The laptop battery usually does not come as a hacker target when we consider data security and possible vulnerabilities in our computing systems. Security investigator Charlie Miller found out that modern laptop batteries are simply as hackable as anything else and may be far harder to detect, after he inspected the batteries in some MacBooks, MacBook Pros and MacBook Airs.
Modern laptop batteries contain their own firmware and microcontrollers to supervise power levels, allowing operating systems to check and react accordingly, says Miller. The lithium ion battery inside knows when to end charging even when your notebook is powered off. The battery too can notice and control its heat level to keep a safe temperature.
Miller observed that all embedded chips in the batteries used similar default passwords as he studied the laptops of Apple. This means that a hacker who knows the password could find a way to control the chip’s firmware and in turn manipulate the battery to cause destruction on your system.
There are many probable methods of attack, like not allowing your battery recharge, not allowing it control heat leading to physical risks, and embedding unseen malware that infects your computer. This last one could re-infect your computer repeatedly even after cleaning out the system and reinstalling the entire software if the battery is not changed.
Miller has given his study to Apple and Texas Instruments and expects to reveal the vulnerability at the Black Hat security conference in August. He has as well proposed a fix, which he names “Caulkgun” that replaces the battery firmware’s default password with a random string. On the other hand, this password change can be an issue when it comes to OS updates.