I know this newspaper article sounds absurd. Even if a machine is compromised we (should) have hardware safe guards in all our devices to prevent the software from damaging the hardware. But is it possible to make a computer explode or catch fire? Has this ever been done?
In 2011 the news was reporting on HP Printers catching fire. HP Responded saying that there was a hardware element called a "thermal breaker" to prevent this from happening. The researcher never produced a burning pile of printer.
Also in 2011 Charlie Miller was researching the firmware on Apple's batteries trying to get them to explode or catch fire. However the worst he was able to do was brick the battery.
Edit Feb 2014 - CrowdStrike demonstrated an attack at RSA on a Mac which overrode temperature controls, powered off the fans and spiked the CPU usage in order to overheat the machine. And while this specific example was limited as fires are not welcomed in the Moscone Centre, the ateam state that they can cause the machine to catch fire.
Now lets flash back to 1985. The Therac-25 radiation therapy machine is killing people due to a bug in how the software interacted with hardware. An eariler model had "Hardware Interlocks" which prevented the operator from accidentally overdosing patents with radation.
All of the devices we use should have a hardware control preventing software from damaging the physical world.
But there are some systems where its impractical for hardware to prevent all damage to physical systems. This is the real fear behind vulnerabilities in SCADA systems. It maybe possible for an attacker to remove safety controls used by a power plant or put it into an unstable state.
An example of this happening in real life is Stuxnet being used to destroy centrifuges. There is some evidence to suggest that a hacker was the cause of a missile explosion at an Iranian Military base. So if the computer happens to also be a bomb, then yes, a hacker can probably make it explode.
It's taking me a few minutes to come up with something beyond, "That's patently damn absurd!"
But... I guess like many things, nobody would write it if somebody didn't buy it. My first thought from the formatting and related image is that this was sensationalist crud from a few decades ago. After all, that machine has a 5 1/4" floppy... but they're talking about Amazon.com, so it's not that old.
Sure, there have been instances of software failures killing people, but wholesale madness probably isn't going to happen. Most critical systems, like traffic lights and railroad signaling, have safety systems that back them up. Thus, you'll never see an intersection with opposing lanes having a green light. Even sprinkler systems rarely activate all at once -- that requires a special system known as a "deluge" sprinkler setup. I guess it just looks cooler on screen if they all go off at once.
Granted, Therac-25 is a memorable example of that being improperly designed. We've also seen viruses like Stuxnet that have caused some chaos for certain folks. However, "coming within 2 digits of a 37 digit code to launch nukes at five American cities" is complete bollocks. I mean, if they came within 2, did they know and tell us? Was the military aware of all the codes they tried?
Jack Sparrow: It's the Pearl.
Prisoner: The Black Pearl! I've heard stories. She's been preying on ships and settlements for near ten years. Never leaves any survivors.
Jack Sparrow: No survivors? Then where do the stories come from, I wonder?
If you're going to die in your home from your own technology, it's going to be because you have lousy wiring or some malfunctioning device and don't have smoke detectors (granted, this incident happened because of hot coals).
There's nothing your own PC can do to blow itself up. Unfortunate conditions can cause Li-ion batteries to blow, but not from software (again, interlocks unless the designer wants to go bankrupt). However, those critical interlocks are a consideration for industrial design, but more so for mistakes than for malfeasance. The idea that hackers are going to turn your computer into a bomb, though, is outright scare-mongering of the most pathetic kind.
In the old days of Linux, when a 14.4k modem was good and 28.8k was a treasure, and downloading slackware required whole nights, I (very young at the time) was rather worried by a small notice of warning relative to setting the frequency of the monitor in the .Xconfig file. A wrong frequency could, apparently, lead to a failure (and/or explosion!) of the monitor.
I never had the slightest problem with it and don't have idea if it really ever happened. But I am sure that it sounded scary. I think it was in some man pages.
See the red box under section 30.3.1.7 for an example.
