Apple Laptops Vulnerable To Battery Firmware Hack

Trailrunner7 writes "Security researcher Charlie Miller, widely known for his work on Mac OS X and Apple's iOS, has discovered an interesting method that enables him to completely disable the batteries on Apple laptops, making them permanently unusable, and perform a number of other unintended actions. The method, which involves accessing and sending instructions to the chip housed on smart batteries, could also be used for more malicious purposes down the road. Miller discovered the default passwords set on the battery at the factory to change the battery into unsealed mode and developed a method that let him permanently brick the battery as well as read and modify the entire firmware. 'You can read all the firmware, make changes to the code, do whatever you want. And those code changes will survive a reinstall of the OS, so you could imagine writing malware that could hide on the chip on the battery. You'd need a vulnerability in the OS or something that the battery could then attack, though,' Miller said."

Why?

[Qwell]

In other news - batteries have firmware.

Re:Why?

[DanTheStone]

They slowly kill off battery cells, one at a time, until your battery won't last more than a minute. When that happens you'll have to buy a new battery or (as this is Apple, and they're not friendly to battery replacement) a new computer.

Re:Why?

The batteries are replaceable. They just require a screw driver.

Re:Why?

[EkriirkE]

The firmware, however, still thinks the cells are dead and reports so to the charger/OS.

Re:Why?

The firmware is in the battery. When you replace the battery you replace the firmware.

Re:Why?

[CFD339]

Lithium Ion batteries are inherently unstable and have to be charged and discharged very carefully. Unlike the old school batteries you'd think of, these batteries have a controller to manage them built in. When that fails, you have big problems (remember the defective ones a few years ago that would just burst into flames?)

Re:Why?

[joocemann]

In other news - batteries have firmware.

WHY!!?!?! I echo your sentiment because this is ridiculous.

1) Why would a device whose purpose is to provide electrical supply have to have firmware, or even some other-than-electrical relationship with the system.
2) Why would someone permit any communication from the 'firmw'a....

you know.. I could count out the reasons but its just too frustrating to conceive the stupidity in Apple's choices here.

THE REASON VULNERABILITIES ARE FOUND/EXPLOITED IS BECAUSE ENGINEERS/DEVELOPERS PERMIT THEM BY POOR DESIGN.

If the target pathway of the attack was not open or existent, it could not occur. This is the absolute logic of the situation. In nearly all cases, if there is no backdoor you cannot open it. The people making software and hardware need to be thinking about how to achieve goals without opening doors. They should be considering the involvement of absolute hardware protection on the PHYSICAL level, possibly even involving analog technology, that mediates security. I know a bunch of shortsighted CS people will reply with their lack of brainstorming answers, telling me its not possible... The winner being the one who can make it possible.

Re:Why?

[jo_ham]

You got it right the first time - to control the charging process. That is the "non predatory" reason that lithium ion batteries have chips in them, and it is *absolutely* not unique to Apple.

Don't let facts get in the way of a good Apple bash though!

Re:Why?

Batteries have firmware in order to track the current charge level and total remaining battery capacity. The firmware keeps track of the fact that your 5500 battery can only charge up to 3800, which in turn allows your OS to adjust its battery capacity measurements to display 3800 as 100%. Never seen Windows or Linux throw up warnings about your battery needing replacement?

Re:Why?

[yakatz]

Firmware in a battery
Smart batteries are used by Apple, Lenovo, HP/Compaq, and other companies.

Re:Why?

[Elbart]

Well, just with the difference that Apple apparently wants their batteries (resp. its microcontroller) to be updateable.

Re:Why?

1) Why would a device whose purpose is to provide electrical supply have to have firmware, or even some other-than-electrical relationship with the system.

Because Lithium Ion batteries are dangerous and require circuity and logic to make sure that they charge properly. Also this logic provides services for things reporting the charge level and charging time. Also allows the battery to keep track of charge cycles and can inform the OS when a battery needs replacement.

2) Why would someone permit any communication from the 'firmw'a....

To allow the firmware to be updated allowing enhancements and fixing bugs.

Re:Why?

[ColdWetDog]

1) Why would a device whose purpose is to provide electrical supply have to have firmware, or even some other-than-electrical relationship with the system.
2) Why would someone permit any communication from the 'firmw'a....

Let's see - so the user could have some idea what the battery charge was? So the user could have some idea what the 'health' of the battery is?

And notice that Charlie Miller (the hacker) could NOT figure out how to control the computer from the battery. It's possible that with more work he could, but that remains to be seen. Security is ALWAYS a tradeoff between useability. If you're so paranoid, unhook the battery, and run it off the wall wart.

And loosen the straps on the hat. The tinfoil is eating into your brain.

Re:Why?

[z00Azz]

To control charging, to report diagnostic info like the number of charge-discharge cycles and the full charge capacity. It also stores info, like the battery S/N, date of manufacture, etc. If you put this fuel gauge(evil chip) somewhere else, like in the notebook, it wouldn't be able to differentiate between two different batteries.

Re:Why?

The most secure computer is one that's in a sealed room within a faraday cage and with not even a single cable going in or out. It also happens to be the most useless computer. Whenever you require interaction, you need communication, and it means you will need some channel to transmit the required information. We don't know of any single method to make this interaction 100% secure, we only make it as hard as possible within some practical limits... at least we intend to, with different degrees of success. (no I'm not from apple, but I am a software engineer)

Re:Why?

Did you even read the summary? He's modifying the firmware of the battery itself. Ergo, changing the battery fixes the problem.

Re:Why?

[TheGratefulNet]

hey, I just 'flashed' my battery.

is that good or bad?

and, if I crossflash to another model, can I overclock its volts?

Re:Why?

[bsharp8256]

Lithium Ion batteries are inherently unstable and have to be charged and discharged very carefully. Unlike the old school batteries you'd think of, these batteries have a controller to manage them built in.

Sounds like an explanation to me.

Re:Why?

[EkriirkE]

Sorry, I had it in my head the comment meant replacing the cells in the battery pack. Which is what I usually do with other devices as its much cheaper. Disregard.

Re:Why?

[Threni]

Main reason is we're not all as smart as you. Also we don't have infinite budgets, time restraints or an ability to see into the future - all things you manifestly possess.

Re:Why?

[rednip]

It's not like it's a router with a default password, it's a battery wired into the laptop. The fact that it even has a username and password is likely only an unneeded part of the stable code the firmware is based on. Would you expect that every laptop would be shipped with a different default password for it's BATTERY?

Why would a device whose purpose is to provide electrical supply have to have firmware

Now you're just trying to re-engineer the battery, what would make you think that you can? While it might seem to be a requirement, simply having a snarky know-it-all attitude doesn't quite make one an engineer.

Re:Why?

[0123456]

Because Lithium Ion batteries are dangerous and require circuity and logic to make sure that they charge properly.

Cool. So you're sitting on a plane using the Wi-Fi and you go to some dubious web site which uses a browser vulnerability to download new firmware that makes your battery explode.

Ah, the joys of modern hardware design.

Re:Why?

Your battery needs to be plugged into a charger and charging improperly for it to explode.

Plus the fact of the probability of stumbling across a site that can do this is slim to none. This is nothing more than scare mongering with no real world application.

Re:Why?

With the exception of the charge/discharge cycle count, every other function of the chip, that you mentioned, could and should be handled by other means.

Labeling, serial number, date of manufacture etc, could really be handled by a sticky label. No?
Charging and level information could/should/is handled by the charging circuits in the laptop. It shouldn't be in the battery.
There is no need for the charger to differentiate between two different batteries. It simply has to know the present level and how to get it to full at which point it needs to stop.
Charge cycle counts may be interesting to the manufacturer but, there's little value beyond that. Using the charge cycle count to algorithmically determine how and how much to charge the battery is not the correct approach and is a disingenuous excuse for this over engineering.
Finally, the unnecessary chipping presents two problems. First, it is yet another opportunity for failure of the device. Second, it is an opportunity for an attack vector such as a preboot root kit, which would be very difficult to detect or eliminate as simply powering on the device loads the root kit.

Re:Why?

[DigiShaman]

Don't worry, the Department of Homeland Security will propose that all software developers have to be certified with an engineering like degree which ties back to a federal oath you must take. You will be held accountable but also have job security. Oh, and tuition for proper training will exceed $100,000.

Wanna code, you gotta be rich. You'll be less likely to be a terrorist anyways right? Oh, and all non-certified programming is illegal punishable as a felony and a trip to prison.

You think I'm joking? That's the future we have to look forward too. That, and the Government is looking to expand its influence in all matters that shape society (as it always has done).

Re:Why?

If I were to face you in person then I would remove you from the gene pool.

I realy need to control myself in trying to explain to you how it's possible to avoid this by having circuitry to read out the battery charge level that can only return an interger upon recieving a byte that either can be 1 or 0. 1 being a requist.

Oh fscking hell, go kill yourrself!

Re:Why?

[CrackerJackz]

These are not the only batteries that have firmware as well, Google "Pandora Battery PSP" it was one of the original ways to un-brick a Sony PSP back in the day :)

Re:Why?

[SimonTheSoundMan]

My current MacBook Pro I bought in 2007 is on its 4th battery, which now only holds charge for 30 minutes, showing 'health' of 13%, and has had 170 cycles. I really can't be bothered to by a 5th one.

Meanwhile, my MacBook has had over 1,400 cycles and has a health of 80% of its original charge when new.

I'd like a way to fool the firmware in to thinking my cells were fine, I'm pretty certain they are fine, they are just being mis-reported and the chip kills them off.

One battery did do this though: http://www.flickr.com/photos/simonhowes/4901087978/in/photostream

Re:Why?

Nice, unstable large batteries (since MBPs have good size batts) + completely editable firmware == TSA headache.

Re:Why?

[joocemann]

There are analog solutions to knowing battery charge. Look it up. Oh right, you're the CS guy who doesn't brainstorm. I called it.

Re:Why?

[Culture20]

This does not explain why it needs firmware.

Lithium Ion batteries are inherently unstable and have to be charged and discharged very carefully. Unlike the old school batteries you'd think of, these batteries have a controller to manage them built in.

Sounds like an explanation to me.

But why does the controller need firmware instead of hardware?

Re:Why?

[joocemann]

Here's the brainstorm you didn't have.... It took me 10 seconds.

Make access to battery firmware physical, and physical only - requiring specific access port ONLY.

Make important 'battery related' data that you would want only travel in one direction, to the computer itself. That way the battery operates completely independently, sending electricity, as its main purpose, and its status for your information.

I knew people with no imagination would tell me its gotta be this way... Good luck with that.

Re:Why?

[forgotten_my_nick]

Perhaps you should see someone to deal with your anger management and threats of violence.

If you bothered to check up on it, Battery firmware does more then just give you the percentage back on the battery.

For example if the voltage falls outside the safe range, then the battery disables itself from getting a charge (to stop it exploding/going on fire).

It will also prevent the battery from being completely discharged (which kills the battery).

That firmware needs to be programmed in, and editable at a later point in case of bugs.

The only issue from the article is that the batteries have a factory default password. I suspect his tampering triggers a failsafe, rather then him actually knowing how to reprogram the battery.

Re:Why?

[joocemann]

It sounds like Sony made similar mistakes. Thanks.

Re:Why?

[bughunter]

I had a similar problem with a macbook pro battery I bought in Jan 2010. By Jan 2011, it would barely hold 30 minutes of operating energy, and reported a health of 15%. The number of cycles reported was 49. Not a typo. Forty-nine.

No amount of "calibrating" the battery nor resetting the EPS would change this. I had to fork out $129 for a new battery. As it turns out, leaving the damn thing plugged in all the time and never draining the charge severely shortens the life of the cells.

Lesson: run the thing from the battery every once in a while.

Re:Why?

[joocemann]

I see you didn't like it when I said someone should have been smarter or better at their job. Defend much? Go beat your insecurity with a WoW raid.

Re:Why?

[Bing+Tsher+E]

The firmware is so that Apple can make sure you are only using Apple-approved battery chargers to charge your i Device. They disabled many of the low-cost chargers on the iPhone/iPod platform with one of the early iOS 4.x releases. Suddenly the charger I had made by just hooking up a fairly hefty 5 volt supply to the power pins on an old synch cable ceased working. (Reverse engineers have discovered that there's a hack, using voltage divider reisistors in the data pins on the USB connection that 'fixes' the issue.)

Just as printer manufacturers put 'smarts' in ink cartridges to force people to not refill, Apples battery charging technology has been tweaked so we only buy accessories from vendors who have kissed Steve's.... er... ring.

Re:Why?

[joocemann]

So instead of spending an extra 6 months and some more people invested in a debug (so you could have a reliable finalized product that requires no patches), you just open doors and assume that only you will be the one going through it... yeah.... smart... oh wait.. we're talking about this for a reason.

