Unbricking my MacBook took an email to Tim Cook(tokyodev.com) |
Unbricking my MacBook took an email to Tim Cook(tokyodev.com) |
I buy Mac’s specifically because for me this is a feature. I have backups. And if someone steals my laptop or I lose it, I’d much rather be out the money and the hardware and have it 100% bricked unusable and inaccessible, than have any possibility of my data getting accessed. (Not to mention making it worthless to the average petty thief).
Creating a work around, no matter how many N levels of authentication means there’s a hole for social engineering, and I’m definitely not a fan of that.
So it’s a trade off. If you don’t care about such level of security, then there are other laptop options, but please don’t ask Apple to start making their security weaker because there are those of us who want it this way.
And if you’re traveling with your laptop, put a password on it at least, and better yet encrypt it.
Just goes to show that some of us genuinely forget! Not all of us remember to re enable this stuff 0.2 seconds after we turned it off.
Edit: I'm sure HN already knows this but just adding in here: Apple doesn't accept devices for repair until Find My is turned off and that's why mine was disabled
OP specifically states this was a new M2, so it’s not possible unless he left it unlocked.
It might be possible if he never associated it with an Apple ID at all (literally the first thing the setup asks you to do, I’ve never tried not). Without an Apple ID though, you can’t update/upgrade the OS, download App Store software, use iCloud backup, iMessage, FaceTime, apple care, contact warranty support etc etc. And Mac is pretty good about bugging you to do this. So if he did this, saying just “I didn’t enable Find My” is a bit disingenuous.
So to be clear, you cannot reset a Mac without a login just because it does not have “find my” activated.
BTW, then he also admits “maybe I setup an iCloud account I don’t remember.” But his other linked article about this states “They presumably can see that my Apple ID is associated with it.” Ummm. If that’s the case, why doesn’t he recover the Apple ID first? So on closer inspection a lot of things don’t add up, other than the fault was almost certainly his.
Journalists. Human Rights Activists. Etc.
Or did this happen because OP forgot to setup FindMy when they first got the device?
Ownership is hard to establish in a world where selling 2nd hand and gifting items exists. Last thing you want is to facilitate a boomerang scam or give an abusive partner control over someone’s device.
As far as I know Find My is opt-out nowadays and while Apple could see if they could tweak the onboarding language a bit to warn people of potential bad outcomes, you want to keep onboarding clean in general and including all ifs and buts for every feature would make that impossible.
I think there’s also something to be said for the lack of curiosity amongst users these days. Apple publishes manuals for all their devices which go into great detail and get updated with every major OS update.
Devices also offer up a tour (macOS) and tips (iOS) that go over useful features. And there’s of course the option to look into features yourself.
They literally can lock you out at any time. Think different.
* The author's MacBook was lost/stolen
* Because the author hadn't set up Find My, someone else was able to reset the laptop
* When the author recovered the laptop, someone else had set up Find My and reported the laptop lost
* Because someone else had set up Find My, the author was unable to reset the laptop
* Apple refused to reset the laptop for the author, despite the author having a receipt for the laptop's original purchase
It's interesting to me, because it's actually an inversion of the whole "we don't own our devices anymore" trope. The author successfully begged Apple to backdoor an otherwise effective security and ownership protection.
Apple gave the author the tools to recover their laptop in the event it was lost or stolen, and the author consciously chose not to use those tools. Possession is 9/10ths of the law, and if you don't have Find My enabled it's 10/10ths of the law.
That means if someone else gains possession of your device, and you chose not to use Find My, there is nothing Apple can or should do to save you. How would they know who the legitimate owner is beyond possession or Find My? People sell used MacBooks all the time.
Just because the author was the original purchaser, doesn't mean they are the rightful owner. In this case I believe the author probably is the rightful owner, but I would rather Apple not be the judge of that.
This is literally only a problem for people too stubborn to set up Find My, who also care deeply about recovering their laptop if it gets lost. Think about how paradoxical that is!
Hell, Tandy may have been in the right. TRS-80 hardware was bodgy as all get-out and sometimes downright dangerous to open: the cathode on the CRT was dangerously close to the mainboard and likely to fry the computer, if not the user, if the user wasn't skilled enough to open the machine very carefully.
Good that they actually fixed it when he complained!
They also apparently sold a terrific "technical reference manual" that explained the hardware design and operation in detail and also included a parts list and schematics:
https://www.trs-80.com/wordpress/publications/manuals-servic...
I believe Apple used to provide schematics for its early machines as well.
But the reason the laptop was bricked was that someone other than the owner _deliberately bricked it_ (by turning on ‘find my’ and locking the laptop to a new iCloud account). It’s always been the case that a thief could break your laptop (and not return it!).
Additionally, the only reason they got their (non-functioning) laptop _back_ was that the thief realized they couldn’t unlock it and thought it was tied to the original owner’s iCloud account! If it had been working, I don’t think they’d have got it back.
I disagree with this. I have never enabled Find My because for privacy reasons I don't want my location being transmitted to Apple.
What would be better is some means of opting out of Find My being able to ever be enabled on my device.
If I ever sold my device I'd have to communicate that to the buyer, and I may lose some resale value, but that's a compromise I'd be willing to make.
I am not sure I see the feature being very useful. If you have lost your laptop without Find My enabled, and someone else gained possession of the laptop and wanted to activate Find My but couldn't because of this feature, you would still almost certainly not be able to recover the laptop. So what does the feature do?
Take this story, for example. If the laptop hadn't been bricked, it seems unlikely that it would have found its way back to OP.
What would be better is some means of opting out of Find My being able to ever be enabled on my device.
How would that work? A fuse inside the device? Seems like it would make the device vulnerable to an electrical hack.
Why would Apple develop such a feature anyway? I bet fewer than 1% of users would use it.
