Hacker can shut down Apple MacBook battery

Forget computer viruses and worms. What's maybe the worst thing a hacker could do to your Sony VGP-BPS9 battery ? Access it remotely and shut it down -- or maybe even blow it up.
Which is why famous Apple hacker Charlie Miller wanted to do just that.
"I don't want to wake up one day and have my
sony VGP-BPS9A/S computer blow up," said Miller, who is an avid user of Apple products. "I want to be the one looking at that -- not the bad guys."
How would a TOSHIBA PABAS057 person blow up a laptop without even coming near it? By tampering with the software that runs its Sony VGP-BPS8 battery, said Miller, who demonstrated a way to hack into an Apple laptop battery and shut it down, but fell short of actually making it explode.
Apple did not respond to a CNN request for comment.
Miller explained his hack in a presentation at the Latitude D610 battery Black Hat security conference Thursday in Las Vegas. After the talk, he sat down with CNN to talk about Sony VGP-BPS10 Apple security, hacker ethics and why long passwords can be annoying.
The following is an edited transcript:
CNN: Tell me what you were able to do with Apple's laptop batteries.
It's sort of complicated, but the way batteries get charged in your Sony VGP-BPS13AS laptop is there's a little chip in your battery and the computer talks to that chip to figure out what's going on. That chip will tell it how much charge it has, how much charge it needs, how much charge it should give it -- that sort of thing. What I figured out was how to change the software that runs on that chip.
When it comes from the Sony VGP-BPS21 factory, they don't want you messing with it, so they set up passwords and stuff to prevent you from doing that. There's two passwords, actually, and Apple didn't change those, so you can just find documents on the IBM 40Y6799 Internet that said what those were and then I could change the firmware on the chips to make it (the battery) do whatever I wanted.
So what does that allow you to do?
Well, you could make it not work anymore. You can make the battery to where the computer doesn't even know it's plugged in. ...
My goal was to see if I could make one blow. I never did that. There's lots of different protections to Vostro 1500 battery stop that from happening, and also I was a little scared to blow one up in my house, you know.
Why blow it up? Why was that the goal?
I approach it like, what can people do to me, right? So I don't want to wake up one day and have my computer blow up. I want to be the one looking at that -- not the bad guys.
So I found this thing where Apple didn't HP DV6000 battery change their passwords. Well, now they're hopefully going to change their passwords, right? So then next time I buy a laptop from Apple I won't have to worry quite so much that someone will do something (bad).
I released a tool that you could run, if you're particularly paranoid, that would fix this Dell Latitude D600 battery problem.
Is this the first time a hack has targeted a battery?
No one that I know has ever looked at 6 cell acer battery -- or no one has ever published anything about it. You carry this thing around with you, and it has a chemistry set in it.
Other people go into a store, and they think about what to buy. I think about how to steal stuff. I don't (actually) do it -- that's just kind of how I think.
You target Apple products primarily. Tell me why you've chosen to do 9 cell acer battery

?
That's a good question. I started this gig four years ago -- and so back then the Apple products were way easier to break into than, say, Windows.
Really?
Yeah, they were very far behind in security.
That goes against the common perception.
Yeah, I know. People thought they were secure when they weren't. And when I told people that, no one would believe me.
So the reason I started is it was easy. But since then, with (OS X) Lion coming out, it's caught up. Now it's not any easier anymore. I either have to find something else that's easier to work on -- or whatever.
Do you like Apple products?
Yeah, I have an iPhone in my pocket right now. That's another reason. If I use acer 5100 battery , I want it to be secure. I don't want Steve Jobs having a commercial saying it's secure -- I want it to actually be secure. That's my job to figure out what's secure and what's not.
Currently, do you think acer 5050 battery are more secure than their counterparts?
(Apple) iOS is definitely more secure than Android. Lion acer 3680 battery is basically comparable to Windows 7. You can nitpick on those two, but they're basically both really good.
Android is lacking a couple of features that iOS has, so it's behind.
Do you have any security tips for iPhone users?
Make sure to set a passcode for it. Otherwise, if someone picks up the acer um08a73 phone, there's nothing there. So set a passcode. It's not going to protect it forever, but at least it's some barrier for some kid that picks it up.
Don't jailbreak your phone if you care about the acer um09e71 security of it -- because that breaks all of the security. Make sure to configure for remote "locate and wipe," so if you lose it you can either find it or blow away all of your data on it.
How long is your mobile password?
It's four digits, which Dino (fellow Apple hacker Dino Dai Zovi) showed in his Dell Vostro 3300 battery talk you can break in 18 minutes. So if I don't get my phone back in 18 minutes I'm in trouble. I've tried longer ones, but it's just impractical. I couldn't stick with it.
How did you get into hacking in the very beginning?
I've been into computers and thought hacking was cool. I got my Ph.D. in math from Notre Dame and I got hired by the NSA (National Security Agency) to be a cryptographer. But when I got there, I didn't really like Dell MT3HJ , so they had a training program in computer security, so I learned the basics of my training there in an internship.
Where do you do your work?
At my house. I work out of my house. I'm a consultant. I spend half my Dell U164P

time doing consultant work and the rest of my time doing research -- like this DELL N855P kind of stuff.
Where do you live?
St. Louis.
How long did it take you to do the battery hack?
It took about seven months -- it took a DELL D837N really long time. Most of my research projects are like two weeks, or a month or something. But this one was so far from my comfort zone, and there had been so little written about it that it really took a long time.
So basically you're giving away information about how to break things in an effort to make it more secure. Some people might be confused by that.
I mean, people think that -- like with my Dell XPS M1530 battery thing -- that if people didn't talk about this, no one would have ever found out about it. And that's just not the case.
No matter what we talk about here, there's always bad guys -- or guys who are trying to do this to make money -- that are just as smart as us. And there are way more of them.
All we can do is present to everyone what we know. You can't defend against something you don't know.
Do you feel paranoid using Apple products knowing how many flaws you've been able to find in them?
A little bit. But they've gotten so much better. Like the iPhone. For the first year, when the iPhone came out, it was horrible. It was awful. It had no security in it, basically -- at all. And then when the Dell Studio 14z battery second iPhone came out it was much better. And since March it's had basically every feature a security guy would want.
It's not just me. I think it's everyone saying they want more secure devices.
Do you work with Apple?
Not exactly. I have a cordial relationship with them. I shared with them my paper on the Dell XX327 battery stuff like three weeks before the talk. But then again, if they would have told me not to do it I would have said, "Go to hell." I don't want to be their adversary. I want to have them fix stuff -- and I want them to get better. I try to share with them.
Are they working on this dell XX337 battery thing?
Unfortunately, there's not a lot they can do except start again and get it right.
Have hackers ever targeted you?
If they have, I haven't caught 'em.
I'd be pretty easy to hack, I think. I don't practice the laptop computer batteries best security myself. I'm impatient. So anytime security is going to add a lot of hassle I'm not going to do it.
I'm the cobbler 9 Cell Dell KY265 whose kids have no shoes or whatever. And everyone knows exactly the software I use, the dell KY477 hardware I have, so it probably wouldn't be that hard.
I just try to be a really nice guy so no one wants to go after me.