Battery firmware hacking

Charlie Miller takes an in depth look at a common embedded controller used in Lithium Ion and Lithium Polymer batteries.

In this talk Charlie will demonstrate how the embedded controller works, reverse engineer the firmware and show how to completely reprogram the smart battery by modifying the firmware on it.

Knowledge is the life of the mind

What is firmware?

In electronic systems and computing, firmware is “the combination of a hardware device, e.g. an integrated circuit, and computer instructions and data that reside as read only software on that device”.  As a result, firmware usually cannot be modified during normal operation of the device.

Firmware is held in non-volatile memory devices such as ROM, EPROM, or flash memory. Changing the firmware of a device may rarely or never be done during its economic lifetime; some firmware memory devices are permanently installed and cannot be changed after manufacture.

Learn more about firmware

Article

It was never designed to be secure

Most of it is vulnerable for the same reasons the firmware the Equation Group targeted is vulnerable: it was never designed to be secure. Most hardware makers don’t cryptographically sign the firmware embedded in their systems nor include authentication features in their devices that can recognise signed firmware even if they did. Read more

Presentation

There is more of an administrator level access to it and there is a key for that. It turns out that Apple never changes those, so you can just look up on the Texas Instruments site and find what those passwords are and use them.

An interview with Charlie Miller during the Hacker Halted conference about his presentation ‘Battery Firmware Hacking’.

Article

These controllers can be hacked in a fairly straightforward manner

According to Miller, these controllers can be hacked in a fairly straightforward manner. By reprogramming the microcontroller’s firmware, a battery could report a much lower internal voltage or current, causing the charger to overcharge the battery. In Miller’s testing, he was only successfully able to turn a series of seven $130 MacBook Pro batteries into expensive bricks, but he told Ars that it may be possible to cause fire or even an explosion. Read more

Article

How the NSA firmware hacking works and why it’s so unsettling

ONE OF THE most shocking parts of the recently discovered spying network Equation Group is its mysterious module designed to reprogram or reflash a computer hard drive’s firmware with malicious code. Read more

Believe you can and you’re halfway there

A collection of videos organised or just select a video by the first impression.

That choice is up to you.

Just click and be surprised

Find what you're looking for