A SECURITY researcher has found a way to exploit the microcontroller in Apple’s laptop batteries.
According to Accuvant Labs’ Charlie Miller, the security problem could allow malicious exploiters to cause fire or explosions. The microcontroller’s flash memory can also be exploited to create a permanent malware infection which keeps re-infecting a computer after it has been cleansed.
Laptop batteries are no longer dumb power-supplying units. Modern batteries include microcontrollers which monitor the battery voltage, current, and temperature. They can also control these factors to optimise battery performance.
Miller claims Apple left the default passwords on its Smart Battery System, which he accessed with help from publicly-available documentation.
By hacking the microcontrollers, he can reprogram the firmware, causing the battery to erroneously report values, or making the charger overcharge the battery. If the parameters are tampered with incorrectly, the battery could fail or explode.
Miller has passed on details of the security weakness to Apple, and will present the findings at the Black Hat conference, 4 August.
Researcher hacks into Apple's laptop battery's microcontroller Electronics News