Charlie Miller, a respected security researcher, has discovered vulnerabilities in the smart batteries for Apple laptops and mobile devices; he can manipulate their firmware to render them unusable or to cause them to misreport their remaining charge to the OS. The new firmware can survive an OS replacement, leading Miller to speculate that it could be used to store persistent malware that restored itself after the disk was erased and the OS was rewritten.
What he found is that the batteries are shipped from the factory in a state called "sealed mode" and that there's a four-byte password that's required to change that. By analyzing a couple of updates that Apple had sent to fix problems in the batteries in the past, Miller found that password and was able to put the battery into "unsealed mode."
From there, he could make a few small changes to the firmware, but not what he really wanted. So he poked around a bit more and found that a second password was required to move the battery into full access mode, which gave him the ability to make any changes he wished. That password is a default set at the factory and it's not changed on laptops before they're shipped. Once he had that, Miller found he could do a lot of interesting things with the battery.
"That lets you access it at the same level as the factory can," he said. "You can read all the firmware, make changes to the code, do whatever you want. And those code changes will survive a reinstall of the OS, so you could imagine writing malware that could hide on the chip on the battery. You'd need a vulnerability in the OS or something that the battery could then attack, though."
Apple Laptop Batteries Can Be Bricked, Firmware Hacked
(Image: Old Ray-O-Vac Batteries, a Creative Commons Attribution (2.0) image from deanj's photostream)
Apple has joined Facebook, Spotify and YouTube in tossing Alex Jones and InfoWars material from their platforms. Apple has removed the entire library for five of Infowars’ six podcasts from its iTunes and Podcast apps, BuzzFeed News has learned. Among the podcasts, which were removed from Apples’ iTunes directory, are the show “War Room” as […]
A 3 percent climb in share price made Apple the world’s first trillion-dollar publicly-traded company. Apple’s ascent from the brink of bankruptcy to the world’s most valuable public company has been a business tour de force, marked by rapid innovation, a series of smash-hit products and the creation of a sophisticated, globe-spanning supply chain that […]
Twitter’s stock closed 20.5% on Friday after the company announced it lost 1 million active users. More user loss is predicted.
The Adobe Creative Cloud suite is the foundation on which many creatives build their careers, but some of its programs, like Photoshop and InDesign, are notoriously complex, making it difficult for aspiring designers, photographers, and the like to break into their field. But, don’t get discouraged. The Pay What You Want: Adobe CC A-Z Lifetime Bundle […]
From self-driving cars to Siri, we’ve already gotten a taste of what AI can do, and now this groundbreaking technology is making its way to education and revolutionizing the way we learn new languages. Mondly uses state-of-the-art speech recognition to help you speak foreign languages like a true local. Lifetime subscriptions are on sale for […]
We’ve all used Excel at some point in our careers, but chances are most of us have only scratched the surface of what this ubiquitous program can do. From automating simple tasks to presenting data through beautiful charts and PivotTables, Excel brings a ton of utility to the table that can make a huge impact […]