Saturday, July 23, 2011

Man-in-the-Battery Attack

The Man-in-the-Middle attack class seems to have had a brand new addition. Former NSA employee Charlie Miller, and currently a researcher at consultancy Accuvant, has identified a firmware exploit in Apple Macs that allows you take control of the computer through the microcontrollers of the battery by taking root control through the default passwords. He told Andy Greenberg of Forbes magazine:

“You could put a whole hard drive in, reinstall the software, flash the BIOS, and every time it would reattack and screw you over. There would be no way to eradicate or detect it other than removing the battery.” says Miller.

Charlie Miller plans on offering a tool to correct this potential security exploit at the upcoming Black Hat conference in August called "Caulkgun".

1 comment:

  1. I am glad that I saw this post. It is informative blog for us and we need this type of blog thanks for share this blog, Keep posting such instructional blogs and I am looking forward for your future posts.
    Cyber Security Projects for Final Year

    JavaScript Training in Chennai

    Project Centers in Chennai

    JavaScript Training in Chennai