Charlie Miller was able to decompile an Apple update in 2009 that dealt with the battery and from that extracted two passwords used to validate firmware updates to the battery. He found that Apple offered no way to change these default passwords.
"You could put a whole hard drive in, reinstall the software, flash the BIOS, and every time it would reattack and screw you over. There would be no way to eradicate or detect it other than removing the battery." says Miller.
Of course next, we'll hear that the smarts in toner cartridges are conspiring to defraud us of useful toner levels!
As part of his research, Miller developed an antidote called "Caulkgun" which changes the battery password to some random string, but of course that would stop future battery-related updates from Apple being applied.
"No one has ever thought of this as a security boundary," says Miller. "It's hard to know for sure everything someone could do with this."
Other researchers chided Miller for the chance he might blow something up, but three things stopped him. At $US130 each, his personal credit card stopped after he'd 'bricked' seven batteries; working from home, he had something of a pathological fear of blowing his place up and finally, when opening one of the bricked batteries he discovered that fuses inside would stop them charging if the temperature was too high.
Miller is presenting his findings at the next Black Hat Congress in Las Vegas in August.