1) First article mentions: "I have a couple of theories though. I set up Find My with an Apple ID that I don’t remember"
2) Second article mentions, that he attempted to report this as a vulnerability bug bounty program and disappointed that it wasn't considered a vulnerability.
3) The whole premise of "an email to Tim Cook" looks like a clickbait. By the point when he sent this email, his previous blog post already reached the top of Hacker News. There is no indication that Tim Cook was involved. The email was processed by staff in Japan.
The combination of these 3 facts make the whole story look very fishy. Given that author does not remember if he configured "Find My" at all, consequent "we don't own our devices anymore" sounds like populism and appeal to sentiment rather than a logically valid inference.
No it isn't. "Find My" is controlled by Apple, not entirely by the user. The fact that it is possible for Apple to undo the lock proves that the device isn't controlled by the owner.
I agree
I think it's an inversion of the trope because this is presented as a good thing, and something that Apple should do more of.
Let’s say you didn’t know you had to take your new car in for an oil change? You ignore the warning lights and requests to service the vehicle. When the vehicle breaks down, I think it’s obvious that the car manufacturer can’t be responsible for fixing it for you.
To me, this is the same. The computer is functioning exactly like it should, locking him out is a feature for the vast majority of users, requiring some very basic knowledge to prevent/fix (as mentioned in my other comment, it’s hard to have what happened to him happen without circumventing security on the mac)
You said "anyone". GP gave examples.
If it works some of the time, that's valuable.
That said, yours is a completely artificial problem imposed upon you by the company you made a purchase from. You don't have the private keys to your own device, which means ultimately, your usage of that device is conditional on being in the good graces of a group of very wealthy, indifferent, strangers.
That, in, and of itself, is the issue at hand here, and while you've found yourself a favorable outcome, you're likely an exception to the rule.
The inability for a thief to just flash the device with fresh firmware and use it as if it were new is a key selling point of the device and might justify the higher price tag to some buyers.
0: https://old.reddit.com/r/applehelp/comments/13yn1o0/phone_st...
1: https://old.reddit.com/r/applehelp/comments/16fcd4c/recently...
Many, many users of these devices have rarely, if ever, had anything stolen from them. And as one such person, I don't want to hear a company tell me I can't even have the _option_ of an open device because "it's for my own good". I can damned well decide that on my own.
I, alone, have the keys to my laptop's drive. The device itself is cheap, and insured in most cases, so, if it gets stolen, no worries really.
For a macbook and a not-tech-savvy user, well, we exchange cars all the time, and cars have keys, usually some flavor of RFID included. Cars are less than perfect of course, but, most can add/remove keys given a set of conditions are met. I don't think it'd be outrageous to just have an iphone app that handles the key exchange upon sale. Mix that with a little user education, a little UX, and you're good to go. More or less that'd involve a user resetting the machine and part of that process would include de-enrolling their 2nd factor from the machine to prep it for sale.
That maintains all of the same functionality and then some.
One that doesn't literally make the device unusable in the case of a mistake. We protect far more valuable property with far less fancy mechanisms. If you're genuinely worried about theft, then you need layers of simple security, not a one shot nuclear bomb embedded into your device.
> The inability for a thief to just flash the device with fresh firmware and use it as if it were new is a key selling point of the device and might justify the higher price tag to some buyers.
Is that why people care about theft?
If you are permanently deprived of your rightful property, you are a victim of theft. Whether it's via EULA and private keys, or via street thug with a wrench, I'm not sure it makes any realistic difference.
b: Irrelevant. There is a value to the consumer, but it is not worth the cost. There are countless possible conveniences that could be made possible if you were just willing to let someone else have essentially power of attorney over your life.
c: Even if you want to say that there is a technical limitation making a: impossible, and you have a different opinion on b:, the laptop WAS ultimately unbricked, which means all arguments and excuses that were given up to that point to justify not unbricking were proven demostrably false.
I don't just mean they always had the physical ability, I mean the fact that they were ever eventually willing, proves that all along the necessary information existed to allow them to. If there are supposedly two facts: "We can't know it's really you." plus "For integrity and principle reasons, we can't do it if we can't know it's really you.", then even Tim Cook should not have done it no matter the publicity pressure. Tim Cook should have made it a big promotional selling point plastered on those big Apple billboards in NYC how they refused to do the wrong thing even in the face of massive public pressure. Instead, they did it, which means they could have done it in the first place, not just physically but logically.
It proves that they chose not to for reasons which are valuable to Apple and NOT to the user. Another aspect of b: value not worth the cost. Cost being being at someone else's mercy who you have no leverage over.
Instead, the keys are stored by apple and never returned to you.
A private key that is given to you upon purchase and that you can store in your password manager.
Of course, this approach only solves the biggest problem when your device is stolen (your data won't be easily accessible, if at all really). But I wager this friend of mine recognises that as the only thing that has any actual value in there. There are ton of devices out there.
It Apple's corporate greed that fuels that and government corruption that allows it.
First, this is a self-imposed problem; spread crime (theft) won't be solved by reducing the access.
Next, I could have an encrypted drive and a key stored in a key stored in a bank, or an USB storage, or print, or whatever. As a matter of fact, I do have such laptop.
And last - car thievery is still a thing in the EU, even though registering a stolen car is exceeding hard - they are either sold for parts... or exported to Russian (not so much recently for obvious reasons). Of course, Apple comes and tells that only they can repair the laptops/phones/etc. b/c of thievery and serialized parts.
Apple can afford to pay smart people to think for days for a solution. The solutions we will give here after 1 minute of thinking will not be optimum.
"They explained to me that the MacBook was wiped in the middle of August (after I had lost it) and then reported lost by a newly created iCloud account"
How can an unauthorized user suddenly claim ownership of a wiped computer and then "report it lost?" Why does Apple accept a loss report from someone who is not the owner of the computer? If this is actually what happened, there's no excuse for that glaring stupidity.