The big point here is beyond batteries. And the solution will not come from shortsighted, uninventive, run-of-the-mill engineers and companies. The solutions will not be something you've seen before, but may involve things you've seen before.

quick answer: the firmware updates should be administered by physical port access by an in-store support clerk using a small handheld device that is in no way connected to the internet or any network. (10 second idea, and maybe even a good one!)

Re:Why?

[hedley]

About 20kbytes of code so I was told. The uP has an analogue block called a coulomb counter. There is also some non volatile storage to keep
track of the # of cycles plus other pertinent facts about that battery pack.

Progress no? Certainly good for uP vendors since each battery needs one.

H.

Re:Why?

[fgodfrey]

That's not quite true. The iPhone is capable of drawing more power than the USB spec allows to charge (USB allows 500mA at 5V, the iPhone can draw up to 1A, IIRC). However, so as not to fry a USB port that is not rated to drive the phone, it looks for the voltage divider resistors. The charger you made should have had 15k pull-down resistors on D+ and D- in it to be a compliant USB host interface. I suspect few, if any, devices check for it, but the charger you made does not meet the USB spec. Any charger that meets the spec will work fine with iPhone, it just will charge at 500mA max, but it *will* charge. Check out the "Minty Boost" schematic here.

I don't think Apple actually documents what you have to do to get it to charge at full power, which is kinda cheesy, but it's well documented by people who've reverse engineered it.

Also, none of this is related to the actual article. The firmware in the battery is well beyond the point where the stuff you're talking about is checked. It's there to keep the battery from catching fire. All Lithium-Ion batteries have it. I strongly suspect that this bug is not unique to Apple.

Re:Why?

[willy_me]

Make access to battery firmware physical, and physical only - requiring specific access port ONLY.

So if you worked for Apple would you want to deal with a recall of a million+ laptops? Previously, every other model has required an update. It simply is not practical. Much better to allow the firmware to be updated via software update. If you are worried about a virus being able to go from the battery to the computer then simply make sure the software that communicates with the battery is not filled with bugs. The communication protocols will be simple so it will not be a difficult task. It is not like the battery has access to main memory. And if, by some unforeseen circumstance, an exploitable bug is found, it can be fixed by a software update.

Note that all this researcher found out is that the battery has a firmware and it can be modified. Shocking, I know. So you can harm your computer by running malicious code outside of a sandbox. Is this really news to anyone?

Re:Why?

[adri]

And you're the know-it-all guy who prematurely called it.

Figuring out Lion/NiMH cell charging by analog methods is actually quite difficult to do when you're charging the battery at stupidly high current, which is what's going on here. The NiCD way of measuring the voltage drop/resistance doesn't work as well - the change is too sharp. There's not one charging rate (fast and trickle), there's a "curve" to maximise battery life and minimise damage/risk of explosion. It changes over the life of the battery, so you can't just "assume" a common curve. You may have a fully-charged battery, so you have to know how much charge is in there before you start charging it at full current.

These laptop battery cells can double as exploding timebombs if you're not careful. Hence yes, there's a microcontroller in them to keep track of exactly what's going on.

Re:Why?

"2) Why would someone permit any communication from the 'firmw'a...."

So you could update and fix bugs in the battery firmware? Especially in since it's extremely complex software, which makes it more likely a bug would be found.

I dunno, this doesn't seem like a hard question to me. This is like asking why we don't hacker proof our nuclear power plants by just implementing everything in ROM.

Re:Why?

[Khyber]

No, it doesn't have to be set like that to explode.

Just overtask the laptop and make the battery firmware fail. I'm sure thermodynamics will take care of the rest.

Re:Why?

[Khyber]

What a moron you are. Come back when you understand the inherent problems of power sources and how digital (not analog) controls make them safer to use.

Actually, fuck that. Let me add another felony to my rap sheet. You're just another AC that won''t be missed. Where do you live?

Re:Why?

[LynnwoodRooster]

That's not quite true. The iPhone is capable of drawing more power than the USB spec allows to charge (USB allows 500mA at 5V, the iPhone can draw up to 1A, IIRC). However, so as not to fry a USB port that is not rated to drive the phone, it looks for the voltage divider resistors.

That is the "official Apple story", but as anyone who's read the USB spec can tell you - EVERY single certified USB controller has an over-current detector in it and will shut the USB port down if the current draw is too high for the rated USB port (note: not all ports have to supply 500mA; they can supply up to that amount, but must report their actual limits in the hardware descriptor. And there is no requirement that a port only supplies up to 500 mA, many are built with higher limits now to support external HDDs and the like). IF the iDevice was built to the intent of the spec, it would throttle back its own USB current draw so as to not trip the over-current limit of the port, but there is no way for the iDevice to damage the USB port in the first place, by attempting to draw too much current.

And, as anyone who's ever built a charging circuit will tell you, just because your device "pulls" 1A does not mean you cannot charge it with 500 mA; you take longer, and may not be able to keep up with operational current draw, but you could charge it if desired.

Basically, Apple's using BS to try to make it sound like they're "protecting you" when in fact they're just playing around the USB spec and forcing you to only use their own chargers. Nice way to enforce purchase of $30 accessories...

Re:Why?

[Khyber]

And you're a wannabe engineer without a clue.

Analog is garbage for cntrolling circuitry charge and discharge. Sure it's fine for mechanical devices, but for digital devices, you're a damned fool t use analog.

Re:Why?

[shentino]

It doesn't really matter how well you secure the computer, if you have people that are weaker.

http://xkcd.com/538/

Re:Why?

[Wansu]

As it turns out, leaving the damn thing plugged in all the time and never draining the charge severely shortens the life of the cells.

Yep, they have "memory". They have to be cycled or they won't hold a charge. But that's a separate issue from the firmware.

Re:Why?

[Wovel]

What he said , plus there is no way to compromise the OS through this vector and it is no more likely to be exploited then any other hardware firmware.

Re:Why?

[Rich0]

So you can harm your computer by running malicious code outside of a sandbox. Is this really news to anyone?

Well, there is a disturbing trend towards an increasing number of hardware components that can be irreversibly damaged by software. 15 years ago there wasn't anything software could do to your computer that couldn't be undone by booting off of a clean floppy and re-installing the OS.

Fast-forward to today. Now a virus can blast through write cycles on flash chips, permanently destroying them. It can wipe the BIOS, which on many motherboards cannot be recovered without changing chips. It can cycle your DVD player's region codes, permanently locking it (well, unless you have dvdcss, but mainstream software won't work). And, now we find out that a virus can brick your batteries - which are fairly expensive to replace. It wouldn't surprise me if a virus could get them to explode too, and maybe burn down your house.

I'm not sure that we really should be giving software on average PCs that kind of power over the physical world. If you're designing software to run a large industrial robot then you're going to have a ton of safety testing and controls on your development. If you're designing flight control systems for aircraft the controls are even more stringent. It isn't like we don't give software power over the physical world already, but usually this comes with a higher level of QA than what you find on the typical EULA. It simply should not be possible to mess around with the battery in a dangerous way using software of any kind - the protection should be at the hardware level, or implemented in ROM on a controller that does not contain more than a few necessary bytes of RAM.

Re:Why?

[joocemann]

I never said for controlling charge and discharge, that would be something that would require absolutely no communication with the actual computer, thus the 'door' would not exist anyway.

What i'm talking about is an analog readout that is physically connected to the battery and simply reports the amount in it. Hell, it could even be a digital display, but the point being that it doesn't communicate with the computer/os, but rather directly to a small display somewhere on your device.

oh.. but that's me not having a clue, huh... yeah... look where 'not trying new things' got apple. keep those blinders on, you'll fare well as a peon.

Re:Why?

[joocemann]

You could still have internal chips and firmware... my point is that the communication directly to the computer/os is unecessary, and that a hardware display would suffice for showing the amount of battery left. But in this case, the backdoor was built, and the backdoor was broken. I'm saying that people should try to think around the doors, but I guess you missed that point.

Re:Why?

[joocemann]

You're not really going to try, at all, are you? You're talking about what we already know, and ignoring the fact that it is reckless/vulnerable for convenience.

Meh... you can scan all my other posts on this topic for some inspiration. Real inventors have ideas, and then make it reality -- they don't look at reality and accept it as is.

All you said was 'change the locks'. That's pretty lame.

Re:Why?

Why? because how, then, could Sony make sure you're using Sony batteries?

Re:Why?

[rtb61]

Let's be more honest it all breaks down to "Government Regulation" vs "Corporate Greed". Corporations as run by psychopathic asshats, will seek every possible method to screw their customers for every possible cent of profit upon a completely amoral or sociopathic basis. Government regulation is then required to force morals onto those corporations in order to get them to treat the customers/voters in a somewhat reasonable fashion.

I for one think, that being able to remotely program a battery that is capable of bursting into flame is an insanely fucking stupid idea, that could only be driven by greed.

Re:Why?

[AmberBlackCat]

But there will be an exemption to the rule, allowing citizens of India to be certified for free.

Re:Why?

[Nethead]

You really need to get employed before you become a menace to society.

Re:Why?

[the_raptor]

If that was your main point you made a piss poor attempt at communicating it (Hint: communication does not involve yelling at people if they appear to not understand you).

You raised a valid point about battery firmware being easily writeable*, but look totally ignorant about modern battery technology by questioning the necessity of battery controllers with Lithium chemistry batteries.

* Making it not really firmware as far as I understand the definition. Most re-writeable firmware needs special high voltage lines to do the write, and normally people don't design those into a product.

Re:Why?

[thestuckmud]

Nah. Li-ion cells are charged at constant current (typically 0-8-1C) until they reach their target voltage (4.2V), then held at constant voltage until the current drops below the minimum charge current. No fancy curves, usually no adaptation for health.

The trick is balancing the charge in multi cell batteries (not necessary for NiMH which tolerate a little overcharging), thermal management, "gas gauge" status, etc.

Apple uses li-poly (soft pouch) cells in their batteries, which do require a battery management system for protection. Most other brands use 18650 (cylindrical) cells, which have built in protection and will not explode due to over/under charging or thermal runaway. As a rule, li-poly has better energy density but doesn't last as long.

Re:Why?

[Nethead]

Citation?

http://en.wikipedia.org/wiki/Lithium-ion_battery States "..no memory effect.." and http://en.wikipedia.org/wiki/Memory_effect states: "battery memory, is an alleged effect observed in nickel cadmium rechargeable batteries.." and continues on with "True memory effect is specific to sintered-plate nickel-cadmium cells, and is exceedingly difficult to reproduce, especially in lower ampere-hour cells. In one particular test programâ"especially designed to induce memoryâ"no effect was found after more than 700 precisely-controlled charge/discharge cycles."

Having dealt with thousands of hand held radios, of various battery types, in many various operating conditions, I can agree with the above findings.

Re:Why?

[thestuckmud]

Nope. Memory is allegedly an issue for Ni-Cd batteries, and then only for very specific usage patterns. Li-ion does not exhibit this type of problem.

On the other hand, Li-ion cells lose capacity with time, whether or not they are being used. The capacity loss is faster at higher temperatures and if the battery is kept at full charge - exactly the environment in a plugged-in laptop that sees a lot of use.

Re:Why?

[Cito]

exactly, There is no need for "smart" batteries, this is just a ploy to force you into buying their battery at inflated prices. Just as bad as the printer ink cartridge racket, it's bad when thimble full of ink cost more than a tank of gas. I won't be buying overpriced crap like that with 'smart' batteries. The apple fanb01s can have it and act smug like the smug episode of Southpark... I'll stick with my basic standard DC battery packs :) and if they disappear, then hell I'm old enough now that by the time they disappear, I will have died long ago, so no need to worry about it

Re:Why?

[vijayiyer]

Every iDevice works with every USB spec charger, it just won't draw more than 500 mA. It wouldn't know how much more than 500 mA to pull without purposely tripping the over-current circuitry in the charger.

Re:Why?

[vijayiyer]

And you've never tried to implement a state of charge estimation algorithm. If you had, you'd understand that it is an extremely hard problem.

Re:Why?

[vijayiyer]

Great idea. Go use a lead acid battery with your laptop.

Re:Why?

[fgodfrey]

How, exactly, is a dumb charger supposed to tell the iPhone that it can supply *more* than 500mA if not for the voltage dividers? And yes, it won't fry the port if it draws too much, but if the port shuts down power due to overcurrent, it won't charge either. I'm somewhat dubious, too, about a $5 wall wart from Fry's having overcurrent protection. I'm not sure what the iDevices do if you plug them into a real USB host interface that can actually talk. My guess is that they will honor whatever power spec the port claims (my Dell Mini 9 Hackintosh seems to only supply 300mA if you're on battery).

