Saturday, July 23, 2011

Charlie Miller finds MacBook battery security hole, plans to fill with Caulkgun

Source: http://www.engadget.com/2011/07/22/charlie-miller-finds-macbook-battery-security-hole-plans-to-fil/

Those batteries have probably met a worse fate than the white MacBook line they came from. According to Forbes, Charlie Miller's managed to render seven of them useless after gaining total access to their micro-controllers' firmware via a security hole. Evidently, the Li-on packs for the line of lappies -- including Airs and Pros -- are accessible with two passwords he dug up from an '09 software update. Chuck mentions that someone could "use them to do something really bad," including faulting charge-levels and thermal read-outs to possibly even making them explode. He also thinks hard-to-spot malware could be installed directly within the battery, repeatedly infecting a computer unless removed. Come August, he'll reportedly be detailing the vulnerability at the Black Hat security conference along with a fix he's dubbed Caulkgun, which only has the mild side-effect of locking-out updates by Apple. Worth being safe these days, though. Right? Full story in the links below.

Charlie Miller finds MacBook battery security hole, plans to fill with Caulkgun originally appeared on Engadget on Fri, 22 Jul 2011 23:59:00 EDT. Please see our terms for use of feeds.

Permalink Electronista  |  sourceForbes  | Email this | Comments