You'll rarely convince either side to change their mind on this. Its an issue that pokes at a really deep element of personal philosophy.
Here's my argument from the opposite side to try, however: Asking about how you can retain the anti-theft capability isn't relevant to the discussion, because sacrificing freedom for that, especially to the degree Apple does, is not worth any trade-off. This is the same right to repair issue that HackerNews, generally, derides John Deere for; the main difference, beyond Apple's psy-op level marketing, is that Apple hasn't pushed exploitation of this control as hard. But: They absolutely, undeniably do exploit many of the people within their system of control, not just indirectly ("the control is exploitation" is kind of a dumb argument), but very directly, between extremely high upfront costs, high repair fees, cryptographically refusing to allow third party parts, etc. Additionally: their self-control in pushing further exploitation is almost definitely a product of market success, because in the mega-capitalist system Apple lives in benevolence may be the result of culture or leadership, but it is allowed by market success, and denied during market failure.
A lot of that boils down to the original thesis; very fundamental personal philosophy. I don't believe, personally, that it is ethical for individuals or companies to do something unethical (non-negotiably asserting significant control over physical goods they sell) because it enables something ethical (reducing incidents of theft).
That might be controversial, which is fine. I think a point of that which is likely even more controversial is the argument that even asserting control over devices in isolation is unethical. I hope it isn't controversial, but I feel like it might be simply given the way the world is turning. That's a different topic of discussion; but in short, I think there's a strong argument that restricting freedom to independently modify and repair physical goods you purchase is a form of classism. Additionally, to turn the dial to 11 on this, that this assertion of central control has a very real, negative impact on national security.
Any anti-theft method needs to give complete and full control to the owner of the device so this kind of bullshit doesn't happen.
The fact that Apple doesn't provide a mechanism for the owner to gain full and complete control of his device at any given moment has more to do with Apple wanting to control their technology for ulterior motives.
We live in an age where corporations want to take away ownership, and we're letting it happen because we're stupid enough to think that they have our back.
I have a private key, not on the device, that matches a public key on the device. The device will not perform certain significant operations without a signature from my private key.
C'mon people, this is not rocket science.
Include the unlock key in the box the device was sold in, and in Apple's database. Tech-savvy users can, possessing the key, change it. Tech-unsavvy users can behave the same as they have now, even if they lost the key, as long as they didn't change it. So long as they don't carry the key with the device, all the anti-theft remains.
The freedom-respecting solution is literally trivial. The only reason it is not implemented is because Apple likes owning your devices.
This here is the misunderstanding. It's simply not possible for you to own Apple's computers.
Nothing more than the typical ‘hurr durr Apple bad’ commenting common on this site. Dull, pointless, not interesting.
I think apple is currently doing the best job out of everyone as far as hardware security is concerned. That does not mean their implementation is anything close to perfect, it's more that everyone else is doing a poor job, or forgoing any attempt at it in the first place.
No, this is an entirely self-inflicted problem by the user.
It's 2023. Everybody knows about the telemetry, the unserviceable hardware, the "fuck you" style bug reporting and customer service, and of course the fact that you no longer own your own machine.
Anybody buying Apple (and to a large extend Microsoft) at this point, knowing they have no intention of letting you have access to your own device, also knowing that there are superior open-source options, deserves precisely what they get.
Most do not know however, nor do they desire to know, and likely, they will never know. If you want to make something actually better for someone who's not you, blaming them for not making it better is hardly a solution.
Also stands to reason that, hackernews is popular with people in the industry, maybe not the actual decision makers, but, certainly people with more pull than most. It's important to express how things ought to be for that reason alone.
Nobody owns even their hardware anymore.
Was it necessary to say “wealthy”? That doesn’t seem relevant, but rather incidental.
Any other reply is going to be apologetic rambling.
You still have to rely on a middleman (the blockchain), which I believe isn’t infallible either (human input error, adversarial attacks, phishing, social engineering, network availability, etc)
https://www.cbsnews.com/news/hard-drive-lost-bitcoin-landfil...
I did it with Cash App though and it backfired ("Your account has been terminated for contacting employees outside of the support system")
Now, how much is Sundar Pichai's cellphone number going to cost me? I just want to get into my Google account that I have the username, password and recovery email for, but not the old phone number.
- in 2019 spent more than €3K to buy the best macbook 15' available (> 2 months of average salary in my Europe country)
- 2 weeks before the warranty (1y) the spacebar broke, the SPACEBAR!!!. It was a design issue and it got replaced in a few days by the local service under warranty.
- 1 year later, the battery starts dying out. Go to the authorized repairer and it was going to cost me ~€750 to replace the battery since I had to replace the entire keyboard and trackpad to do that.
- I found a PC repair shop that said he can do it for a couple hundred €, and it worked fine
- 3 months later the laptop shut down unexpectedly. The apple refused to fix it (even paying) because I used a battery not official. The Mac is now a brick
So 2.5y of personal use (not professional) cost me €3.5K. More expensive than a cheap car.
edit: the battery replacement with all top case cost me ~€750. Confirmed looking back at the emails
Emailing Tim doesn’t scale.
(I have filed comments with the FTC on this account recovery matter regulatory gap; identity is a component of my work in infosec, primarily in financial services)
Problem with Dell, HP, Lenovo -> ship it back and pray
Problem with Apple -> walk into covent garden and ask.
My experiences with Apple support has been nothing except glowing. (Apart from one work incident where our IT supplier ordered Applecare (3 years service warranty) instead of Applecare+ (2 year accidental damage) - and my employee dropped his laptop).