But for dumb chargers, it looks for the resistors. If it doesn't see the "Apple resistor values", it charges at the spec'd 500mA. If it does see the Apple special, it charges at more current. Apparently, if it sees *no* resistors, it doesn't charge at all. But why should Apple support an out of spec USB charger? 2 15k resistors aren't exactly going to cost you much money.

And by the way, my iPhone is currently charging on a $5 thing I got at Fry's the last time I was in CA. It most decidedly isn't certified by Apple so I don't know where you're getting your statement about having to buy an Apple approved charger.

Re:Why?

[freedom_india]

WTF? I thought batteries were just that. Like duracell but rechargeable. Wtf is apple doing chips in it? Man the Abacus was a simpler world. I hate progress. Oh, and am typing this on my iPad.

Re:Why?

[freedom_india]

Am on my 3rd battery for my iBook g4 bought on the day tiger was released. And that battery better not die on me.

Re:Why?

[JinjaontheNile]

Yes, but why does a simple hardware controller need it's own login???

Re:Why?

[JinjaontheNile]

Surely if it were so dangerous, it would be thoroughly tested and then locked down.
Externally updatable negates reliability

In the real world, the answer is always, there is something wrong with your battery - you need a new one.
Resistance will be met with appeals to fear (it could blow up, the plane will fall from the sky, the world will end etc)

Re:Why?

[LynnwoodRooster]

Not according to the GP, and the presence of sense resistors required...

Re:Why?

[LynnwoodRooster]

It's quite simple. If your charger can supply the current, it supplies the current. Otherwise it shuts down. You can add smarts to query the port, and if you get a response you can respond accordingly. Otherwise just draw what you need and assume the source will either supply it or - as per the USB spec - shut down.

.
If you're charging on a Fry's charger, then it's probably built with the sense resistors inside it. Just witnessed a friend yesterday try to charge his iPhone with a generic charger and it wouldn't charge; plug into an official Apple charger and away it went.

The fact we even need to talk about these issues shows that it's a complete FUBAR. Just do what every other USB component does - pull the current you need, and if the port can't support it, the port shuts down. No need for dropping resistors, custom cables, or custom chargers.

Re:Why?

You are fortunate that this didn't happen. Apple has been notorious for their exploding and self-combusting batteries throughout their laptop and iPod product line ever since the PowerBook 5300.

Re:Why?

[Rosyna]

Actually, for Li-Ion batteries, keeping them *always* plugged in makes the battery less prone to loss. Li-ion batteries lose most capacity only when they are not being used and do not have charge constantly moving through them.

This is also why non-replaceable batteries are a lot better than replaceable ones. The non-replaceable ones never since on/in a shelf/desk/drawer causing them to lose capacity.

Re:Why?

[FunPika]

Replace prison with Gitmo, and you will be right.

Re:Why?

[Joce640k]

I had a similar problem with a macbook pro battery I bought in Jan 2010. By Jan 2011, it would barely hold 30 minutes of operating energy, and reported a health of 15%. The number of cycles reported was 49. Not a typo. Forty-nine.

Assuming the bettery started out ok, the only thing that would cause that is overheating.

Re:Why?

[SimonTheSoundMan]

Apple will replace it. My MBP has a Li-ion battery, should be 300 cycles to 80%. Yours is a Li-pol battery, IIRC Apple have 1,000 cycles to 80%. I think they give them a life of 2 years too, hence why I have to buy mine now as it's over 2 years old.

Batteries are wearable parts, like hard drives and fans, so in the UK (where I'm from) they do not usually come under the Sales of Goods Act as having to be durable parts that should last 6 years. So, Apple can get away with poor batteries and not have to replace them.

Re:Why?

[makomk]

For example if the voltage falls outside the safe range, then the battery disables itself from getting a charge (to stop it exploding/going on fire).

It will also prevent the battery from being completely discharged (which kills the battery).

Both of those can be - and probably are - controlled by hardware. (They certainly are in smaller lithium ion batteries.)

Re:Why?

[TheRaven64]

Your country need better consumer protection laws. Apple advertises that the battery will retain 80% of its charge capacity after 300 cycles. Mine was down to 50% of the capacity after about about 50 charge cycles. I called them, referred them to the Sale of Goods Act, and they put a replacement battery in the post to me. I called them at 3pm, and the new battery arrived at 9am the next day.

Re:Why?

[TheRaven64]

Nope, they are covered by the Sale of Goods Act. The act requires that these parts work for a reasonable period. Apple defines what a reasonable period means in their advertising (80% after 300 charge cycles). I got mine replaced by citing the Sale of Goods Act after 3.5 years because it didn't live up to this promise.

Re:Why?

[TheRaven64]

Forgot to say: The Sale of Goods Act doesn't say that things must last 6 years, it says that they must last a reasonable length of time and that you have 6 years to sue if they don't. The definition of reasonable is a bit flexible, but if a manufacturer makes claims about their product and it doesn't live up to them then they are covered by the act.

Re:Why?

To be honest no, I just think sony exploding laptops.

Re:Why?

[swillden]

But without making the battery state visible to the OS, the OS would not be able to adjust its operation based on the battery state. And, yes, OS X does that, and it's a good thing. Not only that, whatever useful interactions the OS and firmware have now, it's always possible that future software updates could make both, and their interaction, even more effective. Leaving that possibility open is good engineering.

The problem here is poor implementation of the security component of the system, not bad design.

Re:Why?

[BitZtream]

The firmware is what makes it work. A simple passive circuit won't work for shit here. The controller plans for the future and considers the past. It looks at heat build up, charge rate, measures charge hold and internal resistance, and all sorts of other things to make the most out of the battery.

This processor also makes sure that the voltage and current into the battery are consistent because when it isn't ... These batteries burst into flames! No bullshit, charge them or discharge them in the wrong way even a little and you have a fire.

I race rc cars, I have refused to use a non Smart chargers since 1996. The advantages are mind blowing. Now days we use lithium polymer batteries. You can not charge them with a dumb charger, they will explode. Even these batteries, the good ones anyway have built in micro controllers for safety, to disable bad cells or abort a charge/discharge if the cells become unbalanced or obviously about to do something bad.

http://www.youtube.com/watch?v=6vYn2lbBh0Q&feature=youtube_gdata_player

Thats not a charge accident, but the broke the case, removed the safety circuit then over discharged it ... Ie they dead shorted it with all the protections removed.

I'm of course assuming you aren't making this silly statement because you don't understand what the word firmware means. Firmware is just another name for software that the user generally doesn't mess with. Examples: pc bios or efi, video card bios, smbus bios, hard drive bios, carom bios. All of them use firmware. If you have a programable component in the circuit, you have firmware. The only electric device in my home I can think of without firmware are the incandescent bulbs above our shower. Even our toaster and blender have firmware.

Re:Why?

[BitZtream]

http://hardware.slashdot.org/comments.pl?sid=2343986&cid=36856156

That's the first part of you answer. Why? Because it has to. You don't understand how these batteries work.

Making it updatable is a convience feature. This problem can be fixed ... Via a firmware update, no need to physically take the device to Apple to get it replaced, just install OSX 10.6.9 or 10.7.1 and it's no longer an issue.

I don't want to send my battery off to get a silly bug fixed.

For the record: you need root or physical battery access to do this. So this is another one of those, oh look when someone has owned you ... They can do bad things. No shit. The battery is the least of my concerns.

The hacked fix is easy. OSX just verifies the firmware at boot and fixes it it doesn't verify. So the worst thing this can do? Make you need to plugin a power cord to boot.

If you didn't read the article:

"I started out thinking I wanted to see if a bad guy could make your laptop blow up. But that didn't happen," he said. "There are all kinds of things engineers build into these batteries to make them safe, and this is just one of them. I don't know if you could really melt the thing down."

Re:Why?

[BitZtream]

These arent nicads were dealing with.

Your comparing the little generator on your bicycle to a nuclear reactor like three mile island.

The only thing you called is yourself; ignorant.

Re:Why?

[jones_supa]

I all the time hear these both theories, that it is or it is not good to keep the battery always plugged. Maybe the results even vary per device (and its charging patterns) and not only battery type?

Re:Why?

[adri]

thankje for the clue drop.

Re:Why?

[Khyber]

"keep those blinders on, you'll fare well as a peon."

Except I'm a research director for a multi-national corporation. I developed tech to grow plants WITHOUT LIGHT (That's right, bypass photosynthesis.)

Who's wearing the binders, here? Obviously not me. Perhaps your insufficiently-skilled mind has the blinders on.

Re:Why?

[omfgnosis]

I bought my MBP in April of 2010 and keep it plugged in almost all the time. The battery has only 23 cycles at this point. And the health is 96%. And at this rate, I am keeping mine plugged in a good deal more than you were. It might be that the newer models have a vastly improved power system, but I doubt the difference is that significant. I would put money on your unit being faulty. Worth noting: At least under load, the power supplied from the wall is not enough to fully power the computer, so some battery reserves are used at this point. The battery will usually be allowed to drain down to 95% charge before it is recharged from the wall. And as I understand it, cells are not drained in the same order each time, so eventually all of the cells are allowed to drain and be recharged.

Re:Why?

[michelcolman]

quick answer: the firmware updates should be administered by physical port access by an in-store support clerk using a small handheld device that is in no way connected to the internet or any network. (10 second idea, and maybe even a good one!)

So whenever a bug in the firmware is discovered (batteries wearing out quicker than normal, overheating, etc), instead of pushing a firmware update over the internet, Apple should require all users to physically take their computers to an Apple store and wait in line or, worse, leave their computer behind for a few days?

Re:Why?

[CheerfulMacFanboy]

Well, just with the difference that Apple apparently wants their batteries (resp. its microcontroller) to be updateable.

http://www-307.ibm.com/pc/support/site.wss/MIGR-75738.html http://h20000.www2.hp.com/bizsupport/TechSupport/SoftwareDescription.jsp?lang=en&cc=us&prodTypeId=0&prodSeriesId=316682&prodNameId=316684&swEnvOID=1093&swLang=8&mode=2&taskId=135&swItem=PSG_I20759-104642

Re:Why?

[joocemann]

I recall the conversation being you defending the flawed 'known' solution (which was just shown as flawed in the article) against the idea of innovation to remove security holes from the tech. If you read my other posts on this topic, where I brainstorm and urge forward progress in thinking, you'd notice that my blinders are fully removed and it is the assumptions of those who think they 'know' the limitations of what is possible (as you are) that are in defense of flawed products that (in my opinion) could use a bit more work.

There is no need for the computer to have access to a battery in a way that would modify it. If the firmware is flawed, that should arise in testing, and if still flawed, could be fixed through recall and/or in-store flashing. Or the chips on the battery can be internal, while reporting the necessary information (total charge, time left) via analog or digital display that does not have 2-way communication with the OS. But nah... You've engineered plants, so you *know* its not possible to do it without OS access to the firmware... Good luck with that, as I said before. Your merits in plant engineering appear insignificant when you defend flaws in the face of urges to innovate.

Re:Why?

[knorthern+knight]

> So whenever a bug in the firmware is discovered (batteries wearing out quicker
> than normal, overheating, etc), instead of pushing a firmware update over the
> internet, Apple should require all users to physically take their computers to an
> Apple store and wait in line or, worse, leave their computer behind for a few days?

I would much rather have that than the ability for some snotty-nosed 14-year-old kid on the other side of the planet to explode or permanently brick the battery in my laptop. There may be an argument for having firmware on the battery, but easy updatability, by both the alleged "good guys" and "bad guys" is going too far.

The on-battery chip should be non-modifiable. I can see only only one reason for Apple doing this. It's just like all the updates to IOS. After a jailbreak method is discovered, Apple issues an IOS update that closes the loophole used for the jailbreak. They'd love to be able to "upfate" batteries that have been jailbroken, and remove the jailbreak loophole.

Re:Why?

THE REASON VULNERABILITIES ARE FOUND/EXPLOITED IS BECAUSE ENGINEERS/DEVELOPERS PERMIT THEM BY POOR DESIGN.

...and if hacking the batteries wasn't permitted, half the people here would be "boo hoo, Apple has locked everything down so I can't customize my blah blah blah..."

Re:Why?

[AmiMoJo]

Well the idea is to make them failsafe, so if the microcontroller does die nothing bad happens beyond the battery becoming a brick full of nasty and hard to recycle chemicals. Of course people make mistakes, but really there is no excuse for a battery catching fire while in normal use. Aside from having the microcontroller actively hold a switch closed so that if it fails the power is automatically cut (failsafe open) there should be multiple thermal fuses.

Re:Why?

