from the good-thing-they're-so-easy-to-replace dept.
Trailrunner7 writes "Security researcher Charlie Miller, widely known for his work on Mac OS X and Apple's iOS, has discovered an interesting method that enables him to completely disable the batteries on Apple laptops, making them permanently unusable, and perform a number of other unintended actions. The method, which involves accessing and sending instructions to the chip housed on smart batteries, could also be used for more malicious purposes down the road. Miller discovered the default passwords set on the battery at the factory to change the battery into unsealed mode and developed a method that let him permanently brick the battery as well as read and modify the entire firmware. 'You can read all the firmware, make changes to the code, do whatever you want. And those code changes will survive a reinstall of the OS, so you could imagine writing malware that could hide on the chip on the battery. You'd need a vulnerability in the OS or something that the battery could then attack, though,' Miller said."
The party adjourned to a hot tub, yes. Fully clothed, I might add.
-- IBM employee, testifying in California State Supreme Court