A flaw in Apple firmware that could let a hacker render a laptop battery inoperable is unlikely to allow an attacker to use the hole to start a fire, according to security expert Charlie Miller.
Miller is due to give a talk on the flaw on August 4 at Black Hat. Some news articles have speculated that the flaw could allow a hacker to set fire to a laptop battery remotely. Miller told ZDNet UK on Monday that this was unlikely:
Q. What is the flaw you found in Apple firmware, and how can it be used? What devices does the flaw affect?
A. The flaw is that Apple didn't change the default passwords on the embedded controller that they ship with their laptop batteries. This allows arbitrary changes to be made to the devices, including changing the firmware itself. It affects all laptops I've checked, including Macbooks, Macbook Pros, Macbook Airs, etc.
An attacker could 'brick' the battery, i.e. make it not charge or talk to the computer and this could not be fixed (afaik). I've done this many times by accident to my batteries while researching, so I definitely know it's possible!
Since the firmware is in charge of managing the safety of the battery, it is possible that changes to the firmware could be used to eventually cause a fire or something. I must point out that I haven't done this and don't know if it is possible because there are other safety mechanisms on the battery such as thermal fuses that may make it impossible. I don't really know enough about batteries to say for sure what the risk is, but I believe it is quite low.
Q. How did you find the flaw?
A. I was curious if a remote attacker could do something 'physical' to a system.
Q. What are the implications for Apple users?
A. Probably nothing. If I was a remote attacker who had root privileges on your system, I'd probably want to steal your credit card, not brick your battery. If you're super paranoid, I'm releasing a tool that changes the password on the firmware and protects you from this type of attack.