[AmiMoJo]

Why didn't Apple use the existing standard of simply connecting the D+ and D- lines together? Virtually all chargers capable of supplying 1A support it, as do most devices. Lady Ada gives instructions on how to modify the Minty Boost to support that (solder bridge the two lines).

I made a Minty Boost but have discovered a better option. The problem with the MB is that it uses a switch mode regulator to boost the voltage from 2xAA cells up to 5V for charging, but that creates a lot of heat from the chip itself and from the batteries which try to discharge a lot of energy very quickly. I use good batteries, Sanyo Eneloop or 2700mAh rechargeables.

On eBay I spotted a 4xAA cell holder with a built in USB port and on/off switch for about £2 delivered. Using 4 batteries 1.2V gives you 4.8V, or up to 6V with 1.5V batteries. In practice almost all devices are fine with 6V since they are charging lower voltage batteries anyway and so have to drop the voltage down. Anyway, the result is that the batteries don't heat up as much and you get much nearer their rated capacity. With the Minty Boost I was seeing about 75% charge of a 1500mAh battery in the Galaxy S with 5400mAh of AA cells. With the 4x cells and no regulation I could do 4 or 5 full charges.

Re:Why?

[Bing+Tsher+E]

As you state, the spec. is 500mA from any powered USB port. So the iPod/Phone should simply work with any USB source it is plugged into. For the special case of a charging circuit that can supply the 1ampere, the iDevice can query before stepping up.

Your reasoning doesn't work. Before one of the 4.x iOS releases any dumb two-wire 'USB' charging circuit would charge the iDevice properly. I had a modified 5 volt 1amp cell charger I built to accomplish that.

Apple's objective wasn't 'meeting the spec.' Their intention was to see to it that the existing inventory of low-cost chargers in blister packs at retail outlets was instantly obsolete due to a firmware update. They didn't have the 'kissed Steve Jobs ring' seal of approval on them, so any Dollar Store or Walgreens that had foolishly stocked them was due to be punished.

Apple loves doing that kind of shit. If you're not closely involved with their marketing/licensing people they get a special joy out of fucking you over.

Re:Why?

[milkmage]

my friends 2 year old MBA battery died (no applecare)

they swapped it out in the store (not the battery, they gave him a refurb)

took longer to copy his data over to the new machine than it took for them to acknowledge the problem and agree to "fix" for no charge whatsoever.

my 2006 MPB toasted the logicboard.. $300 dollar replacement - when I got it back, one of the things they replaced was the battery (again, no charge)... even though the machine was 4 years old and well out of warranty. they didn't want me to buy a new machine. they wanted be to be happy with the one I had.

Re:Why?

[sjames]

I have a bunch of LiIon batteries with "protection circuits" that shut them down on over or under charge, but no firmware.

LiIon batteries are charged by a combination of current and voltage limiting. That is, a current limiter adjusts the voltage down to maintain a maximum charge rate. As the battery charges, the voltage naturally goes up, but then it is limited to the nominal max voltage of the cell. Final cutoff happens when the charge current falls below a threshold. The chargers have no firmware at all, it's all off the shelf analog ICs (most commonly, a single IC with a couple resistors and a capacitor).

If you want batteries to burst into flames, replace those simple circuits with embedded processors and firmware so you can really hose things.

I can see the value of monitoring the batteries with a more complex setup but that should just watch while the actual functionality is kept simple and fool proof.

Re:Why?

[sjames]

Simple. The more complicated the plumbing, the easier it is to stop up the drain. And the plumber only makes money when the drain gets stopped up.

Re:Why?

[omnichad]

I can't imagine the power from the wall not being sufficient to power the computer. If you can plug in a 1000 Watt Microwave or other major appliance and have it function, this is not the issue. The computer is probably cycling the battery to prevent it from sitting at full charge for too long, which isn't so great for Lithium-based batteries.

Re:Why?

[omfgnosis]

Obviously the power from the wall is sufficient to power the computer, otherwise the battery could never be charged while the machine is running. What I meant is that the power management system prefers to draw some power from the battery, rather than all of it from the wall. Yes, it is cycling the battery... which is what I described.

Re:Why?

[Dwonis]

I all the time hear these both theories, that it is or it is not good to keep the battery always plugged. Maybe the results even vary per device (and its charging patterns) and not only battery type?

Do you have any evidence for that? You can't just take two competing theories, find some arbitrary "middle ground" and have that be the correct answer.

Re:Why?

[triffid_98]

Li-ion batteries lose most capacity only when they are not being used and do not have charge constantly moving through them.

This is also why non-replaceable batteries are a lot better than replaceable ones. The non-replaceable ones never since on/in a shelf/desk/drawer causing them to lose capacity.

I though non-replaceable batteries were a lot better because it helps Apple sell new editions of their products when the old ones fail. You might know how to pull them apart and change them, but grandma and the guy from marketing do not.

In any case, from my (limited) understanding of lithium ion packs, there are a couple of things you want to do to avoid losing capacity.

1. In multi-cell packs you want a balanced amount of charge in each cell (this is part of what that firmware is supposed to do)
2. If you are storing a battery for a while you want to leave it approximately half charged.

Re:Why?

[DanTheStone]

I'm sorry this came off as a troll. I was referring not to an actual problem with Macs but to their supposedly non-user-removable batteries on their newer lines (which I do not own). The computer I've truly had a battery-dying-problem with was a Dell, and the old (non-Intel) Mac laptop I own still has a fine battery. I just wish I could manage to get around the education-centered boot restrictions on it to wipe it and install Linux.

This is kinda weak without a patch..

[synthesizerpatel]

So, kudos for looking at the patches and finding the password, but without providing a tool to set the password to something else this is just kinda weak. 'Hai guys, I rooted your battery and you can't do anything about it!'. Clever but not helpful.

Re:This is kinda weak without a patch..

So, kudos for RTFA.

Miller plans to release a tool at Black Hat that will go in and change the defualt passwords on the battery's processor so that the hacks he developed won't work. It will lock the battery in sealed mode permanently

Vulnerabilities

It mentions a required vulnerability to make use of in-OS. Would it perhaps be possible though to fetch for such software from the outside?

Re:Vulnerabilities

[YodasEvilTwin]

No it doesn't. He grabbed the passwords from updates and now has access, no vulnerabilities required.

This why you NEED battry packs that can b REMOVEed

[Joe_Dragon]

This why you NEED battry packs that can be Removed from the systems.

Windows PHONE has this. and there are people who may need the battery life that you can only get from swapping battery's.

PSP Pandora Battery

[MBCook]

Isn't this sort of like how the Pandora Batteries worked on the PSP? I think they enabled a diagnostic mode as opposed to a direct hack, but the battery being used to corrupt the system thing isn't totally new.

On the plus side, the hard to replace batteries people complain about make this attack more difficult to perform, instead of just taking a few seconds.

Re:PSP Pandora Battery

[Anarchduke]

Thats a minus, not a plus. A hard to replace battery isn't any harder to hack, its just harder to fix.

Re:PSP Pandora Battery

[gl4ss]

Thats a minus, not a plus. A hard to replace battery isn't any harder to hack, its just harder to fix.

he was thinking of using it to hack a laptop you've gained access to.

Re:PSP Pandora Battery

[MBCook]

Right. What I meant was that with an older MacBook Pro where you could just pop the battery out and pop a new one it, it would be easy to gain access to my laptop on my desk if I'm away for just a few minutes. With the newer MBPs, you'd have to remove the bottom case (8 torx screws?), unplug the battery cable, swap batteries, plug the new cable in, put the bottom back on, and put the screws back in... all before I walked by my desk and noticed.

As an end-user, yeah, it's a little annoying. But in this one ridiculous circumstance it's a "feature".

Re:PSP Pandora Battery

Pandora (faked JigKick) batteries have the serial number changed to FFFFFFFF. This enables "service mode" - the PSP boots from a magic memory stick as opposed to internal flash.

Once this became commonplace Sony first removed the ability to write to battery NVRAM on newer hardware revisions, then changed the protocol for the latest versions (though Datel's never-released "Lite Blue Tool" battery alledgedly was able to get to service mode again, which without a matching magic memory stick did not have any use anyway).

No worries here

[JoeWalsh]

I don't have to worry about that. Not only am I using a Dell, but my battery exploded.

Re:No worries here

I wish I could be poor enough to upgrade from my Mac to a Dell and have 'enhanced' security like you.

Re:No worries here

[_xeno_]

Not only am I using a Dell, but my battery exploded.

Don't worry, Apple laptop batteries do that too.

I'm already on my second Apple laptop battery after the first one bulged to the point it no longer fit within the laptop case. Thankfully I'm using the "old" MacBook: the one where you can replace the battery and hard drive on it, both things you can't do with the new ones.

Which makes me think that somehow I might be staying away from the new "sealed" MacBooks with the unreplaceable batteries, especially because searching for "bulging battery" brings up nothing but horror stories about Apple batteries. Apparently they've had this problem for over five years and have never bothered fixing it.

Re:No worries here

[jittles]

Actually, it's not terribly hard to remove the batteries on the 2011 Macbook pros. Not something you could do easily on a plane, or in the car, but you can definitely do so with just two screwdrivers. Or one screwdriver with a replaceable bit.

Re:No worries here

[joocemann]

You'd better be careful with all those facts. Slashdot mods might mod you 'troll'.

Re:No worries here

[Dice]

Not terribly hard compared to what?

You know how I remove the battery on my Thinkpad? I slide the clasp into the unlocked position then slide the battery out. Same for the DVD drive (although I don't know who swaps theirs out, there doesn't appear to be an option to put a second battery there).

I can also use one screwdriver, a phillips, to replace the hard drive, memory, wireless card, keyboard, CPU, video card, etc.

Re:No worries here

[That+Guy+From+Mrktng]

Epic ThinkPad hardware accessibility seconded.

And doesn't new Apple devices use the pentabulous pentabular screwdriver? Thats 3 screwdrivers including one thats probably not in everyones toolbox.

Apple decision to deliver built in the batteries on it's products it's a pain for consumers but I find that their designs relies on that "feature", so you can't complain or try to argue the Apple batteries are easy to change when thats evidently not true.

I think we were talking about EASY as in "EASY as I can do it with one bare hand"

Re:No worries here

[phorm]

Luckily for us all, the TSA is already ahead of terrorists by banning screwdrivers on planes :-)

Re:No worries here

[Bing+Tsher+E]

Thats 3 screwdrivers including one thats probably not in everyones toolbox.

Thats by design. Apple 'engineers' have been conducting a screwdriver arms race against hackers ** since the launch of Macintosh.

(* Jobs himself jubilantly declared that the Mac was 'hacker proof' in a presentation broadcast on the radio from the National Press Club at the launch of the Macintosh. Many of us first said 'fuck you' to Apple that day.)
 

Re:No worries here

[willy_me]

Which makes me think that somehow I might be staying away from the new "sealed" MacBooks with the unreplaceable batteries, especially because searching for "bulging battery" brings up nothing but horror stories about Apple batteries. Apparently they've had this problem for over five years and have never bothered fixing it.

The batteries used in the laptops today are completely different from the removable ones. They used to contract out for batteries, I believe to Sony but there were likely others involved as well. Now they build their own batteries. A huge investment on their part and likely the reason why it took 5 years to fix the problem. Current batteries are Li-Pol based and are far more durable then the Li-Ion batteries used on cheaper laptops. These batteries appear to be free of the "bulge" defects that effected the previous style of batteries.

Re:No worries here

[russotto]

Which makes me think that somehow I might be staying away from the new "sealed" MacBooks with the unreplaceable batteries, especially because searching for "bulging battery" brings up nothing but horror stories about Apple batteries. Apparently they've had this problem for over five years and have never bothered fixing it.

The bulging is a symptom, not a problem. A lot of problems with lithium-polymer cells will cause them to swell up. Overheat them, they swell. Short them, they swell. Overcharge them (which the microcontroller is supposed to prevent), they swell. There have been bad runs of batteries (search for sony battery recall), and they (not just Apple, but the other OEMs affected) HAVE done something about it, namely recall the affected batteries.

Re:No worries here

[dwightk]

yeah I loved that single screw when people would come to me wondering why their computer was flaking out and I discovered that screw wasn't holding the HD in position reliably so it would start up and then freak out when the drive got unplugged.

good times

Re:No worries here

[That+Guy+From+Mrktng]

Yes I remember that story here on /. back in the day, My perception of Apple changed that day too, before that I usually considered Apple as reasonable option when shopping for gadgets, I'm still buying an iPod touch but the iPad purchase got cancelled now that ThinkPad will have a serious (as in not consumer oriented) tablet.

