A good number of law enforcement databases, intelligence databases, gaming networks and newspapers have felt the wrath of hackers of late. For the most part, the bad guys’ attention has focused on organizations rather than individuals, but that could — and probably will — change.
Security researcher Charlie Miller discovered a vulnerability in laptop batteries: They contain irmware and hardware that control the charging behavior of the devices they power. Firmware and micro-controllers on laptop batteries know when your computer needs to stop charging, or when the lithium-ion battery is getting too hot and power needs to be regulated. So, messing with someone’s battery could be really, really bad.
In the worst-case scenario, a battery’s heat regulation could be disabled, turning the machine into a potential safety hazard. Less serious, but no less troublesome, the battery could be used as a repository for a piece of malicious software that would be immune to removal. These days formatting a hard disk will safely ditch known viruses, even those that are able to resurrect themselves after they’ve been removed by anti-virus software. If a malware maker were to hide their program in the battery, a virus could survive a hard disk reformat and return to infect the new OS.
The vulnerability that Miller discovered affects batteries in MacBooks, MacBook Pros, MacBook Airs and possibly other platforms as well. The problem with batteries’ firmware is secured by a default password. If these were replaced by a random string, there should be no further threat.
Miller has forwarded his research to Apple and Texas Instruments in the hope that they will patch the vulnerability.