief were there.

"These batteries just aren't designed with the idea that people will mess with them," Miller said.

"What I'm showing is that it's possible to use them to do something really bad."

Both Apple and Texas Instruments have seen his research and he will be showing the full data at the Black Hat security conference in August. He will also be releasing a tool called Caulkgun which generates random passwords for the MacBook's battery, although this could block later patches by Apple.

Miller, currently a researcher with security advisors Accuvant, has a long history of unusual hacks. In 2008 he was part of a team that hacked Android for the first time and has won prizes at CanSecWest for cracking the MacBook Air in under two minutes and repeatedly hacking Safari.

Apple Sauce

Lol @ Apple

Joomla12 Wrote: [ -> ]Lol @ Apple

Exactly:)

Joomla12 Wrote: [ -> ]

Quote:"What I'm showing is that it's possible to use them to do something really bad."

Really now?

Will be interesting to see if this will be used for anything... err... interesting.

In all seriousness, it's nothing that great IMO.  Interesting that it's a battery, but in reality, many things have firmwares (CD drives, HDDs etc) which are updateable, so you could theoretically hide malware in there too.

But batteries are the last place you'd look for something causing malware symptoms, so this is pretty cunning.

Good thing I don't have apple products. But seriously, standard default passwords? Why not a password based on the S/N of the battery itself?

I wonder if this would this effect the older versions of the Macbook? I'll admit it does have me a bit worried, I have had my Macbook Black since 2006 and have always loved using it.

I probably wouldn't be that worried.  First, some malware needs to gain control of your system before it can even try to write to the battery's firmware.

What I'm surprised is why the firmware is writeable at all.

Good.. phase 1 is complete.

Lol, well I suppose I just have to be careful as always. This reminds me of a similar hack that destroyed the Dreamcast via PSO, I was getting afraid everytime I logged on. It's scary what some people can do with technology but that's the risk living in the online world.

wow... and i still know people who'll defend mac's "no viruses" argument till their death......