  I don't even criticize the fact that the batteries are bolted to the machine because thats what make possible to deliver the laptop design which is a nice and usefull added value for Apple products. Problem? then don't buy an apple laptop, is that simple.

But when people argues that OS X it's hacker prof or that iPhones own the "phone" market or that Apple Batteries are easy to change, it's time when you ask yourself if you're being trolled, shilled or simply preached about non-existent facts.

Re:No worries here

Dont know what you're talking about, ive gone into my 2011 MBP to swap out the optical drive for a second hard drive ( and check out the rest of the internals while I was in there ) the battery seems easily accessible and even the main hard drive can be replaced/upgraded without too much hassle. The optibay operation took me 30 minutes start to finish, working in an awkward dust-free ventilation hood. Would have been much faster on the dining room table.

I don't mind needing to take more than 2 minutes once/twice a year to swap critical hardware, if all those extra screws and bolts mean extra protection against everyday jolts or drops.

On a similar note, I used to think that "accessible" batteries on phones, the kind that would pop out and rattle across the floor if you dropped your phone on a hard floor offered protection. It was logical that some of the energy from the impact would dissipate into deformation of the phone housing, and also be carried away as kinetic energy of the battery flying away, reducing the damage to the phone.

I have since then gotten an iphone 4 and have dropped it (accidentally) several times on concrete, tile, and wood flooring, without any sort of protective case. Aside from a barely perceptible deformation in the plastic lining on one corner the thing still looks brand new. I have also dropped my new MBP twice, scaring the crap out of myself both times, but with no other ill effects.

Re:No worries here

[mjwx]

Actually, it's not terribly hard to remove the batteries on the 2011 Macbook pros. Not something you could do easily on a plane, or in the car, but you can definitely do so with just two screwdrivers. Or one screwdriver with a replaceable bit.

You've missed the point.

It's harder then it should be. Dell, Lenovo and HP sell more laptops to enterprises in a day then Apple do in a year because they have better support and are better designed. If a Dell breaks at my workplace, all I do is move the HDD into a similar model, it's literally a two minute operation because Dell know the HDD is one of the parts that is more readily changed/serviced by the user. RAM and batteries also fall into this category.

If my boss takes a 12 hour flight to Europe, he takes three fully charged batteries with him. Would it be possible to change a Macbook battery on the plane? Try getting 2 screwdrivers past security.

Re:No worries here

I replaced the hard drive on my unibody MacBook Pro with a larger one on the day I got it. Apple provided instructions in the included user manual, complete with illustrations for those who would struggle with unscrewing 10 crosshead screws. The battery was right next to the hard drive, I'm pretty sure I could have replaced that too, but there was no point at that time.

Re:No worries here

[TheRaven64]

I have two batteries for my Nokia phone. A third-party high capacity one and an official one. The official one swelled to about double its normal size and somehow got hot enough to burn the hologram. It now stores about 10 minutes of charge. The cheap third-party one works fine. Unfortunately, I have to keep the official one because if the phone turns off after running out of battery then it won't start charging the other one and so won't turn back on, although it will if I boot it with the official battery then shut it down and restart it with the empty third-party one.

Re:No worries here

Actually, it's not terribly hard to remove the batteries on the 2011 Macbook pros. Not something you could do easily on a plane, or in the car, but...

I was thinking, What the fuck kind of examples of work spaces are these, a car, a plane, what the fuck?

Then it clicked. Right: batteries

Re:No worries here

2011 MacBook Pro here .. it is trivial to replace the hard drive/battery.

You just need to remove a few screws. So stop talking crap.

Re:No worries here

Even Dell *servers* are easily servicable and don't usually require any tools for the common parts (HDDs, PS's, Fans, etc.)

Re:No worries here

[Kyusaku+Natsume]

Is very easy too to steal your battery. Apple's tradeoff is between usability and a small form factor, and the easy replacement of batteries. In previous models, it was easy to lock the battery in it's place to prevent to get your battery stolen or replaced.

Re:No worries here

[jittles]

Terribly hard compared to how the batteries were a couple of models ago. The person was trying to claim the batteries and hard drives are not swappable on the new macs. I clearly stated it was not something you could do very easily while on the road. The one thing about make the battery internal to the laptop is that you can have a larger battery because you need less protection around it. So you have more capacity and plastic in the same volume.

Re:No worries here

[jittles]

Again I said that it was not that hard. The person I was responding to said it was impossible. It's not. It's 10 screws to remove the bottom of the laptop and 1 screw securing the battery.

Re:No worries here

[jittles]

No, you missed the point. I was responding to someone saying that it was an impossible task. It is not an impossible task. It's an easy task. Not something you can do on the go, as I mentioned in my original post. You're not telling me anything I don't know. All I was trying to do was dispel the myth that you cannot replace the battery yourself.

Re:No worries here

[jittles]

No. It is two screwdrivers. And yes, one is the pentabular screwdriver, which you can buy bits for. But as the person I responded to said that it was "impossible" and I was indicating that it is possible. I also indicated that, in this particular instance, that easy precluded doing so on the road. As in, anyone can turn the 10 screws on the case and the 1 screw on the battery. Anyone. It's easy. But you're not going to do it while traveling.

Re:No worries here

[Bing+Tsher+E]

Your comment was disingenuous, though, in that those 'screws' are not manipulable with the common screwdriver most people reading the comment would have readily on hand. Don't try to pretend it isn't a significant barrier that Apple went out of their way to use 'tamper preventive' screws.

Re:No worries here

[jittles]

10 of the screws are normal philips head that 90% of the population would have. The one battery screw does have a special head. The bit for it costs about $2. If you wanted, you could use an easy out and replace it with a philips head, too.

Re:No worries here

[EETech1]

did you realize that when the guy said his boss takes 3 fully charged batteries on his long flight blah blah blah?

Yes, it is helpful: it lets you exchange cells

This IS important in good and bad ways. Since you have the password to the SBS pack microcontroller, you can change the cells and reset the counters.

This both enables people to refurbish packs (which has its consequences, since untracked Li-Ion cells can be *dangerous*), and to sell counterfeit packs (which is even worse).

Re:Yes, it is helpful: it lets you exchange cells

Or you could just buy the chips new they are commonly available.

Re:Yes, it is helpful: it lets you exchange cells

[Toonol]

This both enables people to refurbish packs (which has its consequences, since untracked Li-Ion cells can be *dangerous*), and to sell counterfeit packs (which is even worse).

On the plus side, it might allow refurbished packs and cheap offbrand replacements.

Re:Yes, it is helpful: it lets you exchange cells

[Bing+Tsher+E]

That would be unsafe. Like allowing people to put their own replacement ink in printer cartridges. The safety of Apple's consumables marketing division is of paramount importance.

Physical access?

[AK+Dave]

Doesn't this exploit require physical access to the actual battery?

On top of that, according to the actual article, any potential malware installed on the battery itself would then need a separate vulnerability in the OS itself in order to do anything. In other words, malware on the battery isn't going to exploit the OS by itself. It isn't going to hijack the bootloader.

But it all goes back to the original problem: the bad guy has to gain physical access to your battery. Which means getting hold of the Macbook, tearing it down, and then what the heck just installing some code on the battery?

Somehow, I'm really not threatened by this.

Re:Physical access?

[SomePgmr]

I only skimmed it, but it doesn't seem to say if he needed physical access to the battery to do this. Obviously the two must communicate (on-battery and OS), but it doesn't say if access was achieved on an in-use battery from the host machine.

Obviously this is important, because it changes the attack vector significantly. There's a big difference between being vulnerable to the battery manufacturer or if a random infection could push code to the battery (or even brick it).

Re:Physical access?

[Hognoxious]

Doesn't this exploit require physical access to the actual battery?

I'm not worried, mine has never been anywhere near a Chinaman.

Re:Physical access?

You mean after it was assembled?

Re:This why you NEED battry packs that can b REMOV

[Oh+Gawwd+Peak+Oil]

The article and Slashdot summary are about laptops, not iPhones or iPods. It is extremely easy to replace a battery on an Apple laptop. Just as easy as it is on other brands of laptop.

Re:This why you NEED battry packs that can b REMOV

[neongrau]

so you can have more than one battery bricked?

Write protect required

[DeHackEd]

I would argue that everything with writable firmware should have some kind of jumper on it (default: on) to write protect the firmware. Thus you can only patch firmware by inserting a jumper on the right pins.

Still, anyone should think twice before being told "short these contacts on your battery in order to enable firmware updates."

Re:Write protect required

[Lokitoth]

Unless you go with "You need to update the firmware," *DUMMY MODE ON* "so please bridge these two contacts with the jumper by opening up the case and moving that little thing over to the right one slot."

Re:Write protect required

Actually, it needs two things. A switch (better than a jumper), AND a cryptographically signed update using PKI. If an update can't be correctly decoded using the public key stored in the firmware, it won't be accepted. It can only be accepted if the switch is in the "enable" position. That way hackers have to get around both a physical restriction, and somehow get the private key to encode an update.

Re:This why you NEED battry packs that can b REMOV

[ioErr]

The battery on my MBP is built-in. I'd expect most other brands to allow you to replace the battery without resorting to screwdrivers.

Re:This why you NEED battry packs that can b REMOV

[Oh+Gawwd+Peak+Oil]

Oh . . . sorry, I checked and some newer models are not easy to be replaced. They require factory replacement. My MacBook Pro, which is a few years old, has a battery that is extremely easy to pop out, but unfortunately it seems like that's not the case with more recent models.

Re:This why you NEED battry packs that can b REMOV

[ego+centrik]

Windows PHONE has a battery? Wherefore?

Firmware should have a write-enable switch

[davidwr]

This is just one more reason why software that's not designed to be frequently changed should be write-protected unless the user sets a specific hardware switch.

If the hardware switch is in its default location - "protect" - it should be mathematically provable that the firmware cannot be overwritten.

Re:Firmware should have a write-enable switch

[gmuslera]

Writable firmware/BIOS, can turn vulnerabilities into nightmares. You don't have to write complex replacement firmware, just be able to write garbage there and turn millons of computers,cellphones network/gfx cards and so on into paperweights.

Re:Firmware should have a write-enable switch

This is just one more reason why software that's not designed to be frequently changed should be write-protected unless the user sets a specific hardware switch.

If the hardware switch is in its default location - "protect" - it should be mathematically provable that the firmware cannot be overwritten.

Can someone tell me why this comment is moderated funny? a jumper on the motherboard could prevent any bios or firmware modification, I can open the computer case each time I have to update the bios, why is it such a stupid or funny idea?

Re:Firmware should have a write-enable switch

[Waccoon]

That would increase factory assembly time by 1.8 seconds, and manufacturing costs by 2 cents. Unacceptable!

One of the things I truly love about SD cards is that they have a write protect switch. This should be standard equipment on all memory cards, USB thumb drives, external hard drives, etc.

Re:Firmware should have a write-enable switch

[Trillan]

I didn't mod it as funny, but I admit: I'm trying to imagine a typical consumer opening an iMac every time a firmware update is needed. And I find it pretty @#$%ing funny. My dad can barely apply software updates as it is.

Re:Firmware should have a write-enable switch

However, the write protect switch on a SD card is only a request - the reader/writer hardware is free to ignore the request. In this they are no better than the write protect tabs on 5.25" and 3.5" floppies (IIRC, 8" disks used physical write-protect mechanisms).

Re:OSX is the least secure OS in mainstream use

LOL, Linux is hardly a fortress. Like Windows, it is as secure as you have it configured. Windows can be configured into a fortress, but is usually not by default. I don't think every Linux distribution is configured to be a fortress by default. But how can I know? The entire Linux distribution space is fragmented beyond any sort of standard.

I do agree that OSX is the least secure OS, though.

Re:This why you NEED battry packs that can b REMOV

[ChristopherBurg]

It's actually not that terribly difficult to replace the "non-replaceable" batteries in the unibody MacBook Pros.

requires root?

[v1]

Most firmware flashing requires the root password to perform, so I'm assuming that unless you're talking about removing the battery from the computer. So at least authentication is required for this, which lessens the threat considerably.

However, this is a very interesting angle. I can somewhat see where there's a password required for access, but it's more to keep the battery secure than the computer. Or possibly to prevent cycle-count tampering to get around warranty claims on consumed batteries that are still in warranty by calendar days.

So any bets how many days it takes Apple to push a security update that changes the password on any battery it sees? I can't imagine them letting this stand, and the password (on the battery end) is almost certainly in the firmware, so it should be changeable.

Re:requires root?

[chemosh6969]

SOP for Apple is to not acknowledge the problem. As we all know, pretending a problem doesn't exist, makes it go away. Eventually enough people complain and force Apple to acknowledge. Their acknowledgement will be to deny it's a problem and possibly say some other company has the same issue. A few weeks after that, Apple will release a patch to fix this nonexistent problem. Don't forget that Apple laptops aren't built to be able to run at full speed without a working battery and in fact only run a little above half speed. If you macbook starts running slow and you thought you had a working battery, you might have a problem.

