Printed from

Security hack can 'kill' MacBook battery firmware

updated 02:15 pm EDT, Fri July 22, 2011

White hat hacker to show MacBook battery risk

Accuvant security researcher Charlie Miller on Friday revealed plans to demonstrate an exploit that would compromise the batteries, not the computers, on MacBooks. Apple's batteries reportedly use default passwords on their firmware and can have their controllers compromised by those who know the passwords and can get access to the low level hardware. The hole shown to Forbes could lead to something as simple as rendering the battery inoperable to auto-installing malware and even forced overheating.

Miller has so far wrecked seven batteries with the hack, though none to the point where they suffer physical damage. Batteries have a fuse that will automatically cut if they overheat in normal conditions.

The passwords were found by dissecting one of Apple's 2009 battery updates and getting code keys that let him look at the firmware.

The actual risks are difficult to determine. To get access to the battery, a malware developer would need to first breach the OS itself. While not necessarily difficult, it would add an additional layer. It's also possible many Windows PCs face the same vulnerability and haven't had it exposed.

As a 'white hat' hacker, Miller plans to release his own intermediary fix, Caulkgun, that would randomize the password. Apple and the battery controller chip maker, TI, have also been notified about the update. More details are expected at the Black Hat security event in August.

Miller is known for his Mac-focused exploit discovery but has usually focused on Safari and other purely software-based investigations. He has sometimes won the Pwn2Own hacking contest, where the user first to successfully hack a platform wins the device they hacked.

By Electronista Staff
Post tools:




  1. The Vicar

    Junior Member

    Joined: Jul 2009


    Geez, Apple

    On the one hand, I refuse to get concerned about this until I see what is actually required to use this hack to damage the battery. If it turns out that you need to do some sort of Voodoo multi-step procedure involving user interaction, then this is -- as these security complaints so often are -- just nonsense.

    On the other hand, this isn't the first time Apple has allowed a security hole in their products by failing to properly protect firmware of things other than the computer itself. Remember the flaw with keyboards?

  1. Monty Python

    Fresh-Faced Recruit

    Joined: Jan 2011


    Go suck on a beet, Charlie

    Let me guess, next Mr. Miller will report having found malware that severs the power cords on Macs.

    Sheesh, what a goober!

  1. BigMac2

    Forum Regular

    Joined: Dec 2000


    How to scares people about nothing

    You know, you can do the same with any optical drive and HD firmware and no one care.

  1. murdoch201

    Fresh-Faced Recruit

    Joined: Jul 2011



    hahaha, love it how that Apple fanboy writer wishes that PC's had the same.
    Too bad for him, if the antivirus has no acces, neither Windows will have acces.
    That's why Mac's are so funny, they are leak like h***.

Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines


Most Popular


Recent Reviews

Apple 13-inch MacBook Pro (Early 2015)

Although the new darling of the Apple MacBook line up is the all-new MacBook, Apple has given its popular 13-inch MacBook Pro with Ret ...

Seagate Wireless

It seems like no matter how much internal storage is included today's mobile devices, we, as users, will always find a way to fill the ...

Lenovo Yoga Tablet 2 (Android, 10.1-inch)

Lenovo is building a bigger name for itself year after year, including its devices expanding beyond desktop computers. The company's l ...



Most Commented


Popular News