x404.co.uk
http://www.x404.co.uk/forum/

MacBook batteries found to be vulnerable to malware
http://www.x404.co.uk/forum/viewtopic.php?f=4&t=14289		 Page 1 of 1
Author:  steve74 [ Mon Jul 25, 2011 12:42 pm ]
Post subject:  MacBook batteries found to be vulnerable to malware
MacBook batteries found to be vulnerable to malware:
http://www.macworld.co.uk/mac/news/?newsid=3293117

Quote:
After studying the batteries in several MacBooks, MacBook Pros and MacBook Airs, security researcher Charlie Miller found that Apple laptop microcontroller chips are shipped with default passwords that, once discovered, can be used as a hiding spot for malware as well as a conduit for disabling the battery and even blowing it up.


I'm struggling to get my head around this. How the hell can a battery be hacked? What I mean is I can understand that it has a chip embedded to handle the power management, but how can it be used to store malware and how does it get on there in the first place? It's just bizarre!
:roll: :?

I'm guessing it's just one of those proof of concepts hacks, but still...
Author:  Fogmeister [ Mon Jul 25, 2011 1:03 pm ]
Post subject:  Re: MacBook batteries found to be vulnerable to malware
I suppose it could get onto the battery using some pop-up type web program.

... or something.

I guess once it's on there all they can really do is destroy the battery. I can't really see how they could do anything with it though?

Unless it was able to get to the low level OS and access the network connection or something?

No idea...
Author:  big_D [ Tue Jul 26, 2011 3:59 am ]
Post subject:  Re: MacBook batteries found to be vulnerable to malware
The battery must communicate its status with the computer. If this interface isn't well written and secured, then a bit of code running on the computer (which could be loaded using one of the dozens of unpatched vulnerabilities in OS X), then they can probably force a buffer overflow on the battery, causing code to be executed on the battery.
Author:  davrosG5 [ Tue Jul 26, 2011 5:43 am ]
Post subject:  Re: MacBook batteries found to be vulnerable to malware
And I doubt that the majority of batteries will have a secure design because it has never occurred to anyone that a battery could be used to store or propagate malware/viruses.
Author:  Amnesia10 [ Tue Jul 26, 2011 9:22 am ]
Post subject:  Re: MacBook batteries found to be vulnerable to malware
davrosG5 wrote:
And I doubt that the majority of batteries will have a secure design because it has never occurred to anyone that a battery could be used to store or propagate malware/viruses.

I agree. Though has this route ever been used by a virus writer? It might be all theoretical right now. I suspect that every laptop is vulnerable in this way.
Author:  ProfessorF [ Tue Jul 26, 2011 9:24 pm ]
Post subject:  Re: MacBook batteries found to be vulnerable to malware
When are they updating ClamXAV to run on your battery then? ;)
Author:  Amnesia10 [ Tue Jul 26, 2011 9:58 pm ]
Post subject:  Re: MacBook batteries found to be vulnerable to malware
ProfessorF wrote:
When are they updating ClamXAV to run on your battery then? ;)

I suspect that it will require a firmware upgrade to secure this route. Maybe it will be in the Lion version update? ;)
Page 1 of 1 All times are UTC
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/