Re:requires root?

[grimmjeeper]

Most firmware flashing requires the root password to perform, so I'm assuming that unless you're talking about removing the battery from the computer. So at least authentication is required for this, which lessens the threat considerably.

Right. Because a virus would never give itself root access...

Re:requires root?

[v1]

SOP for Apple is to not acknowledge the problem.

Until they patch it, yes. That itself is SOP industry-wide. It only attracts criticism when they drag their feet patching it, which Apple isn't known for.

You might want to read up on Apple Security

Re:requires root?

Which requires root which the virus would give it'self root which requires root.....

This simply means that the virus would have to be two fold, break the os security and break this security issue. If the virus has root access, well, your already screwed. This attack merely makes it much much harder to remove the virus AFTER the damage.

Re:requires root?

[grimmjeeper]

Which requires root which the virus would give it'self root which requires root.....

This simply means that the virus would have to be two fold, break the os security and break this security issue. If the virus has root access, well, your already screwed. This attack merely makes it much much harder to remove the virus AFTER the damage.

My already screwed what? Or did you mean "you're already screwed"?

A virus with root access can already do damage. The whole point of TFA is that this is not only one more thing that can be done, the damage that can be done will basically brick your laptop. With other viruses all they do is wipe out your hard drive. Once you reinstall the software you can use the laptop again. With this hack and the "permanently" installed battery your laptop is a brick and you're screwed.

Re:requires root?

[chemosh6969]

Instead of reading what the company says, I prefer to go by their actions. Actions speak louder than words.

Re:requires root?

Unless there's a crack that gets you root access or aspects thereof without the password, in which case it could still do terrible things. Including, likely, having the malware on the battery use the exact same crack to reassert control after an OS reinstall, possibly before any patches can be downloaded and applied.

Re:requires root?

[Trillan]

No. "SOP" is to not actually know about a problem until it's reported through Apple Bug Reporter. That's because they generally do not, in fact, know about the problem. Apple doesn't, to my knowledge, hire vast teams of web surfers to find every possible security problem posted anywhere on the Internet.

Once they have the problem, it's prioritized according to how severe the problem is, how easy it is to exploit, and (yes) how many people know about it. How many people know about a problem is part of its risk load. I've reported security problems and got prompt fixes for things few people knew about, both simple and complex. In fact, the longest I've ever waited is an exploit I reported in 10.5 that had to wait for 10.5.2. (My guess is that 10.5.1 was nearly finalized before 10.5 shipped.) I was even offered a security credit for something that dozens of people knew about that nobody had bothered reporting. And yes, they'll typically only publicly acknowledge the problem after a patch is available. That's SOP across the industry, really. (Though I don't think it's ideal.)

It all starts with a problem report, though. So what's the rdar:// number of this problem?

It's just astonishing how many people would rather attribute to malice things that are easier explained by a lack of information.

Re:requires root?

[chemosh6969]

Not really caring until forced by the public to fix an issue isn't malice.

Re:This why you NEED battry packs that can b REMOV

OMG! Don't make me RESORT to actually using a household tool!!!!!

Re:This why you NEED battry packs that can b REMOV

[YodasEvilTwin]

Opening a laptop case normally voids the warranty.

Upgradable firmware is upgradable...

[bledri]

News at 11.

Re:Upgradable firmware is upgradable...

[gl4ss]

in the modern world, that actually is news. I got plenty of devices with non upgradeable firmware(though the company that sold 'em originally could update)

Re:OSX is the least secure OS in mainstream use

The only way Windows can be configured into a Fortress is keeping it in the shrink-wrap. :) It's funny... laugh.

Ah Apple...

That bastion of security. LOL

FYI, they have more vulnerabilities than WIndows.

Re:Ah Apple...

[BitZtream]

Is it that they have more, or openly admit to and fix more?

I'm asking seriously, as an Apple owner, I'm aware of the statistics and that OSX is not at the top of the ladder in security.

I don't have a problem with exploit count when you're forging unknown territory, new ideas are going to be abused in new ways that we can't always see coming no matter how good we are.

I'm more concerned with what the chance of those things causing me problems than how many their are.

I don't worry about mac exploits for the same reason I don't on Windows, I don't put myself in harms way, and I admit, I also believe that OSX (just like Linux) is a much smaller profit to hax0rs than Windows, so they aren't going to waste their time with me. Its not cost effective to exploit me or a Linux box (desktop Linux, servers are obviously much more common and a valid target). We all know it can be done, on both, almost as easy as windows using 'user exploits' (i.e. make the stupid user run something that infects them rather than an actual exploit)

macs/apples are pieces of shit

[Steevee]

why people use apples and macs is completely beyond me. they're total junk. i'm forced to use one (macbook 'pro') where i work and i hate it. applications constantly crash, i can out type any application on the thing, the network constantly disconnects, i have to restart it several times a day...my 7 year old pc at home is faster.

these things are a total joke.

Re:macs/apples are pieces of shit

[armanox]

I can say the same thing about Windows 7 on an i5 Lenovo compared to my Macbook Pro 1,1. Well, the networking works on the Lenovo, but other then that...

Re:macs/apples are pieces of shit

[jo_ham]

Cool story bro.

I almost believed it.

Re:macs/apples are pieces of shit

[Freultwah]

They employ 13-year-olds now?

Re:macs/apples are pieces of shit

But a much better piece of shit than your post.

Re:This why you NEED battry packs that can b REMOV

[WrongSizeGlass]

But windows phone doesn't have spell check or working shift key.

Maybe you could hack the Win Phone's battery to install a spellchecker and a shift key.

Re:OSX is the least secure OS in mainstream use

[burris]

It would be a real shame if there was a major malware attack on OSX and Apple was forced to flip the switch to make OSX refuse to run code that isn't signed by Apple. That kind of stuff must keep people in Cupertino awake at night.

Re:OSX is the least secure OS in mainstream use

Good try troll, good try.

Re:This why you NEED battry packs that can b REMOV

The registry. Experience has taught me that everything in Windows is somewhere in the registry.

Re:OSX is the least secure OS in mainstream use

[makubesu]

If I install windows or some linux flavor on my mac, it doesn't mean this vulnerability goes away. It's a hardware problem, hardware made by someone besides apple. I'm not sure what this has to do with which operating system is most secure.

Re:This why you NEED battry packs that can b REMOV

[joocemann]

I can't believe you were modded 'troll'.

Ridiculous fanboys are without logic, dignity, or even common sense. You would think they would want an improved product, but that is not what fanaticism is about, I suppose.

Re:OSX is the least secure OS in mainstream use

I agree that many Linux Distributions are not necessarily more secure than Windows in their default configuration, though there are many things you can do to make Linux more of a fortress which you can't do on Windows. Examples are proper Mandatory Access Control, ASLR for every process, ... and since you have the source code of the entire OS, you can compile every program with protections (for example stack cookies).

Re:This why you NEED battry packs that can b REMOV

[joocemann]

Let me point out the obvious.

*so you can have a working battery again*

Lulz

[ae1294]

So does anyone know if the firmware can be upgraded to cause the battery to burst into fames? That would be funny and probably not covered by the apple warranty.

Re:Lulz

[markjhood2003]

FTA:

"I started out thinking I wanted to see if a bad guy could make your laptop blow up. But that didn't happen," he said. "There are all kinds of things engineers build into these batteries to make them safe, and this is just one of them. I don't know if you could really melt the thing down."

Re:Lulz

I don't think they could be reprogrammed to make the battery explode. I'm not sure what battery monitor they're using, but it sounds like one of the Texas Instruments "gas gauge" battery monitor family (just guessing because of the use of terms like sealed, unsealed and full access for the different modes which TI tend to use too).

The standard firmware that these things ship with allow you to do things like change the maximum and minimum operating temperatures so a hacker could shift the operating range to something outside of normal ambient room temperature and your laptop will refuse to run from the battery because the battery monitor is trying to protect itself. The user would assume they had a broken battery, buy a new one and then everything would be fine again. The Texas Instruments parts are also quite nasty because they use a boot loader running in firmware so their forums are full of people that accidentally overwrote the the boot loader and now have bricked the ICs. Once the IC is bricked then you have a 50/50 chance (depending on which way the battery monitor power enable lines default on reset) that the battery pack will be disabled.

Now, some of these parts are JUST battery monitors. The protection circuitry is on a separate device made of analogue circuits. If the computer is using one of these then no amount of firmware magic is going to make a cell explode. There are some parts from some manufacturers that combine bits of the protection circuitry with the gas gauge, which could be more vulnerable to being hacked. However, off the top of my head the 3 ways to knacker a Li-ion cell are

1) Undervoltage. You run the cell very, very flat, and eventually you get metallic deposits in the cell which cause short circuits and over heat the cell when you recharge it later. Your average laptop probably has an under voltage lock out on its internal regulators to stop dodgy cells frying the regulator MOSFETs so a hacked battery monitor still wont help you to run a cell extra flat. And even if you do, these deposits take months to build up and can happen naturally from leaving your battery unused and uncharged for long periods anyway. So in effect, dodgy firmware can't make things much worse than they already are.

2) Overvoltage. Again, the laptop's internal battery charger isn't likely to stick too many volts on the cells as it takes its own cell voltage measurements anyway, so messing with the battery monitor won't do much.

3) Overheating. Overheating can lead to high pressure in the electrolyte. This is dealt with by a physical pressure release valve in the cell which is nothing to do with firmware.

So, I can believe that a hacker can brick your battery, but not cause your laptop to burst into flames through this method.

Vern

Re:Lulz

FTA:

"I don't know if you could really melt the thing down."

Why does nobody want RTGs in their laptops? Battery life of centuries!

Re:This why you NEED battry packs that can b REMOV

[mschiller]

Actually this may not be a vulnerability in units without a removeable battery. When a Lithium Ion [or polymer] battery is removable manufactures install microcontrollers with firmware to orchestrate the safety system and do battery life management. This firmware is often provided by the pack subcontractor rather then written by the larger system manufacturer...

The pack has firmware for two reasons:

1) There is a variety of failure mechanisms that can cause fire and explosion with Lithium Ion batteries. When the uC detects one of these is occurring the battery is either temporarily or permanently placed in "Safe" mode. This disconnects the battery from it's terminals. Since on units with removable batteries these conditions can occur outside of the unit, these important safety functions must be built into the battery. Your typical Cell phone battery has three or more terminals for these functions [even though only 2 terminals is needed to charge/discharge the battery]
===> Another safety concern is "fake" batteries which often don't have these safety features, so often the uC authenticates itself to the Laptop before it can be used. This protects from counterfeits and also makes the laptop manufacturer money on replacement batteries.....

2) Charge Cycles and battery capacity information is also stored and calculated. This information is provided to the higher level system, when the battery is inserted. This is important so your Laptop can guess (relatively accurately) how much time is left even after you change the battery to a possibly degraded or partially charged spare. [Current monitors detect how much power goes into the battery and how much is removed. Based on historical information from previous charge/discharge cycles a good guess on the remaining capacity can be made]

Things are different however in units with a non-user serviceable battery. A lot of the safety concerns can be explained away and not protected against, since the battery is in a more protected position (this all comes down to lawsuits, if you can say the user tampered with the unit and prove it then the company is off the hook...). So often they will have a "dumb" charger connected to the battery with most of the safety functions removed. A special purpose capacity monitor chip (without firmware) can be used for the power monitoring feature. Thus in a lot of systems you don't need the uC (and thus the firmware) at all, if you assume the battery can't be tampered with...

Re:OSX is the least secure OS in mainstream use

[maxwell+demon]

The only way Windows can be configured into a Fortress is keeping it in the shrink-wrap. :) It's funny... laugh.

Windows kept in the shrink-wrap is easily hacked. All you need is an ordinary axe.

Re:OSX is the least secure OS in mainstream use

[jo_ham]

Cool story bro.

Re:OSX is the least secure OS in mainstream use

[drsmack1]

I'm guessing you hit reply before you engaged the reading comprehension engine in your head. Still felt the need to say something so that your effort was not wasted I see. Sort of sad really.

Re:OSX is the least secure OS in mainstream use

[drsmack1]

It's hard to separate the OS from the platform when it comes to Apple. I'm reasonably sure that my Compaq laptop battery does not have firmware that is accessible by malicious code. Reasonably. :)

Offtopic

[WD]

This issue has absolutely nothing to do with OSX.

Re:Offtopic

[drsmack1]

Certainly it does - it points out the fact that OSX provides unfettered access to the battery firmware. The idea that battery firmware even *needs* a password is a little frightening.