I got given a Patagonia bag (not my thing), the wheel broke off (thanks AA), took it to a store, and the customer service was so good I’m a convert. Conversely, I recently stopped using a service I spent >$20k a year on because their customer service was so bad. Can you boost profitability short term? Definitely, but I suspect in the long term you trading long term customer NPV for short term profits
Seems like a reasonable suggestion, hopefully someone at Apple sees it and adds in a warning about the consequences of skipping that step.
If that’s the case, then that should be the warning.
“If you skip this step, then someone could add this device to their FindMy account and lock you out of your device. Apple will not help you under any circumstance if this occurs. We recommend adding this device to your FindMy account to maintain access to this expensive thing you just bought.”
I bought it with cash in Grand Central. I have my welcome to your New Mac email from the week they launched and it's in Find My still today. But I didn't keep the cash receipt and I password protected the firmware before an International trip, and don't remember that.
Apple will not unlock it, though it's in Find My, and has only been mine for its entire history. (They also won't unlock it, fix the bricked OS update, and lock it again, which would be fair enough. But as I see it, they broke my machine, and they prevent me from unbreaking it.)
So FindMy won't save you from yourself. :-/
Non-organized crime is generally opportunistic. Would the opportunistic criminal know of this reset date, and if they did would they be willing to wait 3 years to fence the phone? I'd wager that is doubtful.
MacOS Big Sur broke support for high refresh rate external displays for Intel Macs. It was the DSC feature of HDMI/DP protocols, 4 years ago. Everyone that had it working at 4k@144Hz in MacOS Catalina, got only 60Hz in Big Sur and later.
Apple Support / Engineering department had me to install Catalina, show that 4k@144Hz actually works, got a ton of diagnostic data and came back with "you may downgrade to Catalina as a solution" LOL
Wrote to Tim Cook, with case number and, wait for it, MacOS Sonoma had it fixed!
My related story of someone likely circumventing my activation lock, using either fake docs or a compromised Apple-authorized agent, a few days ago: https://news.ycombinator.com/item?id=38622248
Not setting up Find My bricked my MacBook - https://news.ycombinator.com/item?id=37865941 - Oct 2023 (556 comments)
But to counter my last point, owning a mac requires a mild investment in learning, and a lot of buy-in for their ecosystem, including linking and locking it with an online account. Apple Store. Apple Music. Activation Lock / iCloud everything. Not all users are fully aware of that though, and OP's scenario is one of those journeys.
But now that you know, this scenario is analogous to keeping a spare key outside your car. Someone can take it and install a new lock cylinder.
If your laptop changes hands and someone wiped it and put an activation lock of their own on it. This is working as intended. There's no functional difference between selling it to that person because anyone can wipe a machine and put a new lock on it.
The alternative includes setting up an activation lock of your own, or putting MDM on it.
This is a feature of Apple's walled garden. You either go all-in, or you go against the grain and lose the benefits and get blindsided by an unforeseen experience.
Personal thoughts: I manage Macs for a living, but never will buy one of my own. Not just the walled garden complaints above, but a 5 year old Lenovo with similar specs is a better technical investment than a 5 year old Mac. The Mac will be slower with 5 years of OS updates, meanwhile the Lenovo you won't really notice a difference. It's also less than half the price.
Several calls to Apple Support explaining the situation and offering to provide any form of identification they’d like hasn’t helped; their policy is that the phone number is the key piece to verify your identity, even more so than the email for the Apple ID.
I lost a couple hundred in purchased apps, but losing years’ of photos was the worst. I had apparently selected an option to keep the full-res images in iCloud, so my backups only contained thumbnails. Lots of lessons learned, but such a frustrating experience.
Wow...
Moral of the story is never take your Apple devices for any kind of internal repair to anyone except Apple authorized shops. There's a lot of tiny device shops that do fantastic work with all kinds of phone screens, protectors, fixing broken stuff...but there's definitely some unscrupulous ones out there. Really sad that these scammy ones give the tiny hard-working little shops a bad name...:(
Knowing cook's process driven nature he probably just put a team on it.
I wouldn't be surprised that there is no real 'have your cake and eat it too' version of this where you can make something secure (both integrity and confidentiality) while also not risking losing access or ownership yourself. At least not yet.
It has the same issue trying to make a 'regulatory backdoor' in a crypto system, it just weakens the system and as a result just means such backdoors get abused by everyone making the crypto system worthless.
Source: I'm married to someone working in one of those departments.
What about a lawsuit against Apple?
Write the Consumer Financial Protection Bureau. They'll get you sorted right quick.
I asked Cash App to do a chargeback. They told me their system doesn't allow chargebacks where the goods were "delivered." I told them they were never delivered. They argued that they were delivered back to the sender, therefore they were "delivered." I got all their execs cellphones and started politely calling them. One escalated it to their "Executive Support" who gave me the same answer, then my account was terminated. They did issue me a refund as part of the termination, but I can no longer use Cash App which is very frustrating for someone at the bottom of the food chain like me who interacts regularly with people who only use Cash App as their banking.
In the interest of resolving your dispute, we are providing, as a one-time courtesy, a reimbursement of $93.75 for your transaction with Wibargin, LLC. Additionally, we are electing to terminate your Cash App account (as allowed in our Terms of Service, section XIII.8). As a result of the termination of your Cash App account, you will no longer be able to use Cash App and its services going forward.
You will be able to access your account in order to cash out your remaining funds, however all other features, including the Cash Card, will be permanently disabled.What the legal system says, the words they use, are not that interesting...
Helps if you're a stockholder, but you don't have to be (you can decide on the ethics of going through non-standard methods when standard methods don't work). Those inboxes are usually monitored by competent people and they'll at least forward your email to the right people so they can close out the case that gets created on every email on their side.
Patio11 goes into this here: https://www.kalzumeus.com/2017/09/09/identity-theft-credit-r... in the section: "Where exactly should I address letters?". Also goes into contacting their legal department. If you can't find an address, can always send a letter to headquarters "ATTN LEGAL DEPARTMENT", those get opened by expensive people.