Yes, they can catch fire, but not a real 'bomb'. When Li-ion batteries are over-volted / over-charged, they catch fire and burst. http://www.youtube.com/watch?v=z3o_2mwRPdw
It's conceivable that in the right circumstances, you can use software to cause this. It would require the computer (laptop) to be plugged in, with access to low-level BIOS system calls to control the battery power. The hacker would have to have intimate knowledge of the manufacturers board design. Usually, li-ion packs are built with an overcharge protection circuit inside the battery, but if it came from China they could have skimped by not including one.
Sometimes cell phones explode too. Ex. http://www.mediaite.com/online/man-rushed-to-hospital-after-his-droid-phone-explodes-in-his-ear/
This is most likely due to a short-circuit in the battery instead of an overcharge. It might be conceivable to initiate a short circuit or huge power drain through software, but very unlikely, as power delivered to the control board would fry it first.
It is possible to over clock your CPU/graph card or RAM by software. Overclocking most often results in more heat generated. This may result in hardware damage by heat. And in some cases by setting components (or actually the dust on the component) on fire.
I have never seen it happen. And it is not really a bomb or an explosion. But nevertheless very unpleasant.
More on this http://www.buzzle.com/articles/dangers-of-overclocking.html
@Brad I heard that there used to be a virus floating around that would spin up a certain type of hard drive well beyond its rated speed, causing it to destroy its own disks. This was way back when hardware allowed you to do silly things like that, now you couldn't get a hard drive damaging itself without hardware modifications.
Even a hard drive spinning itself apart wouldn't be that spectacular, kind of underwhelming like when a car engine blows. Its just like loud clicking noises and then the thing doesn't work anymore.
Short, empirical answer - NO
None of potentially "exploding" components (CPU, GPUs, capacitors) do not have sufficient power of the explosion to be dangerous to user
Yes! But...
For the first time ever, this is actually now becoming a possibility for every-day computers, thanks to the wide-scale introduction into most computers of a device intended for high energy-density storage: lithium-ion batteries. Obligatory XKCD:
Of course, we can't base an answer just on a webcomic (even if it is XKCD), but given the information in the answers to this question we can confirm that a laptop battery can indeed contain more energy than a hand grenade. This gives us a feasible avenue by which a personal computer may "explode". Of course we have two main obstacles.
Let's see which of the above challenges may be solvable:
Exploding Batteries
This one isn't actually hard to establish. Even in worst-case scenarios batteries don't normally explode, but rather burn (possibly rather quickly). However, a quick google for "exploding batteries" will show you plenty of examples of people intentionally causing their batteries to ignite, some of which could easily be considered an "explosion" from a non-technical standpoint. Puncturing batteries is one easy way to make this happen (that obviously won't help our hackers), but another way is to simply over-charge the batteries. Li-ion batteries are susceptible to spontaneous combustion as a result of over-volting and over-charging. As a result, all batteries used in modern electronics have built-in chips specifically designed to protect the batteries from the kind of voltage conditions that would cause a critical failure.
Hacking a battery
This leads directly to the question of whether or not a battery could be hacked into exploding. Causing a li-ion battery "explosion" may in fact be feasible if a hacker can control the chips that protect the batteries, and force the chips to cause an over-volt instead of protecting from one. The trouble of course is that these are separate and independent chips built into the battery itself, and whether or not there is even a way for a malicious computer to override these protective chips is a question that hasn't (to my knowledge) been well studdied. The only results I am aware of are from a security research back in 2011 who studied apple computers:
https://media.blackhat.com/bh-us-11/Miller/BH_US_11_Miller_Battery_Firmware_Public_WP.pdf
He discovered that (back then anyway) apple installed the batteries with the default manufacturer "password" still in place on the chips. As a result he found that he could in fact gain access to the chips protecting the battery and even flash the firmware. He published a POC showing how to flash the firmware on the battery protection chips. Theoretically this could allow an attacker to rewrite it in such a way to cause it to intentionally overvolt the battery itself, leading to fire or a close approximation of an explosion. The researcher in question suggested these as realistic possibilities, but made no attempt to overvolt batteries and see what could result from doing so. I guess not everyone wants to be the one to publish a POC that demonstrates how to weaponize everyday computers...
