via The Huffington Post
A security researcher claims to have found a new security flaw in Apple laptops that could allow hackers to ruin laptop batteries, infect them with malware or potentially cause them to overheat and catch fire.
Charlie Miller, principal research consultant at Accuvant Labs, said he has found a way to manipulate chips embedded inside Apple laptop batteries.
The chip monitors the battery’s temperature and level of charge, among other things. Those chips can be remotely controlled by hackers using a default password that Miller found on a website of the chip’s creator, Texas Instruments. Apple never changed the default password, Miller said.
Miller’s discovery, first reported by Forbes.com, is the latest potential security flaw found in Apple’s product line. Earlier this month, security experts disclosed a bug in Apple’s iOS operating system that could allow criminal hackers to gain remote access to iPhones, iPads and iPod Touch devices,Reuters reported. Apple said it is fixing that issue in an upcoming software update.
At the very least, Miller found he could ruin laptop batteries by altering the chip’s code. Not wanting to set his home on fire, Miller stopped there. But he imagines darker possibilities for hackers if Apple does not fix the security flaw.
“I have full access to the battery and I can make any changes I want,” Miller told The Huffington Post.
For example, hackers could install malware on the battery that would not be detected by anti-virus software because it would not appear on the hard drive, he said. The malware could attack the laptop’s operating system again and again, even after the user installed a new hard drive.