MLB Opening Day WWDC 2023 Dates Meta Quest Pro Hands-On Amazon Pharmacy Coupons iOS 16.4 Trick for Better Sound Narcan Nasal Spray 7 Foods for Better Sleep VR Is Revolutionizing Therapy
Want CNET to notify you of price drops and the latest stories?
No, thank you

Researcher: Mac notebook batteries can be hacked

New findings from Accuvant security researcher Charlie Miller suggest that Apple's notebook computer batteries are susceptible to digital hackery that could cause permanent damage.

A battery indicator on a MacBook Pro.
A battery indicator on a MacBook Pro.
Josh Lowensohn/CNET

The chip that helps control your Mac notebook's battery could be the latest target for attackers.

A report in Forbes today details the findings of Accuvant security researcher Charlie Miller, who claims to have found rather lackluster security guarding the firmware that controls various notebook battery functions and data stores.

Culling through a battery firmware update Apple released back in 2009, Miller pulled out two passwords that would grant access to that firmware, giving would-be attackers the ability to alter readings sent back to the OS and even add small software programs that stay off the hard drive. Miller noted that he outright permanently disabled seven notebook batteries during testing.

A key part of the exploit, Miller told Forbes, was that the batteries use the same passwords, making it an easy hack once you have the right credentials. Potentially complicating that is the fact that Apple builds its batteries into its notebook computers versus making them removable. That change began in 2009 with the 17-inch MacBook Pro, and trickled down to the other models, resulting in considerable battery life gains at the expense of easy replacement. This means if a battery were to somehow be compromised, it's a trickier fix. At the same time, it means potential attackers need to gain control of that system before they can do anything, short of taking apart the machine.

So far the hack is a proof of concept, and has not yet been documented in the wild. Miller told Forbes he plans to detail the exploit as well as show off a fix at next month's Black Hat security conference in Las Vegas.

An Apple representative declined to comment on Miller's findings.