Email Address Password
Remember Me

Or Create a (Free) Account.
2004JanFebMarAprMayJunJul Aug Sep Oct Nov Dec
2005 Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec
2006 Jan Feb Mar Apr May Jun Jul Aug Sep Oct Oct Oct
2007JanFebMarAprMayJunJulAugSepOctNovDec2007
2008JanFebMarAprMayJunJulAugSepOctNovDec2008
2009JanFebMarAprMayJunJulAugSepOctNovDec2009
2010JanFebMarAprMayJunJulAugSepOctNovDec2010
2011JanFebMarAprMayJunJulAugSepOctNovDec2011
2012JanFebMarAprMayJunJulAugSepOctNovDec2012
2013JanFebMarAprMayJunJulAugSepOctNovDec2013
2014JanFebMarAprMayJunJulAugSepOctNovDec2014

Sat 13th Mar 00:22 2010: Battery chargers exploit your PC shocker!

According to The Register, software to control your batter charger via your PC (for whatever reason you may want to do such a thing) has included a back-door which allows for "sending files to the remote attacker or downloading other strains of malware, as instructed via commands on a back channel controlled by hackers" since 2007.

Sure, most people don't care what runs on their PC or where it came from; if you need to go to www..com, download and run something you know nothing about, that must be fine, surely - especially when it's a brand name, like Energizer Batteries.

Here's their press report: http://phx.corporate-ir.net/phoenix.zhtml?c=124138&p=irol-newsArticle&ID=1399675

There is simply no way to validate what happened in the development process of this code, how developers were contracted, who worked on what, how, and why.

Compare this with (say) the Debian GNU/Linux distribution - planet.debian.org contains most of the packagers/developers' grumbles, debian.org/bugs contains the reported bugs, packages.debian.org contains links to source and binary packages included in the distribution - if you want to know what it does, you can find out.

I don't understand the concept that simpler is better when such things are involved - I don't know about you, but some of my PCs store personal financial information, information about customers and their server configurations - all sorts of things that I must not let some random employee of a battery company get their hands on.

Due Diligence must surely require running Free / Open Source Software. This is simply yet another example of this tautology.

Proprietary software has its place (until the revolution, comrades!), but it must come from trusted sources who can certify their work, and will take responsibility for such unforeseen side-effects.


Comments for 'Battery chargers exploit your PC shocker!'

You could post a comment if you were logged in.

You are logged in as 0

create an account

Steve's urandom blog
Share on Twitter Share on Facebook Share on LinkedIn Share on Identi.ca Share on StumbleUpon
My Shell Scripting Book:
    Shell Scripting, Expert Recipes for Linux, Bash and more
is available online and from all good booksellers:


DefectiveByDesign.org