Image by Getty Images via @daylife
Charlie Miller, famous for his work on Apple products, has found a way to hack into a MacBook. He goes in through the battery which has it’s own monitoring circuit that tells the OS what the battery’s status is.
The MacBook’s batteries are shipped with a password set by default on the chips, so anyone knowing the password could control the battery’s firmware and cause one of a plethora of results, including wrecking the battery (catching it on fire) or installing malware. Not just any malware; one that reinstalls itself every time the OS is booted.
Apple Needs an App to Fix the Battery Password
Miller explained that these batteries were not designed for people to mess with them; they come ready to leave them alone to function for the normal life of the battery. What Miller is saying is that it’s totally possible for people to wreak havocon MacBook owners. Not good news.
A user could go through a myriad of processes trying to fix the machine. He could put a brand new hard drive in, reinstall brand new software and flash the BIOS, just to be re-attack every time the laptop reboots. It could take someone forever to figure out, and if they never looked at the battery to be the gateway, they’d likely never find it.
There’s only one way to fix a computer with this balderdash, and that’s to remove and replace the laptop’s battery. Simple.
At the 2011 Black Hat security conference Miller will present what he’s found and introduce a new program that can change the battery’s password into a random string.
