One security researcher discovered the password protecting the microcontroller in MacBook batteries is not unique for every notebook and is easily hackable. It could brick your battery, or worse, install malware that’s nearly impossible for the average person to scrub.
According to Forbes, Charlie Miller is the man who discovered this vulnerability and he plans to present his research at the upcoming Black Hat conference.
The batteries’ chips are shipped with default passwords, such that anyone who discovers that password and learns to control the chips’ firmware can potentially hijack them to do anything the hacker wants. That includes permanently ruining batteries at will, and may enable nastier tricks like implanting them with hidden malware that infects the computer no matter how many times software is reinstalled or even potentially causing the batteries to heat up, catch fire or explode. “These batteries just aren’t designed with the idea that people will mess with them,” Miller says. “What I’m showing is that it’s possible to use them to do something really bad.”
Miller thinks it might even be possible to remotely blow up a battery on command, though he also says that for a hacker to gain access, they would have to discover a second vulnerability to gain initial access to a computer. Still though, scary. [Forbes]
Image via Flickr/yum9me
