Apple security expert and hacker Charlie Miller has exposed a very frightening security flaw that potentially affects all models of MacBooks, including the Pro and Air lines.
Miller found that MacBooks share a common password that's required to gain access to the controller chip that's responsible for the battery. A hacker could hijack the firmware to render a lithium-ion battery useless so it no longer holds a charge – or even worse, turn off the temperature management to make it potentially explode.
MacBook batteries, and nearly all other laptop batteries, usually have a failsafe feature in them to prevent overheating, but anything is possible as we've seen in past reports of battery explosions.
Another scary possibility is that the battery firmware could become home to malware that would persist even with full hardware wipes or replacements. Battery removal isn't a common way to troubleshoot malware.
“You could put a whole hard drive in, reinstall the software, flash the BIOS, and every time it would reattack and screw you over. There would be no way to eradicate or detect it other than removing the battery,” Miller told Forbes.
In order to gain access to the battery firmware, however, a hacker would first need to infiltrate Mac OS X to gain access.
Miller will detail his findings and MacBook battery experiments (he's already bricked seven batteries in his tests) at the Black Hat conference in August. There he'll also release a tool he made, called Caulkgun, that will randomize the password for the battery controller. Of course, the changing of password will also lock out Apple's future updates to the firmware – so really, the best case scenario would be for Apple to come up with a better solution.
“These batteries just aren’t designed with the idea that people will mess with them,” Miller says. “What I’m showing is that it’s possible to use them to do something really bad.”
