Skip to main content
  1. Home
  2. Computing

Macbook battery firmware vulnerable to hijacking or worse

Jeff Hughes
By

macbook battery indicators by William Hook Via FlickrWell-known Mac security gnat Charlie Miller, a researcher at Accuvant consultancy and co-author of The Mac Hacker’s Handbook, says he’s found a hole in MackBook security through a little-studied area—the battery.

According to a Forbes article, Miller says the easily overlooked weak point in an Apple Laptop’s security—be it Macbook, Macbook Air or Macbook Pro—is the firmware in a chip that controls the batteries. The microcontroller is what monitors power levels in a modern laptop, it allows the OS to check on the battery’s charge. The chip regulates heat and stops charging when the computer is off.

Recommended Videos

Miller’s Macbook vulnerability comes from the fact that these chips are shipped with default passwords. If these passwords are found, the firmware can be hijacked and controlled completely. The Accuvant security researcher says he found the two passwords while looking through a software update in 2009 that was intended to fix a problem with Macbook batteries.

Related

With these keys to the firmware, he gained the ability to tell the OS and charger whatever he wanted. Miller ended up bricking seven batteries laptop batteries miller bricked via Forbeswhile messing around, and he believes that with malicious intent, criminals could install persistent malware on the chip which would steal data, or cause the computer to crash.

“You could put a whole hard drive in, reinstall the software, flash the BIOS, and every time it would reattack and screw you over. There would be no way to eradicate or detect it other than removing the battery,” he says.

Though there may be potential for the batteries to catch fire and even explode, the researcher says that the batteries he’s gone through have safeguards in place that should stop any serious damage from happening. Miller is planning to expose and provide a fix for the vulnerability at the August Black Hat security conference. He says he plans on releasing a tool called the “Caulkgun” that randomizes the firmware passwords, protecting against any exploitation.

Editors' Recommendations

Topics
Jeff Hughes
Jeff Hughes
Former Digital Trends Contributor
I'm a SF Bay Area-based writer/ninja that loves anything geek, tech, comic, social media or gaming-related.
The biggest threat to the MacBook this year might come from Apple itself
The MacBook Air on a white table.

MacBooks have held a dominant position in the laptop world for the past few years. Though there have been meaningful rivals from the Windows side of the aisle, the MacBook Air and MacBook Pro still feel like they hold an unshakeable lead at the moment.

But according to the latest reports, the most serious challenger to the MacBook's reign won't come from Windows -- it'll come from within Apple in the form of some very advanced new iPads.
What's a computer?

Read more
How to keep your MacBook from sleeping
The M3 MacBook Air in front of a window.

Your MacBook is your go-to powerhouse for all things computing. Web browsing, graphic design, video editing, music production, you name it, the MacBook can do it. But like any good laptop, your MacBook has a number of battery-saving features built in and enabled by default. One of these functions is the computer’s sleep mode, which optimizes battery life by decreasing power usage.

Read more
How to show the battery percentage of your Mac
A person holds a MacBook Air at Apple's Worldwide Developer's Conference (WWDC) in 2023.

You rely on your MacBook for just about everything, so don’t you think it’s important to keep its battery topped off? After all, it is laptop, and while laptop batteries are stronger than ever these days, your MacBook likely won’t last a full day without its power adapter. But how does one know exactly how much juice a MacBook has left? Why, with the battery percentage indicator!

Read more