Charlie Miller, the famous Apple security researcher has found another flaw with macbooks. The latest hack is very interesting as he had made it possible to hack MacBook using the battery, alone.
Modern Laptop battery contains its own monitoring circuit which reports the status of the battery to the OS. The circuit is also responsible for preventing battery from overcharging, this comes handy when the laptop is switched off.
The scurity researcher has discovered that the batteries on Macbooks are shipped with the default password on the micro-controller. It can be inferred that if someone knows the default password, the firmware of the battery can be controlled to do many things from simply ruining the battery to install a malware which reinstalls whenever the OS boots. Since you gain access to the micro-controller that controls the battery, it becomes actually possible to overuse and overheat the battery to a limit where it can even catch fire.
Miller claims this hack can make the hacker achieve something that was unachievable before — it’s possible to use them to do something really bad – Insert a new Hard drive, reinstall the software, flash the BIOS, and every time it would reattack and screw the user. And the worse part, it undetectable and impossible to eradicate other than removing the battery.
Apple released a fix in 2009 to fix problems by creating two passwords used for the chip on the battery. By hacking that password, its possible to do anything like giving false reading to the charger and let it overcharge to cause fire, or to completely rewrite the firmware.
Hack is Not Easy
Luckily enough, miller hasn’t made all details public. He claims that to successfully exploit this vulnerability, attacker has to analyze the 2009 software updates from Apple for the password. If he is able to retrieve the password, he will have to find a vulnerability in the interface between the OS and the firmware.
But these details would be made public at te yearly security conference, BlackHat. He will also be unveiling a tool to public that will change the password of the battery to a random string. Hope Apple releases a fix before that.
Sunday, July 24, 2011
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment