Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Batteries in Apple laptops could be vulnerable to hacking, causing them to overheat or run malware according to security researcher Charlie Miller.
The vulnerability, discovered by Miller, would take advantage of microchips within the battery, used by Apple laptops to prevent a battery from charging once it is full to prevent overheating.
As the chips are shipped with default username and passwords, they could allow an attacker to exploit the battery's firmware.
Forbes reported Miller had reverse engineered the battery firmware in the MacBook line of laptops to manipulate commands sent to the operating system and charger.
He said the battery systems were not designed to prevent exploitation.
"What I'm showing is that it's possible to use them to do something really bad," Miller told Forbes.
This could include loading the chips with malware, a process that could mitigate detection.
"You could put a whole hard drive in, reinstall the software, flash the BIOS, and every time it would re-attack and screw you over. There would be no way to eradicate or detect it other than removing the battery."
Researchers asked Miller not to publish the findings but he said he had designed a tool that would encrypt the stored passwords, preventing the attacks.
He planned to release the tool and research at the US Black Hat conference next week.
Apple refused to comment on the vulnerability, but had received information on the research.
Miller has a demonstrated history of finding vulnerabilities with Apple products, including some in the computing giant's MacBook Air, its Safari browser and a denial of service vulnerability in the iPhone using SMS messaging.
Copyright © SC Magazine, Australia
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.