I've emailed shareholder relations for a company I owned, a smaller company, like $2b, about some question I had about one of their annual reports. Didn't get a response after a followup. Sold half my stock because of their non-response and was very happy I did (unsure if my question was a sensitive topic for them, but c'mon, at least give me a fuck off reply)
Sounds like a fun place to work for. /s
Basically whenever a friend of yours installs some shitty free app on their phone and it demands to exfiltrate all their contacts your email address and phone numbers get scooped up and sold to the highest bidder. You can guarantee Tim Cook has a bunch of friends, grandmas, etc that have no idea how to use their phones and have 400 apps installed all syphoning off Tim's contact details.
I'm still waiting for the check from https://googleplaydevelopersettlement.com/, was it this one?
So what you seem to be saying is that Apple laptop batteries cannot be replaced for less than €1K if the laptop is out of warranty?
Absolutely incredible. If that's the case, it should really be reported as front page news so that nobody else makes the mistake of buying an Apple laptop ever again.
It costs $249 for a 2019 15" MBP battery (not 15', not sure they ever made them that big, GP's laptop may be special). GP's issue is that Apple, per their story, wanted to replace the keyboard and trackpad as well and wanted to charge more on top of the battery replacement.
That said, a thousand Euros to replace a battery is ludicrous. No consumer should be charged that, warranty or no.
For reference, I recently got a second hand recent ThinkPad with a dud battery and bought the genuine replacement battery for AU$200 (€123) and could replace it myself as it's an FRU.
Apple should not be charging literally an entire order of magnitude more for the same part, regardless of the service cost.
The issue at hand is that devices are being sold where you do not take ownership of the private keys used to configure it. Not your keys, not your device.
You continue to own what you own as long as you can prove who you are (assuming you haven’t transferred the asset or belonging to someone else legitimately; save your bill of sale!). Tech doesn’t write property law, it is a servant to it and operates within the legal framework (for obvious reasons). Code and keys are not the law; the law is law.
No, this creates more problems than it solves.
I definitely don't trust the government and industry that much.
The link between digital identity and device ownership would have been sufficient to prevent this situation without involving IRL identity. The author had a chance to establish that link, but chose not to.
I enjoy Apple's services, but I can understand why someone wouldn't want their computer phoning home to a big tech company all the time. It's pretty difficult to understand why someone who doesn't want their device phoning home to Apple, would be OK with their device phoning home to the government?
You register your address somewhere, and give access to it to companies by signing their certificate. When you update your contact details, you do so in one place and it sends a notification to each organisation to update their details.
It'd be better as well if you could revoke your permission with that company so they can't contact you.
https://www.theatlantic.com/politics/archive/2021/08/voting-...
Optional of course. For those who want to ride the lightning, they should be able to opt out and eat the loss if they so choose (assuming loss of authentication mechanisms, whether that be passwords, passkeys, private key(s), hardware tokens, totp seeds, etc). For the rest of us, “here is my driver’s license, state ID, or passport, please unlock my property or I’m engaging state and federal regulators and the legal system.” To do otherwise is in violation of consumer and citizen property rights.
Howdy stranger! Have you heard the good news about "FileVault Recovery Keys" ?
https://support.apple.com/guide/mac-help/protect-data-on-you...
Unfortunately based on the OP’s experience it looks like the CFPB had been severely handicapped since the last time I had to complain to them. Now they only have authority over banks with more than $10 billion in assets.
The "before she could reply" implies that whoever wrote the angry email was being impatient and didn't wait for a reply to an email that they had sent. The only replies being awaited are devs->assistant or assistant->customer, and since the devs were only identified as a group it makes more sense to interpret the assistant as the (singular female) victim of the impatience and the customer as the one who got impatient waiting for a reply.
What about your Congresscritter? I usually CC them on any complaints and they pick it up if there's a problem.
Here's my final response:
Really, literally any other option than "never give the user keys".
AppleID ALREADY gives you numerous methods of recovering lost passwords, if you remember to set them up in advance.
They apply to the person's data.
What of any of all that is "right"? It's simple force; right is might.
Do you know what "right" is? Do you think what is legal, is also right?
State secrets, corporate secrets, personal secrets can all be on a computer. Financial data can be on a computer. There are all sort of things that need much more protection than a car.
The attempt at comparing the two in thinking their security levels can even be compared is just not even sensible
I also think that car security is maybe not a good standard to try to emulate, given how often they have what in my opinion might be the worst security message of all time: the car alarm. I've never once heard a car alarm and thought "aha, someone must be trying to steal that car". As far as I can tell, false positives are both much more common than true positives and literally indistinguishable to bystanders, so any time someone hears a car alarm the person causing it could just claim it's their car and they activated it by mistake and no one would question it. They're also so annoyingly loud that they disturb basically everyone on the block, and they can happen at literally any time. After around 10 seconds of a car alarm waking me up from deep sleep I would probably root for a thief to get away with taking the car just to make the sound go away.
State secrets can also be in one of those mailer boxes in your car, or you might have a body in the trunk you don't want people to find. Or I might be inside the car, and I want as much protection as possible (but without adding too much weight)
You can also buy "hardened" cars that make intrusion significantly harder, there's also a vocal minority that wants to understand everything going on the car and doesn't trust the government (coreboot/ pre-emissions controls) and there's people who use vehicles that are the road equivalent of a Chromebook and also people that have really tricked-out systems that have more power on demand than will ever conceivably be used anywhere other than synthetic workloads (dynamometers) or high-end professional stuff (racing.)
Sure, but nobody is clamoring for literally every car on the market to have a remote lockout only possible to disable by the OEM or if the original owner chooses explicitly to pass on the privilege. It would be ludicrous for the solution to potentially accidentally leaving some documents in the glove compartment to be allowing the original owner of a used car to retain the privilege to brick the car after someone else buys it.
