July 24, security chief of the laboratory consultant company Accuvant • Charlie Miller found that the Apple laptop battery chip security vulnerability, and thus vulnerable to hacker attacks, data theft even lead battery scrap.
Will be held in August in the “Black Hat conference,” Charlie Miller, plans to • people report an attack on Apple’s new notebook computer method, which uses a battery of security control weaknesses exist in the chip.
Modern laptop batteries have a capacity to monitor the level of micro-controller, it helps the operating system and recharge the battery charger detection. The chip makes the lithium batteries, even when the computer shuts down can also determine the destination charge, and can adjust the heat to the battery to ensure their safety.
However, in the detection of some of the Macbook, Macbook Pro and Macbook Air laptop computer batteries, Miller found that they are vulnerable to attack. Batteries at the factory with the default password, just cracked the password can control the chip firmware, and may make any hacker attacks, can cause permanent damage to the battery, malicious software can secretly to infect the computer, or even cause the battery to overheat, catch fire or explode.
In order to solve the Macbook battery problems, Apple released in 2009, software update, Miller through its analysis, found the two groups can be used to enter and modify the Apple battery password. With the password, he soon will be able to reverse the transformation chip firmware, free to manipulate the operating system and charger for the chip to read the data, or even completely rewrite the firmware.
Therefore, the battery becomes effortlessly can not be recognized by the computer - Miller has easily scrapped 7 cells (the total value of about $ 130). He pointed out that from the criminal point of view, even on a chip installed in the persistence of malicious software, as other parts of infected computers, steal data, function control and even let the computer crash. When checking the source of infection, few IT managers will think the battery firmware, so the chip can be repeated undetected malware infected PC.
In addition, to carry out such attacks, they need the chip and the interface between the operating system to find another loophole. But Miller seems that this is not a difficult one. “May it never be regarded as an attack entry point for Apple, so it may be easily compromised.”
Then the hacker may be to detonate by remote control batteries? Miller did not do so, but he believes this is possible, he said: “test in my own home, so I do not want to cause an explosion there.”
Miller said, some researchers suggested that he not continue the study of the battery, because it may be too dangerous. However, Miller found that for their own problems have solutions. He plans to held in August this year, “Black Hat conference,” released a product called “leak-proof gun” (Caulkgun) tools to help Apple users to change their battery firmware password random sequence, thus preventing him from ever conducted that the factory password for the attack. Miller also reflect his findings to Apple and Texas Instruments, to arouse their attention on the vulnerability. And Apple has not yet made any response to this.
