Joom
WOOP
Posts: 4,206.7320
Threads: 417
Joined: 20th Mar 2009
Reputation: 5.41709
E-Pigs: 134.1772
|
Researcher hacks the batteries of Apple’s MacBook to allow persistent
Quote:A security researcher has found a way to install persistent malware or disable the battery system of Apple's MacBook line.
Former National Security Agency employee Dr Charlie Miller has discovered a way to gain control of the microprocessor embedded in MacBook batteries, which could allow the installation of virtually undetectable malware, or simply destroy the entire unit.
"You could put a whole hard drive in, reinstall the software, flash the BIOS, and every time it would reattack and screw you over. There would be no way to eradicate or detect it other than removing the battery." Miller told Forbes.
The attack is possible because Apple's batteries ship with default passwords, which Miller discovered by reverse-engineering a 2009 software update Apple issued for its MacBook line. After discovering the passwords he then bricked seven batteries while discovering the capabilities of the embedded system.
Malware installed on the battery would still need to find a weakness to cross into the operating system, but Miller said this was unlikely to be a problem, since the system did not appear to have been designed with security in mind.
Besides malware and bricking, Miller discovered how to use the controller to raise the temperature in the battery. In practice safety fuses would most likely burn out before the device exploded, since most recorded instances have involved contaminants in the battery power supply such as metal fragments, but the possibilities for mischief were there.
"These batteries just aren't designed with the idea that people will mess with them," Miller said.
"What I'm showing is that it's possible to use them to do something really bad."
Both Apple and Texas Instruments have seen his research and he will be showing the full data at the Black Hat security conference in August. He will also be releasing a tool called Caulkgun which generates random passwords for the MacBook's battery, although this could block later patches by Apple.
Miller, currently a researcher with security advisors Accuvant, has a long history of unusual hacks. In 2008 he was part of a team that hacked Android for the first time and has won prizes at CanSecWest for cracking the MacBook Air in under two minutes and repeatedly hacking Safari.
Apple Sauce
Lol @ Apple
3DS Friend Code: 5000-6045-4964
|
|
| 25/07/2011 12:49 AM |
|
I ♥ GUCCI
I ♥ POOP
Posts: 991.7700
Threads: 20
Joined: 4th Jun 2011
Reputation: 3.37413
E-Pigs: 28.4520
|
RE: Researcher hacks the batteries of Apple’s MacBook to allow persist
(25/07/2011 12:49 AM)Joom Wrote: Lol @ Apple
Exactly:)
![[Image: stickerw.png]](http://img11.imageshack.us/img11/830/stickerw.png)
GUCCI?
Well that too! BUT Not exactly the brand GUCCI!
GUCCI is what I call the girl I'm in ♥ with :)
It's kind of like her pet name!
LOL :)
|
|
| 25/07/2011 12:51 AM |
|
S7*
Sweet Dreams
Posts: 16,689.4373
Threads: 1,056
Joined: 3rd Apr 2007
Reputation: 14.29926
E-Pigs: 383.2309
|
RE: Researcher hacks the batteries of Apple’s MacBook to allow persist
(25/07/2011 12:49 AM)Joom Wrote: Quote:"What I'm showing is that it's possible to use them to do something really bad."
Really now?
Will be interesting to see if this will be used for anything... err... interesting.
|
|
| 25/07/2011 01:05 AM |
|
ZiNgA BuRgA
Smart Alternative
Posts: 17,022.2988
Threads: 1,174
Joined: 19th Jan 2007
Reputation: -1.71391
E-Pigs: 446.1274
|
RE: Researcher hacks the batteries of Apple’s MacBook to allow persist
In all seriousness, it's nothing that great IMO. Interesting that it's a battery, but in reality, many things have firmwares (CD drives, HDDs etc) which are updateable, so you could theoretically hide malware in there too.
|
|
| 25/07/2011 01:26 AM |
|
Darksidehearts
Able One
Posts: 99.2565
Threads: 1
Joined: 24th May 2011
Reputation: 0.76198
E-Pigs: 5.3375
|
RE: Researcher hacks the batteries of Apple’s MacBook to allow persist
I wonder if this would this effect the older versions of the Macbook? I'll admit it does have me a bit worried, I have had my Macbook Black since 2006 and have always loved using it.
|
|
| 25/07/2011 07:03 PM |
|
ZiNgA BuRgA
Smart Alternative
Posts: 17,022.2988
Threads: 1,174
Joined: 19th Jan 2007
Reputation: -1.71391
E-Pigs: 446.1274
|
RE: Researcher hacks the batteries of Apple’s MacBook to allow persist
I probably wouldn't be that worried. First, some malware needs to gain control of your system before it can even try to write to the battery's firmware.
What I'm surprised is why the firmware is writeable at all.
|
|
| 25/07/2011 07:17 PM |
|
Darksidehearts
Able One
Posts: 99.2565
Threads: 1
Joined: 24th May 2011
Reputation: 0.76198
E-Pigs: 5.3375
|
RE: Researcher hacks the batteries of Apple’s MacBook to allow persist
Lol, well I suppose I just have to be careful as always. This reminds me of a similar hack that destroyed the Dreamcast via PSO, I was getting afraid everytime I logged on. It's scary what some people can do with technology but that's the risk living in the online world.
|
|
| 25/07/2011 10:25 PM |
|
Link 1
Void
Downloads
Find teh crap
List of Pplz
Don't Click me
![[Image: ROVBdMh.png]](http://i.imgur.com/ROVBdMh.png)
![[Image: khadorsigfinal.jpg]](http://img24.imageshack.us/img24/9775/khadorsigfinal.jpg)
![[Image: tumblr_mlae69vAW21rmerh9o1_400.gif]](http://25.media.tumblr.com/e99782808645bb4243ca179bc9b56d31/tumblr_mlae69vAW21rmerh9o1_400.gif)
More stuff![[Image: K7UVN.png]](http://i.imgur.com/K7UVN.png)
![[Image: cq8au.gif]](http://i.imgur.com/cq8au.gif)
![[Image: ofusT.png]](http://i.imgur.com/ofusT.png)
[![[Image: 9252_s.gif]](http://signavatar.com/9252_s.gif)
![[Image: spideysigcopycopycopy.png?t=1308548347]](http://i257.photobucket.com/albums/hh239/ccandrew_111/spideysigcopycopycopy.png?t=1308548347)
![[Image: ccandrew.png]](http://www.yourgamercards.net/trophy/a/ccandrew.png)