The reality is for most people the most valuable thing on their laptop are some photos. The car on the other hand holds significantly more monetary value for many, so the financial impact of loosing a car is typically much higher
For most people, the most valuable thing they have is the browser with all of their cookies saving their accounts and stored password managers. If readers on this forum can't think of why a laptop or other personal computing device like phone might be more valuable and how to access that data, then I'd suggest creative thinking is just not being applied very well.
the state secret thing was in jest.
Why so many characters for inequality.
Also I wish you could still buy cars that were not computers.
That differentiation is important, because it reveals the main reason why Apple is successful, and why they don't get market pushback: Most people just don't care. There's a good chunk of radicalization on the side of Freedom, there's very little radicalization on the other side, mostly just people who haven't thought about it enough, and then there's the vast majority in the middle who just don't care.
I take comfort in that reality, because it indicates to me that this will probably change. We're seeing right to repair gain steam in US legislature. It takes time to develop shared language and understanding on why this is important, and why it matters, with those people in the center, many in positions of power.
This is why this whole issue causes more trouble with John Deere: It is in the way of what people do.
A dictatorship can work out nicely as long as it doesn't stand in the way of the people.
This story is about somebody who did exactly that, and then discovered they suddenly cared about theft when their device was stolen.
Pick a lane.
But how do those apps know it's THE Tim Cook and not one of dozens of other guys named Tim Cook? Also, what if, and this is usually the case, most people don't have you as "Tim Cook" in their phonebooks, but as "Big Baws", "Honey Bunny" or "Timmeh 12 inches uncut"?
If a lot of people have that same phone number in their contacts but only a handful have it as "Big Baws", "Honey Bunny" or "Timmeh 12 inches uncut" but do have as Tim Cook, or even have his job description, email address and other stuff attached to it too, it's safe to say it's a dead ringer to be Tim Cook, CEO of Apple, Inc.
He should appear in the contact list of relevant people (Apple employees, press, ...)
I can understand how come fewer iPhones would get stolen now compared to previous times, but I do think that that the level of "implicit" targeting by thieves has indeed increased which has made Apple also increase the level of locking.
In a way this situation is similar to thieves stealing from poor people house's compared to stealing from wealthy people's houses. Meaning that, even going by percentages, I'm sure that poor people's houses are broken in by thieves a lot more compared to wealthy people houses, and that is, mostly, because wealthy people's houses are a lot more better protected (because there's much more valuable stuff to steal from there compared to poor people's houses).
But that extra protection comes with its one intrinsic/hidden costs for those enjoying said protection, for example one cannot freely "choose" where to own a wealthy house, you're restricted by the "good" and "safe" areas, in effect limiting your freedom of choice (which is a cost in itself). There's also the "inner" phycological cost of realising that your own protection depends on a system outside of your control, a house's security system in the case I mentioned or a big US corporation in the case of the author here, that's also a hidden cost. And there are many other such costs.
All this is part of the many paradoxes related to security and defence, really interesting topic by itself.
So it WAS "locked." I don't know what you mean by "unregistered," either.
The AASP was screwing you over, either deliberately or by ignorance.
Now: if the battery expanded and caused internal damage (bending the top case and damaging the keyboard) then what you said makes sense, but that's a pretty glaring omission if so.
By definition making a system even somewhat secure against social engineering and the like means it is less forgiving of mistakes.
And once again I must keep reminding people that "Find My" is an opt-in feature that you are not required to use.
Isn’t that the bad part about this story? That someone with your laptop can reset it if you’ve not used ‘find my’?
In the default state the Mac works the way people say they want it to work. It is not enrolled in Find My and Apple has no idea who owns the machine. You could have walked into a retail store and bought it with cash. Or bought it used on Craigslist.
In that blank state the machine is wide open, including wide open to be enrolled in Find My with Activation Lock. That's exactly how it is supposed to work. The only way it could be otherwise is if the server did what people are falsely claiming it does: maintain a big database that indicates who is the registered owner of each machine thereby preventing someone from maliciously enrolling a non-enrolled machine. (And FYI a non-enrolled machine is not constantly checking in with the server... that only happens during restore.)
This is just another kind of CAP-like theorem situation. No one can provide anti-theft locking capability without making a tradeoff. Any sort of anti-theft feature must choose one of these strategies:
1. Trivial bypass via firmware wipe, making the feature useless. 2. Require a central database tracking ownership (think car titles), which is the dystopian world people hate 3. Physical possession of a stolen and non-enrolled machine allows the thief to enroll the machine (this case). Looks identical to a non-enrolling person selling to an enrolling buyer.
Overriding the anti-theft system must be a high bar otherwise social engineering or malicious employee attacks become a significant weakness. Even if you provide proof-of-purchase there is no way to know if you sold the machine to someone else then stole it back from them in which case breaking the activation lock is helping a scammer.
Providing opt-out is either #1 or #2 above. If you don't register that opt-out in a central database then it would likely be easy to bypass with a firmware wipe which leads back to square one.
Just about the only alternative I can think of is a fusible link system where the first person to setup the machine can choose "Do not allow anti-theft" and that blows a fuse. That sure will piss off buyers of used machines when they find out the first owner made a permanent choice on their behalf.
The main way to reduce the risk of that (which actually works) is by targeting the motivation of the thieves by making the stolen device nearly worthless for resale or reuse - i.e. literally making both the device and its parts unusable even for a semi-skilled operator of a pawn shop buying large quantities of stolen phones.
It's not that my specific information is so worth protecting, but that there is a social benefit as if everyone's phones are nearly worthless to steal, then the thefts go way down.
I cannot name a single thing I own that is more valuable than the information contained in my electronic devices.
You could steal the contents of my house and the building materials and it still would not be more valuable.
