Security researcher Charlie Miller is set to reveal a vulnerability in the batteries used in the Apple MacBook range of notebooks which could allow hackers to ‘brick’ the device.
The management of Lithium Ion batteries, including charging and measuring the current state and ongoing health of the cells, requires the use of a dedicated microcontroller. Forbes reports that Miller found that the chips were shipped with a default password.
Miller discovered the password by examining an Apple update which addressed a problem with Macbook batteries. Armed with the password, altering the firmware to change behavior or destroy one of the $130 batteries was described as "trivial".
Miller also said the battery firmware could be used as the basis for a malware infection that would be impossible to remove using current methods. Even if a hard drive is formatted, "every time it would reattack and screw you over," Miller said.
At the Black Hat security conference in August, Miller plans to demonstrate the vulnerability and provide a fix called Caulkgun that will change the battery password.