updated 02:15 pm EDT, Fri July 22, 2011
White hat hacker to show MacBook battery risk
Accuvant security researcher Charlie Miller on Friday revealed plans to demonstrate an exploit that would compromise the batteries, not the computers, on MacBooks. Apple's batteries reportedly use default passwords on their firmware and can have their controllers compromised by those who know the passwords and can get access to the low level hardware. The hole shown to Forbes could lead to something as simple as rendering the battery inoperable to auto-installing malware and even forced overheating.
Miller has so far wrecked seven batteries with the hack, though none to the point where they suffer physical damage. Batteries have a fuse that will automatically cut if they overheat in normal conditions.
The passwords were found by dissecting one of Apple's 2009 battery updates and getting code keys that let him look at the firmware.
The actual risks are difficult to determine. To get access to the battery, a malware developer would need to first breach the OS itself. While not necessarily difficult, it would add an additional layer. It's also possible many Windows PCs face the same vulnerability and haven't had it exposed.
As a 'white hat' hacker, Miller plans to release his own intermediary fix, Caulkgun, that would randomize the password. Apple and the battery controller chip maker, TI, have also been notified about the update. More details are expected at the Black Hat security event in August.
Miller is known for his Mac-focused exploit discovery but has usually focused on Safari and other purely software-based investigations. He has sometimes won the Pwn2Own hacking contest, where the user first to successfully hack a platform wins the device they hacked.