Apple is da bomb! Vulnerability found in battery circuitry
Subject: Editorial, General Tech | July 25, 2011 - 10:24 PM | Scott Michaud
Tagged: Malware, apple
Okay, so the title is more joke than anything else but security researcher Charlie “Safari Charlie” Miller discovered a vulnerability in Apple devices, sort of. This exploit, which appears to not actually be a security flaw and rather just an over-permissive design, allows an attacker to gain access to your battery control using one of two static company-wide passwords. Charlie has discovered many exploits in the past several years on the OSX and iOS platforms. One of the most high profile attacks he discovered involved a data-execution vulnerability in the iPhone’s SMS handling: under certain conditions your iPhone could potentially confuse inbound text messages as code and run it with high permissions.
Malware assaults and battery charges.
(Image from Apple, modified)
So what does having the ability to write to a laptop’s battery firmware mean? Firstly, remember the old advice of “Get a virus? Reinstall your OS!”? Well assuming you actually can perform a clean install without ridiculous hacking (thanks Lion) the battery controller can simply re-infect you if the attacker knows an exploit for your version of OSX. But how does the attacker know your current version of OSX? Well if you are installing from an optical disk they just need to know a Snow Leopard RTM exploit; unless of course you extract Lion from the Mac App Store and clean install using it – assuming the attacker does not know an exploit for Lion or simply just infects the reinstall media if you created it from the infected computer. True, malware is about money so it is highly unlikely that an attacker would go for that narrow of a market of Mac users (already a narrow-enough market to begin with) but the security risk is there if for some reason you are a tempting enough target to spear-phish. Your only truely secure option is removing the battery while performing the OHHHHHHHH.
You know, while working (very temporarily) on the Queen's University Solar Vehicle project I was told that Lithium cells smell like sweet apples when they rupture. I have never experienced it but if true I find it delightfully ironic.
While that would all require knowledge of other exploits in your operating system, there is a more direct problem. If for some reason someone would like to cause damage against your Apple devices they could use this flaw to simply break your batteries. Charlie has bricked nine batteries in his testing but has not even attempted to see whether it would be possible to over-charge a battery into exploding. While it is possible to force the battery controller to create the proper conditions for an explosion there are other, physical, safe guards in place. Then again, batteries have exploded in the past often making highly entertaining Youtube videos and highly unentertaining FOX news clips.