http://www.theregister.co.uk/2011/07/22/mac_battery_hack/ By Dan Goodin in San Francisco The Register 22nd July 2011 Now that Apple has endowed the Mac operating system with state-of-the-art security protections, a researcher has devised new attacks that target the machine's battery. Charlie Miller, well known for his numerous attacks on iPhones and Macs, may not have achieved his ultimate objective of making a Mac spontaneously combust, but he has figured out how to permanently disable the battery. And in time, he said, it also may be possible to remotely hijack a machine by manipulating the firmware on one of the stored power supply's chips. "What I found was you can make any change you want to the software that runs on the battery," Miller, who is principal research consultant at security firm Accuvant and the other coauthor of The Mac Hacker's Handbook, told The Reg. "I also saw that you can mess up the chip so it won't function anymore. You can't recover from that. You couldn't even take it to the genius bar." The flaw making all of this possible is the result of Apple's decision to ship MacBook batteries without changing the passwords needed to run updates or make low-level changes to their embedded controllers. By reverse-engineering past updates, he had no trouble deducing the pass codes. [...] ___________________________________________________________ Attend Black Hat USA 2011, hosted at Caesars Palace in Las Vegas, Nevada July 30-Aug 4, offering over 60 training sessions and 9 tracks of Briefings from security industry elite. To sign up visit: http://www.blackhat.comReceived on Sun Jul 24 2011 - 23:47:29 PDT
This archive was generated by hypermail 2.2.0 : Sun Jul 24 2011 - 23:52:09 PDT