AAPL Stock: 110.38 ( + 0.8 )

Printed from

Security hack can 'kill' MacBook battery firmware

updated 02:15 pm EDT, Fri July 22, 2011

White hat hacker to show MacBook battery risk

Accuvant security researcher Charlie Miller on Friday revealed plans to demonstrate an exploit that would compromise the batteries, not the computers, on MacBooks. Apple's batteries reportedly use default passwords on their firmware and can have their controllers compromised by those who know the passwords and can get access to the low level hardware. The hole shown to Forbes could lead to something as simple as rendering the battery inoperable to auto-installing malware and even forced overheating.

Miller has so far wrecked seven batteries with the hack, though none to the point where they suffer physical damage. Batteries have a fuse that will automatically cut if they overheat in normal conditions.

The passwords were found by dissecting one of Apple's 2009 battery updates and getting code keys that let him look at the firmware.

The actual risks are difficult to determine. To get access to the battery, a malware developer would need to first breach the OS itself. While not necessarily difficult, it would add an additional layer. It's also possible many Windows PCs face the same vulnerability and haven't had it exposed.

As a 'white hat' hacker, Miller plans to release his own intermediary fix, Caulkgun, that would randomize the password. Apple and the battery controller chip maker, TI, have also been notified about the update. More details are expected at the Black Hat security event in August.

Miller is known for his Mac-focused exploit discovery but has usually focused on Safari and other purely software-based investigations. He has sometimes won the Pwn2Own hacking contest, where the user first to successfully hack a platform wins the device they hacked.

by MacNN Staff





  1. The Vicar

    Joined: Dec 1969


    Geez, Apple

    On the one hand, I refuse to get concerned about this until I see what is actually required to use this hack to damage the battery. If it turns out that you need to do some sort of Voodoo multi-step procedure involving user interaction, then this is -- as these security complaints so often are -- just nonsense.

    On the other hand, this isn't the first time Apple has allowed a security hole in their products by failing to properly protect firmware of things other than the computer itself. Remember the flaw with keyboards?

  1. Monty Python

    Joined: Dec 1969


    Go suck on a beet, Charlie

    Let me guess, next Mr. Miller will report having found malware that severs the power cords on Macs.

    Sheesh, what a goober!

  1. BigMac2

    Joined: Dec 1969


    How to scares people about nothing

    You know, you can do the same with any optical drive and HD firmware and no one care.

  1. murdoch201

    Joined: Dec 1969



    hahaha, love it how that Apple fanboy writer wishes that PC's had the same.
    Too bad for him, if the antivirus has no acces, neither Windows will have acces.
    That's why Mac's are so funny, they are leak like h***.

Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines

Follow us on Facebook


Most Popular


Recent Reviews

Polk Hinge Wireless headphones

Polk, a company well-established in the audio market, recently released a new set of headphones aimed at the lifestyle market. The Hin ...

Blue Yeti Studio

Despite being very familiar with Blue Microphones' lower-end products -- we've long recommended the company's Snowball line of mics ...

ZTE Spro 2 Smart Projector

Home theaters are becoming more and more accessible these days, but maybe you've been a bit wary about buying a home projector. And h ...


Most Commented