Are people actually trying to steal your information or just the chunk of valuable plastic that's currently a portal for accessing some of it?
Meanwhile.. all the animals and sometimes children at my house are more valuable than any of my information, at least, to me. And of course, the most valuable and abstract of them all, my own health.
I expected loved ones to be excluded from the definition of property in this context, being a discussion about theft and not more violent things like kidnapping.
> Are people actually trying to steal your information
I do not know everyone’s intentions, I just know what my loss potential is. I do not keep many paper records, so getting into my digital files will give up all of my information as well as TOTP and SMS 2FA codes that serve as proof of my identity.
Once someone can prove they are me, then it is an uphill battle for me to prove someone else was being me, and even doing that does not always help.
I assume he would’ve been able to recover it if he had “held on to his private key” (having the device be linked to his account being the current equivalent)?
This, and remote attestation, are tools to enforce DRM. The anti theft stuff is just a marketing strategy you fell for.
so if you steal something and therefore have physical access to it, that should trump the original owner who no longer has it because you stole it even if they have the receipt with the serial number on it?
Isn’t that what happened here? The thief and not the owner reported it as “stolen” and thus bricked. The thief could’ve as well just thrown an actual brick on it with similar effects
> The anti theft stuff is just a marketing strategy you fell for.
Also it works. Both for deincentivizing theft and allows you to recover the device had you actually enabled the feature (so not this case)
I wouldn't. If someone has a device that is unusable without keys they don't have, they don't actually own that device. Far be it from me to quote the crypto crowd but "not your keys...."
Second, what does this even mean: "without giving users access to their own private keys, then having a much worse problem where dozens of users lose their private keys and forever brick their device?" What scenario exactly does that refer to?
Because (if I under the article correctly?) the owner hadn’t actually enabled “find my mac”?
Sell an HSM (free when you buy a Mac > $2000? discounted in conjunction with AppleCare?) that will remove activation lock on the Mac it's purchased with.
There is no way for the device to make the distinction if the owner does not register himself as the owner and the thief does. Then the thief is the owner and the device will protect itself from the real owner. There is just no way around it. That is a mistake made by the person writing the blog, they admit it and they say Apple should have made it more obvious which is a reasonable request. Not Apple should have not made the protection, that is an unreasonable request.
You might have philosophical problems with this kind of protection, fine, then don’t buy the devices because they have it, they are advertised to have it and you can’t get them without it.
Don’t buy a device that you know doesn’t do what you want and then go whining on the internet that it doesn’t do what you want. That’s a you problem.
The owner of the device doesn't own the keys to it, apple does. That's how the OP lost access in the first place.
I will admit that, this situation was preventable, had apple required the "find my device" feature to be active upon setup. The fact is however, they do not. You can't have it both ways, if you're going to have a walled garden, then wall off the garden, no half measures, you're responsible for everything, including this mishap.
Whining about keys with Apple and thieves doesn’t change a thing about that, it’s just your philosophy. Registering the device to the owner is the responsibility of the owner. It would be nice if Apple would be more insistent, even though then you would whine more ‘because Apple is shoving advertising for its services down peoples throats’ or ‘because Apple is forcing people into accepting iCloud’ but we can just disregard your whining. As you agree it would be better and would have prevented the problem in the article. But that doesn’t change the fact the responsibility is with the owner. Not with Apple. The owner made the mistake, and he agrees with it.
And requiring Apple to be perfect just because they don’t subscribe to your lofty philosophy is ridiculous. If you buy the devices you accept the agreement which, just like the agreement that comes with any similar device, plainly states that the devices and the software they run are not perfect, the product is as-is, don’t like it return it.
If companies were beholden to your philosophies we would get nowhere. That’s why no company does that. It just doesn’t work.
You can’t do that with an activation locked iPhone. The user can remotely brick the device using Find My. The parts can’t be removed and reused either because they all have IDs in them which are locked to the device. A stolen iPhone is nothing more than scrap metal and glass.
289 EUR for all 15"/16" MBPs
The only reason they'd require a full top case replacement would be if there was additional damage making them unable to guarantee safety of the new battery
This assumes that the thief didn't simply observe/record the pin code unlock before stealing the phone.
https://www.vice.com/en/article/jgmygb/checkm8-info-remove-i...
https://www.reddit.com/r/applehelp/comments/wp4t7t/would_wip...
https://www.howtogeek.com/829425/scammers-tricking-people-in...
https://www.macrumors.com/2023/04/19/apple-responds-to-iphon...
"The officers advised Chistancho that his bag violated the event rules and proceeded to remove it from his possession. Upon inspecting the bag, officers found a smaller black bag inside, which, when opened, revealed a metallic inner lining consistent with a Faraday bag – a device commonly used to block phone signals.
To their surprise, the Faraday bag contained a total of 12 stolen iPhones of various models. One of the victims of the thefts was able to positively identify one of the recovered phones as stolen from him."
* https://wsvn.com/news/local/miami-dade/two-phone-thieves-nab...
If they can't use them for anything, what would they want with 12 iPhones?
> The user can remotely brick the device using Find My.
I guess that's what the faraday bag is for.
Unless you have a link to show evidence that they know how to modify the devices to prevent them from ever phoning home again? Because even if you somehow manage to reset and wipe the device offline, it’ll still phone home and brick itself as soon as it gets a connection because the ID is in hardware.
Not being able to get USA ID makes it very hard to get registered on many web sites though :(
That is, of course, a system that exists, but, be creative, lots of ways to skin that cat. In apple's case, well, they could certainly sell a device to handle that job, basically a key fob like you probably use in your car (sometimes built into the physical key without your knowledge).
You could also use the remarkable amount of compute that most people carry around in their pockets to do this job with no additional device required (use your phone).
Not really a hard nut to crack overall.
