AAPL Stock: 117.81 ( -0.22 )

Printed from

Security hack can 'kill' MacBook battery firmware

updated 02:15 pm EDT, Fri July 22, 2011

White hat hacker to show MacBook battery risk

Accuvant security researcher Charlie Miller on Friday revealed plans to demonstrate an exploit that would compromise the batteries, not the computers, on MacBooks. Apple's batteries reportedly use default passwords on their firmware and can have their controllers compromised by those who know the passwords and can get access to the low level hardware. The hole shown to Forbes could lead to something as simple as rendering the battery inoperable to auto-installing malware and even forced overheating.

Miller has so far wrecked seven batteries with the hack, though none to the point where they suffer physical damage. Batteries have a fuse that will automatically cut if they overheat in normal conditions.

The passwords were found by dissecting one of Apple's 2009 battery updates and getting code keys that let him look at the firmware.

The actual risks are difficult to determine. To get access to the battery, a malware developer would need to first breach the OS itself. While not necessarily difficult, it would add an additional layer. It's also possible many Windows PCs face the same vulnerability and haven't had it exposed.

As a 'white hat' hacker, Miller plans to release his own intermediary fix, Caulkgun, that would randomize the password. Apple and the battery controller chip maker, TI, have also been notified about the update. More details are expected at the Black Hat security event in August.

Miller is known for his Mac-focused exploit discovery but has usually focused on Safari and other purely software-based investigations. He has sometimes won the Pwn2Own hacking contest, where the user first to successfully hack a platform wins the device they hacked.

by MacNN Staff



  1. The Vicar

    Joined: Dec 1969


    Geez, Apple

    On the one hand, I refuse to get concerned about this until I see what is actually required to use this hack to damage the battery. If it turns out that you need to do some sort of Voodoo multi-step procedure involving user interaction, then this is -- as these security complaints so often are -- just nonsense.

    On the other hand, this isn't the first time Apple has allowed a security hole in their products by failing to properly protect firmware of things other than the computer itself. Remember the flaw with keyboards?

  1. Monty Python

    Joined: Dec 1969


    Go suck on a beet, Charlie

    Let me guess, next Mr. Miller will report having found malware that severs the power cords on Macs.

    Sheesh, what a goober!

  1. BigMac2

    Joined: Dec 1969


    How to scares people about nothing

    You know, you can do the same with any optical drive and HD firmware and no one care.

  1. murdoch201

    Joined: Dec 1969



    hahaha, love it how that Apple fanboy writer wishes that PC's had the same.
    Too bad for him, if the antivirus has no acces, neither Windows will have acces.
    That's why Mac's are so funny, they are leak like h***.

Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines

Follow us on Facebook


Most Popular


Recent Reviews

Ultimate Ears Megaboom Bluetooth Speaker

Ultimate Ears (now owned by Logitech) has found great success in the marketplace with its "Boom" series of Bluetooth speakers, a mod ...

Kinivo URBN Premium Bluetooth Headphones

We love music, and we're willing to bet that you do, too. If you're like us, you probably spend a good portion of your time wearing ...

Jamstik+ MIDI Controller

For a long time the MIDI world has been dominated by keyboard-inspired controllers. Times are changing however, and we are slowly star ...


Most Commented