We worry a lot about our computers' — and increasingly our phones' — security vulnerabilities. But how could a laptop's battery be used for malware or other mischief?
It might, at least in some Mac batteries, according to security researcher Charlie Miller, who has previously discovered exploits in iPhones and iPads as well as the Android mobile operating system.
Miller says modern batteries in laptops like MacBooks, MacBook Pros and MacBook Airs have an embedded chip to help the batteries perform more efficiently. But those chips have default passwords that could be easy for a hacker to figure out, he says, then potentially plant malware that infects the laptop. Troublemakers could even mess with the battery itself to the point it catches fire or explodes, he says.
He knows first-hand, after essentially testing his theory out and destroying seven batteries (with some of fruits of his handiwork shown in the photo above).
"These batteries just aren’t designed with the idea that people will mess with them,” Miller told Forbes. “What I’m showing is that it’s possible to use them to do something really bad.”
Miller, who works for Accuvant Labs, plans to share a proposed fix for the potential problem at the Black Hat conference next month. A program called “Caulkgun” would change the battery "firmware’s passwords to a random string, preventing the default password attack he used," Forbes said.
Miller says he has let Apple know about the problem, but has yet to hear back from the company.
— Via Forbes
Related stories:
- Android apps leakers when it comes to security?
- Got an iPhone? Download this security fix now
- Security holes discovered in iPhones, iPads
Check out Technolog, Gadgetbox, Digital Life and In-Game on Facebook , and on Twitter , follow Suzanne Choney.