Security Market Segment LS
Monday, 25 July 2011 03:15

Apple laptop batteries are the new attack vector

By

Charlie Miller, a well-known security researcher in the Apple space, has found that your MacBook battery may-well be out to get you (if you don't get it first).

Charlie Miller, a winner at the last four Pwn2Own challenges has expanded our view of the Apple world yet again.

Well known for his off-the-wall challenges to the (relatively) flimsy Apple security wall, Miller has taken something of a left turn into even stranger territory.

A long time ago, this writer heard of a (hopefully) apocryphal tale of a system administrator who was struggling to locate the source of a security intrusion.  This administrator would reformat drives and the attack would continue; he would even replace the hard disk and it would continue, all the while with no connection to anything but electricity and oxygen.

In the end, he replaced the network card (along with another hard disk) and the problem vanished.  It turned out, after a lot more analysis, that the virus had managed to lodge itself into the unused portion of the EEPROM memory of the network adaptor.

As I said; hopefully apocryphal.

However, Miller's attack is equally obscure and definitely NOT apocryphal.

What he found was that it was possible to access the smarts in the battery of a MacBook and do some very unexpected things.


What many users don't realise is that there is executable code in the battery of their Apple laptop device.  It even has a password that the Operating System uses to communicate securely with it.  Think about it - how else can the battery instruct the computer that it has enough charging (thanks very much) and in fact that it really is a genuine Apple-authorised battery, not some fly-by-night unit that doesn't have the Apple kiss of life.

Charlie Miller was able to decompile an Apple update in 2009 that dealt with the battery and from that extracted two passwords used to validate firmware updates to the battery.  He found that Apple offered no way to change these default passwords.

"You could put a whole hard drive in, reinstall the software, flash the BIOS, and every time it would reattack and screw you over. There would be no way to eradicate or detect it other than removing the battery." says Miller.

Of course next, we'll hear that the smarts in toner cartridges are conspiring to defraud us of useful toner levels!

As part of his research, Miller developed an antidote called "Caulkgun" which changes the battery password to some random string, but of course that would stop future battery-related updates from Apple being applied.

"No one has ever thought of this as a security boundary," says Miller. "It's hard to know for sure everything someone could do with this."

Other researchers chided Miller for the chance he might blow something up, but three things stopped him.  At $US130 each, his personal credit card stopped after he'd 'bricked' seven batteries; working from home, he had something of a pathological fear of blowing his place up and finally, when opening one of the bricked batteries he discovered that fuses inside would stop them charging if the temperature was too high.

 

Miller is presenting his findings at the next Black Hat Congress in Las Vegas in August.

LEARN HOW TO REDUCE YOUR RISK OF A CYBER ATTACK

Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has high potential to be exposed to risk.

It only takes one awry email to expose an accounts payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 steps to improve your Business Cyber Security’ you will learn some simple steps you should be taking to prevent devastating malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you will learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips

DOWNLOAD NOW!

ADVERTISE ON ITWIRE NEWS SITE & NEWSLETTER

iTWire can help you promote your company, services, and products.

Get more LEADS & MORE SALES

Advertise on the iTWire News Site / Website

Advertise in the iTWire UPDATE / Newsletter

Promote your message via iTWire Sponsored Content/News

Guest Opinion for Home Page exposure

Contact Andrew on 0412 390 000 or email [email protected]

OR CLICK HERE!

VENDOR NEWS & EVENTS

REVIEWS

Recent Comments