Lets make a bet. I wager 100 quatloos that if Apple issues a fix, it will be to the OS and not the battery firmware.

Please reply, it would be cowardly not to.

Re:OSX is the least secure OS in mainstream use

I'm cutting you off, you've had plenty of Kool Aid.

Firmware should also have an "unbrick" mode

[davidwr]

Every computer or computer-like device that isn't so cheap that you can just throw it away should have a "factory reset" procedure that doesn't require a lot of technical skill, but which does require physical access.

Here's how it might work on a typical PC with write-able BIOS:

BIOS has 3 or 4 sets of code:
* Mini-bootstrap, which is read-only.
* Rescue code, which is read-only.
* Active boot BIOS, which is read-only except when either the "flash bios" or the "rescue me" jumper or switch is turned on.
* [optional] Copy of those parts of the BIOS needed after boot loaded into temporary memory by the OS

Normal boot sequence is
Mini-bootstrap -> Active boot BIOS -> whatever the boot BIOS loads next.

The purpose of the Mini-bootstrap is to validate the Active boot BIOS and only allow booting to continue if the Active boot BIOS passes an integrity check OR the "validation bypass" switch or jumper, if any, is on. Apple and other locked-device manufacturers will not have this jumper.

When the "rescue me" jumper or switch is on, the boot sequence becomes
Mini-bootstrap - > Rescue code

The rescue code's only job is to validate and copy replacement BIOS code from a defined location, such as the first USB port that has something plugged into it that passes the validation check (or the first USB port, if the "validation bypass" jumper or switch is set), over the existing Active boot BIOS and zero out any remaining bits.

The mini-bootstrap and rescue code and the hardware needed to run them should be simple enough that you are extremely highly confident they are free of bugs that keep them from doing their jobs.

The "normal" BIOS-flash routine would be as it is today, which on most computers is done either within the BIOS user interface or through the operating system's user interface.

By the way, I am very aware that most validation techniques can be defeated with enough time and effort, so this technique will only keep a device "locked" but at the same time "rescue-able" if the validation technique's secrets are kept secret until the device is considered obsolete. In other words, 2-5 years for many devices, a bit longer for home computers.

Re:Firmware should also have an "unbrick" mode

[VortexCortex]

A sound plan; I had a similar idea, except that there would be an unused read only copy of the factory BIOS that the "rescue code" operation would simply duplicate into the "Active BIOS" area -- This way you wouldn't even need the external recovery image (on a USB or disk) in order to fix a corrupted BIOS.

Re:Firmware should also have an "unbrick" mode

[drinkypoo]

Dual BIOS has become a common feature on PC motherboards. I don't know that the idle BIOS is actually write-protected, but it ought to be an easy hack (disable the most significant address line!)

Re:OSX is the least secure OS in mainstream use

[jo_ham]

No, I just posted something of equal value to your post. You certainly aren't interested in discussion but it's clear you wanted some interaction.

Re:This why you NEED battry packs that can b REMOV

[ColdWetDog]

The battery on my MBP is built-in. I'd expect most other brands to allow you to replace the battery without resorting to screwdrivers.

Screwdrivers are scary to you or something? I pulled the back off of my new MBP - took all of 5 minutes. Now, if you're one of those relatively few people that swaps out batteries to keep working, then a new MacBook isn't your best choice. You only have a couple of hundred others. For the rest of us, replacing a used up battery every three years (and cleaning out the fans) isn't such a hardship.

Re:This why you NEED battry packs that can b REMOV

[SuricouRaven]

IIRC, it's not a household screwdriver. It's a tamperproof screwdriver, which is officially sold only to approved companies who use the tamperproof screws in their products. Not that this stops you buying one on ebay... there is always a grey market for something like that.

Begging the question...

Can the battery be programmed to explode ?

Re:Begging the question...

[Lokitoth]

All you have to do is program it to never stop "charging." I would imagine that would not do anything good for the battery - at the very least it will continue heating it until something fun happens.

Re:OSX is the least secure OS in mainstream use

[drsmack1]

You must be judging my interest in discussion from some other post; there was nothing to discuss in yours. It would be disingenuous for you to argue differently. If you have an opposing argument I would be happy to consider it.

You may be suffering under a misconception though; I work on a lot of different platforms. Each has it's merits. The closest thing to being a fanboy that I ever exhibit would be for the music of ELO.

See:
http://www.rantsandpranks.com/2010/09/genocidal-hp-tech-support.html
http://www.rantsandpranks.com/2010/09/i-attack-country-of-norway-and-win.html
http://www.rantsandpranks.com/2010/11/joes-wife-got-rooted.html

Re:OSX is the least secure OS in mainstream use

[Anubis+IV]

I could write all about over generalizations and bad metaphors, but I'll avoid that, since your comment does a good enough job of demonstrating your hyperbole and rhetoric without me having to add my thoughts. Instead, I'll link to someone who disagrees with you and cites experts who disagree with you.

http://www.theregister.co.uk/2011/07/21/mac_os_x_lion_security/

Now, I don't know enough about all of the Lion security upgrades to say that I necessarily agree with the article's claims that Lion is as secure as a mythical Windows 7++ or is the most secure OS out there, but to suggest that it's the least secure OS is insincere and illogical for you to have said, and deserves reexamination. You cite Linux as a fortress, but then provide no reasoning other than occasional breaches, which applies equally well to Macs, meaning that the number of breaches isn't the distinguishing feature between secure and insecure for you. If you want to suggest that Macs get by only thanks to security through obscurity, the same could be said of Linux, which enjoys even more obscurity, so calling one a fortress and the other the least secure wouldn't make sense if that were your criterion either. That only leaves the inherent design of the OS itself, but many of the security checkboxes that Windows and Mac OS have been ticking off these last few years are not present by default in the most popular Linux distros (e.g. ASLR isn't in the normal Gentoo distro). I can't find any logic in your comment that would justify calling Mac OS the least secure while referring to Linux as a fortress, which isn't to say that you're necessarily incorrect, just that your stated reasoning is flawed.

Also, I think you've forgotten an important distinction. I've always made an effort to educate people on the difference between security and safety when determining risks involved. A house with bars on the windows and locks on the doors is secure, but if it's in a high-crime area, it's not safe. Conversely, a house lacking bars and locks is insecure, but if it's in an area with no crime, it's still safe. Regardless of your thoughts on Mac security, Macs have enjoyed a great deal of safety in recent years, and safety really is the more important metric, since it talks about reality as opposed to mere possibilities.

Now, that's not to say that security should be ignored. Far from it, in fact, and I want to make that perfectly clear, since the potential does indeed exist for massive damage to be done in an insecure area even if it was previously safe. But the pendulum swings the other way too, and people who repeatedly decry something that is safe for reasons that fail to come to fruition are just made to look the fool. That Apple has improved the security in Mac OS significantly in the last few years should further allay any of those concerns.

Re:OSX is the least secure OS in mainstream use

[SuricouRaven]

Windows server is configured to be secure by default. The other versions are certainly not. There is always a tradeoff between security and convenience for the user. MS sides with security on the server default, and convenience on the non-server default. This can be seen in hundreds of tiny little decisions.

To name just one random example, Windows Media Player can run scripts embedded in WMA/WMV/ASF files, and does by default - a feature intended to allow for DRMed files to fetch licence information from a website, but in practice used mostly by p2p-propagated viruses and malware. On the non-server versions of windows, playing a .mp3 file (As WMP doesn't go by extension to identify file type) can easily be enough to pick up something nasty. On server? Media player isn't even installed. Nor, for that matter, is the service for audio enabled by default.

the concept of 'device management'

[TheGratefulNet]

I used to work on 'network management' and the NMS systems would drill down and do queries on the equipment in the rack. equipment usually would support an 'environmental' data set that includes dynamic info (volts, current, fan-flow, temperature) but also static info (serial #, vendor #, batch #, pcb version, firmware version). its useful to have that.

I learned from experience that the closer to the device this info lives, the better. there can be multiple NMSs that walk the network or poll devices. if the info is stored 'in the cloud' (barf..) then all the NMSs have to replicate and share that info. otoh, when you keep the info on the device, any NMS can get at the info and the info is more 'definitive' (the closer you are, the more you 'own' that info that describes you).

connect this to batteries. these are devices that could benefit from unique-id's. if the battery is removed from one of your laptops and used in another, the charging history, last charge timestamp - all that would be *on* the battery and the local o/s could use it or the local charging station could use it. it 'belongs' more on the device than on some remote system. this is one reason to have a chip 'in there'.

the down side is that many (most?) 'chipped batteries' exist to lock you OUT of doing things you want, like finding a 2nd or 3rd source for the battery. panasonic was a good example: they once were open and while not officially endorsed, you could find $5 ebay cheap knockoffs instead of the $50 vendor rechargeable. well, the good times ended and they 'pulled a sony' and now pany batteries are chipped. 'for your protection' but they are authentication chipped for vendor lock-in (or lock-out, depending on POV).

there's good and bad. the 'remote element mangement' engineer in me likes having the info really on the device. but the authentication 'chipping' of batteries sickens me to no end.

Re:the concept of 'device management'

[kybred]

... now pany batteries are chipped. 'for your protection' but they are authentication chipped for vendor lock-in (or lock-out, depending on POV).

Sometime 'for your protection' really means for your protection. If you put some cheap knock-off battery in the device, maybe it has different charge characteristics and the device will over-charge it, which can cause all kinds of problems.

Re:the concept of 'device management'

[Rich0]

Or, maybe it works just fine but it undercuts the vendor's market.

I'm not a big fan of protecting consumers from themselves, or vendors from competition.

And, why can't we just have standard-size batteries anyway? That and standard size oil filters while we're at it...

Re:the concept of 'device management'

[Nethead]

Thank the imaginary friend that SNMP didn't report the status of every spit-jet cartridge!

Re:the concept of 'device management'

[Whuffo]

There's undoubtedly good reasons for vendors to lock out counterfeit or "used up" batteries. Unfortunately, the average corporation has the moral sense of a 2 year old and will quickly identify this as a revenue opportunity. Just make sure nothing other than the official high priced battery will work, and expire it early just to make the pot sweeter.

Re:the concept of 'device management'

[BitZtream]

Or, maybe it works just fine but it undercuts the vendor's market.

I'm not a big fan of protecting consumers from themselves, or vendors from competition.

They are protecting consumers from this:

http://www.youtube.com/watch?v=YCWdnjLqVWw

Which is a distinct possibility if you end up with a shitty chinese counterfeit. I'm all for protecting idiots from that, as I'm liable to be on the airplane with some moron who tried to find the cheapest fucking battery they could, which they ordered direct from china since we'd never allow that sort of shit to be sold here.

Second, if you can pay $2500 for a laptop, you can pay $100 every couple of years for a new battery from Apple, they really aren't THAT much more expensive, even if they are ripping you off. I'm not against others companies selling ACCEPTABLE batteries.

And, why can't we just have standard-size batteries anyway? That and standard size oil filters while we're at it...

Sure, we can do that, and your iPod will have the same battery as say ... my RC heli or my rc cars, or my laptop. And I seriously doubt you want to put the oil filter on either one of my vehicles on your car, unless you like over kill. Between my big ass truck with matching big ass oil filter, and my sports car with its high flow rate requirements, I'm fairly certain you don't want to have large portions of your car redesigned in order to make room for them considering that are probably both far larger than yours (assuming typical passenger car).

The point? We have standard sized batteries where we can, but different requirements require different components. Part of the design of these batteries is just FITTING INTO THE SPACE PROVIDED. A lot of laptop batteries are built to fit, the laptop is not designed around the battery, the battery is designed to fit in the space the laptop has available. Standard sizes would change the design requirements. Apple specifically cares about form, I don't think they are completely form over function, but I'll admit they seem to be pretty close, so you're never going to see Apple give up form for standard.

In principle I am 100% in agreement with your post in every way. I can not stress how much I agree with you in principle. Its just not possible from a practical perspective, and companies being greedy makes it worse.

Re:the concept of 'device management'

[Rich0]

I'm not against others companies selling ACCEPTABLE batteries.

And yet, that is precisely what this sort of thing prevents.

That's OK, I'm sure you'll have an excuse for Apple when some virus comes along and airplanes all over the country start looking like that youtube video...

Re:OSX is the least secure OS in mainstream use

[jo_ham]

No, you really aren't interested in discussion:

To argue anything different would be to argue that Bakersfield, CA is more secure than NYC because they have had no terrorists crash their planes into buildings there.

So, your position is that your opinion is fact, and no amount of arguing will change that.

To all the apple guys out there who tell people that macs are inherently more secure than PCs - shame on you. And if you are a mac user who takes exception to that last sentence, be a flagrant non-conformist and re-read it before you hit the reply button.

