Researcher Claims Apple Batteries A Potential Security Risk

rated by 0 users
This post has 5 Replies | 1 Follower

Top 10 Contributor
Posts 26,710
Points 1,208,325
Joined: Sep 2007
News Posted: Sun, Jul 24 2011 9:17 PM
Of all the hundreds of thousands of computer viruses, trojans, rootkits, and worms that have been written since 'Elk Cloner' first appeared in the wild in 1981, the overwhelming majority of them have targeted computer software. Attacking computer hardware directly isn't impossible now (and wasn't then), but it tends to be extremely difficult to pull off en masse. It is therefore a touch unusual to see security researcher Charlie Miller claiming that Apple batteries represent a security flaw.

Miller will present his findings and provide a solution at the upcoming Black Hat conference, which runs from July 30 - August 4 in Las Vegas. General details, however, are -already available. Modern 'smart' batteries contain microcontrollers that monitor battery capacity, ensure that the storage cell isn't ever overcharged, and are capable of a certain degree of thermal management. Unfortunately, the batteries in at least some Macbook, Macbook Air, and Macbook Pro systems were all shipped out using default username/passwords.

As if all the ways people might be spying on you normally isn't freaky enough, now the call is coming from inside the house

Miller was able to reverse engineer the necessary data by analyzing a 2009 update Apple pushed out to address Macbook battery concerns. According to Forbes, he's since been able to force the battery to report whatever charge level he ordered it to show, and report the battery as having failed when it hadn't done so. He's also had no trouble deliberately killing batteries and has completely re-written the firmware to demonstrate how it could be used to conceal malware in an area virtually no one—even experienced IT staff—would ever think to look.

“You could put a whole hard drive in, reinstall the software, flash the BIOS, and every time it would reattack and screw you over. There would be no way to eradicate or detect it other than removing the battery." Miller told Forbes. The researcher, who has worked for the National Security Agency, acknowledged that the use-the-battery-as-malware-storage trick would need an additional vulnerability in order to hook into the operating system. He noted, however, that "Presumably Apple has never considered that as an attack vector, so it’s very possible it’s vulnerable.”

As hacks go, this is one of the more interesting we've heard of. As recently as a few years ago, even the smartest of smart batteries wouldn't have had enough on-device ROM to store "Hello World," much less any form of malware. Apple has yet to comment on the situation; Miller's presentation will likely contain additional info on which laptop models are affected. He's also developed a tool--nicknamed Caulkgun--that laptop owners can use to randomize their password and prevent this sort of attack, but warns that it comes with a caveat. Locking the battery down in this manner would also prevent Apple from implementing any of their own updates or changes, and could possibly lead to headaches down the line for legitimate customers in need of warranty service.
  • | Post Points: 80
Top 100 Contributor
Posts 997
Points 14,405
Joined: Nov 2009
Location: Ontario
Manduh replied on Mon, Jul 25 2011 9:50 AM

This is very interesting for sure and Apple should take his claims seriously so they can protect their customers. However, a "random password" is most likely easy to hack as well though. I hope you will further update us once more info is released... since I don't get my tech news from any where else :)

  • | Post Points: 5
Top 100 Contributor
Posts 1,110
Points 11,240
Joined: Jun 2010
Location: Pennsylvania
CDeeter replied on Mon, Jul 25 2011 11:32 AM

Sounds like this could be nasty. Imagine if the controller was set to over charge the battery. Not good.

  • | Post Points: 5
Top 50 Contributor
Posts 2,865
Points 29,645
Joined: Mar 2011
Location: United States, Connecticut
omegadraco replied on Mon, Jul 25 2011 12:16 PM

This is indeed a very interesting security vulnerability. Though it obviously cannot be exploited very easily since they need another hook into the operating system to be able to place the bit of code on the battery. I am very curious to see how Apple patches this problem.

  • | Post Points: 5
Top 100 Contributor
Posts 1,120
Points 12,940
Joined: Jun 2011
Location: East Coast

"Nothing is safe anymore, whats next?, your Monitors OSD?


  • | Post Points: 5
Not Ranked
Posts 1
Points 5
Joined: Jul 2012
MDriver replied on Thu, Jul 19 2012 2:16 PM

Apple? A hardware/software problem? I thought their motto was "It just works". I thought their products were impervious to malware, hacking, etc.. You must surely have held it wrong, or just don't know how to use it! That's what you would be told at Apple's "Genius Bar".

  • | Post Points: 5
Page 1 of 1 (6 items) | RSS