Of course it still isn't necessarily a matter of "over-volt battery and instantpy explode". In videos of people intentionally over-volting batteries it certainly isn't instant and the batteries usually expand substantially before exploding. Over-volting a battery wouldn't be possible with the laptop unplugged, so if the laptop shows enough signs of trouble it would be simple enough for someone to unplug it and stop a potential disaster. All of this is to say that while this is potentially feasible, there are plenty of variables even still.
However, I think this does show that hacking a computer to cause an "explosion" is a possibility given the right circumstances. Probably the most straight-forward way to do it (for a directed attack) would be to build a hacked battery designed to overvolt once some "trigger" is met, and then swap out a target's battery with the hacked one. Presuming of course that they have a laptop with a swappable battery.
Hacking a battery remotely
Hacking a battery remotely will require another level of challenge, and may not be possible for all systems. My reading leads me to believe that the researcher in 2011 would have been able to remotely overwrite the battery controller firmware once he gained remote access to the mac in question. This suggests that a remote attack may in fact even be possible. However, we're talking about firmware-level hacks here, so the vulnerability level will vary wildly from model-to-model, and there certainly wouldn't be a one-size-fits-all solution that a hacker could use to remotely "detonate" any random person's computer.
So overall I would say:
Plausible: Yes!
Possible: Maybe!
A realistic threat: No!
This may be urban legend but I suspect there is some truth to it...
Once upon a time hard drives were big. Really big. Like the size of a washing machine or mini fridge.
Legend has it that because of the size of the platters, it was possible to get them to spin/stop in such a way so as to start moving the case around, or even to make them "walk". Because disk access was more direct back then, programmers could actually write code that would make them move - usually to the detriment of the data, of course.
I originally read about this in The Devouring Fungus. You can find it discussed on the Internet, of course, such as at Snopes (to no firm conclusion). It presents an eerie parallel to the centrifuge destruction wrought by Stuxnet.
Based on my experience with my own washing machine, I find it reasonably likely.
There is definitely some truth to this. Back in the day of the floppy disk, namely 3.5" floppies, I vaguely remember reading something about using ground up tips of match sticks and glueing it to the media inside of the disk. I googled some keywords that I vaguely recall and came up with http://www.overclockers.com/forums/archive/index.php/t-168027.html
I never tried it, but now since I have all sorts of OLD computer equipment that will go to the recycling yard, I might just try it before I do.
I'd say it's plausible and we do have the technology, but it would have to be intentional on a physical level with the exception of the exploited firmware on certain printers. I don't see a way to say speed up a hard drive to the point of catching fire WITHOUT physical modification and the intention to do so.
See also Is it possible to permanently damage the hardware by software? for more discussion of "halt-and-catch-fire" (HCF) instructions, overclocking of various pieces of hardware, etc.
In short: it's possible to trigger a meltdown scenario in a machine if and only if the combinatorial explosion of hardware makes it possible to... err, physically explode the machine. Cue the citation of innumerable examples of potentially dangerous scenarios here, from the full gamut of answers already provided.
In practice, the intersection of some form of unintended unsafe operational hazard and an exploit scenario is very low, but it should be checked for. Government and private oversight prevents most of these potentially hazardous scenarios, and you can prevent many more of them by simply being an informed consumer.
So, the bottom line is while it's theoretically possible, the concept doesn't generalize. If it did, we'd already be dead by script kiddies exploding machines "for the lulz."
Although SCADA systems have already been mentioned in other answers, the example I always think of is the intentional sabotage of a Soviet pipeline via software.
At the Abyss (Wikipedia):
In the book, Reed stated the United States added a Trojan horse to gas pipeline control software that the Soviet Union obtained from a company in Canada. According to Reed, when the components were deployed on a Trans-Siberian gas pipeline, the Trojan horse led to a huge explosion. He wrote: "The pipeline software that was to run the pumps, turbines and valves was programmed to go haywire, to reset pump speeds and valve settings to produce pressures far beyond those acceptable to the pipeline joints and welds. The result was the most monumental non-nuclear explosion and fire ever seen from space.