Frothing anger whilst you type some variation of "I never do that, how dare you flame ALL mac users" makes you look like a entirely different type of fool than the ones described.

Again, your position here is a pre-emptive ad hominem. You're clearly not interested in discussion, you just wanted to flame Apple.

You cannot start from the position of "I am right, and if you try to say I'm not, you're a clueless fanboy who should be ashamed of holding a different opinion to me" and expect to be taken seriously.

Re:This why you NEED battry packs that can b REMOV

[Guy+Harris]

This why you NEED battry packs that can be Removed from the systems.

Windows PHONE has this.

An operating system has removable battery packs?

Perhaps what you meant is "some (or all?) mobile phones not from Apple have this"; not all such phones run Windows.

Re:OSX is the least secure OS in mainstream use

[drsmack1]

I regret not being more specific in my original post. I consider linux to be a server OS, and server builds of linux are generally very secure by default. Desktop versions of linux often have MANY security flaws - but who cares, very few people use it.

I purposely did not use the word "safety", and by your use of it you are trying to change my argument into one you can attack.

Please re-read the sentence that I purposely emphasized by asking the reader to re-read. I spoke only of zealots who tell people that OSX is *inherently* more secure.

Most of your argument applies to subjects I did not touch on. A bit of a waste of typing by my lights.

As for your claim that OSX has improved it's security in recent years - *how could you know that*? Because you read it somewhere? The people at Pearl Harbor probably had vastly superior security in 1941 than they did in 1930 - a fat bit of good that did them.

You can't judge security in a vacuum. Linux as a server OS is under a constant barrage of attacks. Windows as both a server and desktop OS is under a constant barrage of attacks.

OSX in under about the same volume of attacks as Bakersfield, CA.

Re:OSX is the least secure OS in mainstream use

[drsmack1]

And yet you still have nothing to add to the discussion. I stand by my original reply to you.

Re:This why you NEED battry packs that can b REMOV

I can't speak for other countries, but not in the USA. In the US, they can only void the warranty if they can show that you caused (or probably caused) the damage. They may tell you you've voided the warranty, and they may even try to refuse, but if you take it to court, they almost always have to honor the warranty and pay your court costs.

Re:This why you NEED battry packs that can b REMOV

[Tetsujin]

The registry. Experience has taught me that everything in Windows is somewhere in the registry.

Where's the registry?

one hack to ruin them all....

[pbjones]

If it's a problem at Apple then it's a problem with a number of other hardware devices that use the same battery controllers, so your windoze laptops isn't safe either. Someone could also hack my Logitech Mouse and brick it too, or any number of peripherals that have upgradeable firmware, like my router, printer, keyboard, the list goes on.

Re:one hack to ruin them all....

[drinkypoo]

The problem here was the use of a default password. It's easy enough (some might even say trivial, by modern standards) to have a different password for each device. Each device has its own S/N so when it is flashed the password can be set to something unique, and an online tool which can deliver the password can be used for battery firmware updates, or an online tool can be rolled which will spit out an updater application which will only work for your battery, after you put in your SN, which is probably retrievable from the OS. So this is not an inherent problem of flashable hardware, only of flashable hardware built by incompetents who do not understand (or care about) security.

Re:one hack to ruin them all....

[sabt-pestnu]

While they modified the mouse hardware to do it, using a mouse as a malware vector has been done before.

Re:one hack to ruin them all....

The problem here was the use of a default password. ... or an online tool can be rolled which will spit out an updater application which will only work for your battery, after you put in your SN, which is probably retrievable from the OS. So this is not an inherent problem of flashable hardware, only of flashable hardware built by incompetents who do not understand (or care about) security.

I see what you did there!

Note to self

[Culture20]

Remove batteries from Apple laptops when reimaging them (until after all patches are applied). Sigh. And here I thought it was just the Apple keyboards which were a potential malware nest.

Decades old news

[pbjones]

BTW, Apple batteries have had firmware for the last 10-15 years, so your info is a little late.

Re:Decades old news

[Gaygirlie]

BTW, Apple batteries have had firmware for the last 10-15 years, so your info is a little late.

It's not the issue of there being firmware, it's the issue of the said firmware being rewriteable through software without any kind of physical interaction needed.

Re:OSX is the least secure OS in mainstream use

[Anubis+IV]

I wasn't attacking with my last two paragraphs (aside from the comment about decrying), nor was I attempting to twist your security comments into something about safety. Rather, I was merely attempting to add some additional information in a tangential direction that I thought might be nice to touch on, if not for you, than for anyone else who came along and read it. So, yes, wasted words, perhaps. I don't mind.

I caught your "inherently" comment the first time, and I understood your intent. I never tried to defend the types of zealots you spoke of, nor did I disagree with what you said there. In fact, to the contrary, I agree with what you were saying there. That said, I was trying to point out some degree of hypocrisy on your own part in denouncing those zealots while making similar-ish statements regarding Linux without providing any justification.

As for the rest of your response, you mention that we can't judge security in a vacuum, and I certainly don't disagree, but I do disagree with your assertion that Macs face no attacks. You may criticize me for believing something because I read it (despite the fact that I stated I was skeptical), but at least I had the decency to cite something when making a claim. You've repeated this idea that Macs aren't under attack without providing any factual basis for the statement.

It's well known that Macs attract a more affluent demographic, and they have an installed base in the tens of millions, making them a juicy target. They share the same Internet as the other OSes, so they're just as accessible to the attackers. So, we have a juicy target that's able to be accessed just as easily as the ones you claim are under frequent assault. Why wouldn't it be under attack?

Re:This why you NEED battry packs that can b REMOV

[Bing+Tsher+E]

if you're one of those relatively few people that swaps out batteries to keep working, then a new MacBook isn't your best choice

Brilliant. That text should be included, maybe a bullet point, in all of Apple's marketing literature.

So, can we fix bad batteries then?

[wierd_w]

One of the problems with LiON cells is that the logic controller can get the wrong impression about the state of the cell it is controlling. (This is for various reasons, but the most common is that it uses a function of charge/discharge time, and voltage output per cell to determine if the cell is bad or not.)

Some charging solutions "Pulse charge" a cell to bring the voltage back up to the point where the charge logic will turn the cell back on again, but this is dangerous because the pulsing can make lithium dendrites in the cell. (Solutions like "Battery conditioners" that try to revive "dead" batteries.)

By being able to hotwire the firmware, you should be able to force the charge logic to re-enable cells using a more sophisticated host-processor controlled logic formula, to better detect truly bad cells, and turn "Not really bad, but miscalibrated" cells back on again.

Such a thing could be a very hot seller, especially given Apple's proclevity for insisting that batteries never be removed or serviced.

But yet...

Apple will continue to propagandize about how 'secure' their computers are. When even the BATTERIES can be hacked.

Re:But yet...

[Travelsonic]

It is in fact true that any computer, any system can be hacked, infected, etc, it is also true that malware that rages hell on the average Windows O/S *seems* to be bit easier to clean up on a mac OS - in my opinion probably from the design inherited from its Unix core. Something a hardware vulnerability that could exist for ANY O/S, computer system with this kind of tech.

Re:But yet...

[Travelsonic]

* can not completely negate AT ALL.


*/. cut off my sentence >,_,

Looks like..

[flibby]

the shine's off the Apple!

Battery auth IC?

[BillX]

It wasn't mentioned in the article, but I'm curious whether this is a custom-for-Apple microcontroller/firmware, or one of the several off-the-shelf battery authentication ICs currently on the market. Firmware on a battery is not entirely suprising - charge management, capacity counting, authentication and various safety checks can be cheaply integrated that way, and a little serial bootloader onboard for emergency bugfixes is a "why-not" feature. In the case of authentication, some manufacturers are now using cryptographic hashes (one such chip has hardware SHA-1 built in) to function similarly to the lockout chips on Lexmark ink cartridges. The gadget can refuse to operate from aftermarket / "unauthorized" batteries, ensuring (depending who's telling it) user safety or vendor lock-in / planned obsolescence. Viable hacks for these give some promise that some lazy vendors' battery packs can be replaced usefully beyond the manufacturer's designated product lifespan :-)

Re:This why you NEED battry packs that can b REMOV

... You can't believe it? Really? Making an analogy to something different than a laptop in a blatantly obnoxious way is not being trollish, and is with logic, dignity, and common sense, whereas pointing out the absurd, and trollish nature makes you a fanboy without dignity, common sense or logic? That argument, ironically, is without logic.

The circle of life

[lucm]

After Windowsupdate.com, now it will be Batteryupdate.com.

Somewhere in a basement in Guangdong or Beijing, keyboards are already at work to create a new Blaster.

Re:The circle of life

[BitZtream]

A virus that kills the host before it can spread is a shitty virus. Blaster never wanted to kill the host, which is about all you can accomplish with this, temporarily kill the host.

macs suck

[Steevee]

here is the best part and the one we all hope for: " completely disable the batteries on Apple laptops, making them permanently unusable " and rid the world of these poor excuses for 'computers'......

Re:macs suck

EVERYONE HATE WHAT I HATE

Not in Favor of Apple

With the release of Mac OS X 10.7 I am firmly not in favor of the continued existance of Apple nor any of its top management.

I welcome the removal from existance of all of Apple's top management and the iCloud Facility in North Carolina IS by assination and nuclear bombardment, respectively.

May the homeless in Mumbi and Oslo receive payment from the blood money of the victums of the Dept. of Homeland
Security and US Executive Office (Obama) shenanigans mounted in Norway.

Hardi Har Har.

BSD not Linux

[sl149q]

One of the other problems is that Apple is running BSD in there instead of Linux so they wouldn't have to worry about GPL :-)

Why are battery firmware upgradable?

Apple seems to have the shittiest batteries which usually die when a new version of their operating system is installed.

If in this era you need to upgrade your Li-ion load/unload firmware you suck at making batteries or you have alterior motives.

Reminds me of the 1541...

[jtwine]

Anyone remember the 1541? One of the things you could do was store data (code) in its memory that could survive a reboot of the computer itself. Retro malware, anyone?

Re:OSX is the least secure OS in mainstream use

[canavan]

The only thing about this story that keeps people in Cupertino awake ist the simple fact that people could use this vulnerability to reset the charge counter of the battery and try to file a warranty claim.

Re:This why you NEED battry packs that can b REMOV

[BitZtream]

My mbp runs for about 5 hours playing eve online without external power. Doing normal work is much better, web browsing will get me 10 from a full charge. I don't have a reason to swap batteries, no bullet point needed, there is only a problem if I go for days without power. Which happens when I go camping, intentionally getting away from technology ... No where in the civilized world have I ever run out of power on my mbp.

Perhaps you should stop buying shitty laptops that require a nuclear pile to run more than an hour or two?

Re:This why you NEED battry packs that can b REMOV

[BitZtream]

Yea... I have a unibody mbp. The hard part is the 3 screws at the back, they take at least 3 times as many turns!

Seriously, you just unscrew the bottom cover, unscrew the battery itself, one screw, unplug the battery. Revese process with new battery.

Total time? 10 minutes the first time you do it cause your looking at other things while your in there

OSX 10.7.1

[BitZtream]

Will include an EFI update which verifies the battery firmware and overwrites it if the firmware doesn't match on boot.

Of course, you need root to do any of this, and by the time someone has root on your machine, they can brick it in several other ways now days.

Well, okay, you can't really brick it ... but I'm using bring in the same sense as the article, where its used incorrectly.

It's all about curling

[lucm]

Allow me a curling analogy. When you don't have the advantage of the last play (the "hammer" in curling), then it is better to first build up your defense, then attack.

Now suppose that you find a weakness in a hardware component (such as a battery) and because of some dark agenda you want to use this to do extensive damage to a lot of computers. If you release your best attack immediately, you will do some damage, but then the vendor (or antivirus companies) will work on a fix and use their existing distribution channels to send this patch as quickly as possible to as many computers as possible. They have the "hammer". So instead what you do? You work on your defense first; you create a worm to disable the patch delivery (such as Windowsupdate.com), and once the patches cannot be delivered anymore, then you release your masterpiece and you do a lot more damage because the opponent cannot use its hammer.

Now did this actually happen with Blaster? I don't know. But it's the way to go, according to the curling handbook.

The obvious conclusion:

[Geminii]

Use non-Apple batteries when availability is critical. And given the same sort of corporate-entitlement-centered gimmickry is used on things like name-brand printer cartridges, perhaps the lesson is to use non-American knock-off products in general when you need absolute reliability.

Can he fix mine?

[NoseyNick]

Can he hack mine so they don't start expanding in disturbing ways? I've had 2 do that now, in just over 2 years.