Security researcher Charlie Miller claims to have found a new security flaw in Apple laptops that could allow hackers to ruin laptop batteries, infect them with malware or potentially cause them to overheat and catch fire. Mr. Miller, a principal research consultant at Accuvant Labs, said he has found a way to manipulate chips embedded inside Apple laptop batteries.
Modern laptop batteries contain a microcontroller that monitors the power level of the unit, allowing the operating system and the charger to check on the battery’s charge and respond accordingly. That embedded chip means the lithium ion batteries can know when to stop charging even when the computer is powered off, and can regulate their own heat for safety purposes.
Those chips can be remotely controlled by hackers using a default password that Mr. Miller found on a website of the chip’s creator, Texas Instruments. Apple never changed the default password, Miller said.
Miller’s discovery, first reported by Forbes, is the latest potential security flaw found in Apple’s product line. Earlier this month, security experts disclosed a bug in Apple’s iOS operating system that could allow criminal hackers to gain remote access to iPhones, iPads and iPod Touch devices, Reuters reported. Apple said it is fixing that issue in an upcoming software update.
At the very least, Miller found he could ruin laptop batteries by altering the chip’s code. Not wanting to set his home on fire, Miller stopped there. But he imagines darker possibilities for hackers if Apple does not fix the security flaw. “I have full access to the battery and I can make any changes I want,” Miller told The Huffington Post.
For example, hackers could install malware on the battery that would not be detected by anti-virus software because it would not appear on the hard drive, he said. The malware could attack the laptop’s operating system again and again, even after the user installed a new hard drive. “The battery would keep attacking it,” he said.
Mr. Miller, a former security researcher for the National Security Agency, said it’s possible that Apple has taken extra security measures to prevent that from happening, or worse, causing a battery to overheat and catch fire. He said he reported his findings to Apple but did not hear back.
Mr. Miller isn’t the first to explore the danger of explosive batteries triggered by hackers. Barnaby Jack, a researcher for with antivirus giant McAfee, says he worked on the problem in 2009, but he says he ”benched the research when I didn’t succeed in causing any lithium ion fires. Charlie has taken it a lot further and surpassed where I was at the time.”
An Apple spokeswoman did not return a call for comment. Since his discovery, Miller said he has received some criticism. “People thought maybe I had blown up batteries, but I haven’t blown up anything,” he said. “It’s a step in that direction, but I don’t really know what all the implications are.”
Miller said he wrote a paper on the security flaw that he plans to present at the Black Hat security conference in August in Las Vegas, where he also plans to unveil a solution called a “Caulkgun” that changes the battery’s default password.
While the security flaw presents a potential danger, Miller said most users should not be overly concerned about a hacker taking over their laptop battery. “It’s really only for people who are very paranoid,” he said. [via The Huff Post and Forbes]