Find My Feature from apple.com:
> Activation Lock is designed to prevent anyone else from using or selling your device. When you enable Find My on your device, Activation Lock is turned on automatically.
> Your Apple ID and password will then be required in order to erase or reactivate it. And if someone is able to erase your device, the Hello screen will show that it’s locked, locatable, and still belongs to you.
It could sign an activation lock removal and give it to the device through the usb port.
If the HSM is lost or fails, revert to the status quo.
This is not a technical problem, and you cannot solve it with a technical solution.
btw what we have today is the worse of both worlds. apple et al can tie you to a identity which you cannot use to recover your data but they can sell to advertisers or act on police requests from that profile metadata.
Is that a plan anyone is suggesting?
Kind of, but you can’t really do that more than once, so it makes for a bad business.
I see your point, but if it were me in OP’s shoes, I’d be annoyed by the fact that even though I chose not to enable the anti-theft stuff, Apple presumes that the laptop is “unowned” and can still be enrolled into the anti-theft service. I would much rather have the laptop ship with a physical copy of the private key that will unlock the device (paper with a QR code on it would be sufficient), that way I retain ownership of the device regardless of what the thief does. Everything else could stay the same.
Edit: also, reporting as stolen is not the same as a thief smashing the laptop with a brick — the crucial difference is that by reporting as stolen, the thief retains access to the device while locking out anyone else. The post even speculates that the shop involved used this technique to extort the person who brought the laptop to them.
This is something that, weirdly enough, perl did really well and then everyone else ignored the good solution in favor of much worse alternatives.
In perl, 0 and "0" will compare equal, which can lead to trouble.
But perl prevented virtually all of that trouble by making the operators on strings different than the operators on numbers. So
"1" + 2
"1" . 2
That was the joke
The common theme that keeps coming up with activation lock that Apple's customers do not understand this feature until it bites them in the wallet. Any solution would require education that these same people won't get until they're in an irrevocable situation anyway.
If we followed that logic, the only people who don't have a right to complain would be their paying customers.
>Registering the device to the owner is the responsibility of the owner.
Why is it entirely on the owner? If apple designs the majority of their advertised security apparatus around the concept of device ownership then I'd argue that they do in fact share some responsibility in making sure their devices are properly registered before use.
And if Apple is responsible for noting who owns the devices next up you will come whining about how that mean Apple doesn’t allow you to sell your devices without informing them.
Whine whine whine from a non paying customer. You don’t like the products, you’re supposedly not going to buy them. What are you whining about, that a product exists that you don’t like? Nobody cares.
What? Could you please elaborate what you mean here? I do not see how this addresses my comment at all...
>And if Apple is responsible for noting who owns the devices next up you will come whining about how that mean Apple doesn’t allow you to sell your devices without informing them.
I don't remember complaining about that, please don't put words in my mouth. All I said was that a company which places device ownership as the center of their security model shares some responsibility in ensuring their devices get registered before use.
>Whine whine whine from a non paying customer. You don’t like the products, you’re supposedly not going to buy them. What are you whining about, that a product exists that you don’t like? Nobody cares.
I'm not the original poster, I never said I didn't like the product, (I'm actively using one to respond to you right now) please stop assuming where I stand on the product. It is perfectly possible for me to like a product as a whole while simultaneously disliking certain aspects.
Would this happen if the phone were moved to a network in China? I didn't want to go into that aspect of it, but my understanding is that the phones get sent to a location in China and worked on there. I don't have any evidence on hand, but I am sure you can find some. If you want me to dig into it I can, but just not at this moment.
EDIT: reddit thread
* https://www.reddit.com/r/apple/comments/r9m2bk/stolen_iphone...
The measures they’ve already taken are a pretty good deterrent against casual theft though.
Terminating a users account while simultaneously admitting fault by providing reimbursement just screams to me that the leadership team are completely out of touch and don't want to hear a thing from their own customers.
They thought I was under 18, so they asked for my drivers license. I sent a picture and they responded with:
"Thank you for sending us your ID." "Your account has been permanently deactivated and we regret to inform you that we can no longer offer you the Venmo service."
Absolutely mind boggling.
Fortunately I'd paid using my Amex, and American Express support were incredibly helpful in making me whole pretty much right away. I recall the payment gateway being a Stripe thing, so I really hope the scammer got hit hard somehow.
You shouldn't be frustrated by your account being terminated. Why would you want to continue to do business with such a shitty company. I'd take that as an opportunity to explain to other people "who only use Cash App" for whatever reason, what a shitty company they are.
Not only that but the more people they run into who don't use Cash App the more likely they'll start using alternatives to also be paid by those people, giving less of a societal reliance on a corporation who will terminate your account because you used outside channels to resolve an issue regular support wouldn't help with.
The opportunity costs don't bear out either, as just because someone has an expensive piece of tech, does not mean they have the kind of assets you can drain into Bermuda. The reward ratio is not significant to plan for this eventuality in any meaningful way.
Which is why most people when faced with the prospect of insane security will just choose to layer two simpler methods together instead, such as basic old 2FA via SMS or FIDO. These technically reduce security barrier of entry but allow the portions of the implementation to live further apart from each other, which for most people, is enough.
Also, if your work didn't issue you a secure PC and trusted 2FA hardware, then allows you to have privileged information like email on your home laptop, that's entirely bad policy on their part.
Ease of committing a crime is surely a factor in probability of that crime occurring.
Far more people are willing to look over a shoulder for someone’s phone PIN or slip them a roofie to get access to bank account apps and transfer money than they are to confront them while conscious and threaten them to give them their money.
(Hence the advice to keep access information to only nominal amounts of wealth in phones).
The other factor is turning a profit. You have a brick, you can sell it for parts through China and get a few cents. You have a fully functioning phone/laptop, you can sell it for a lot. If everyone had Find My on then stealing Apple hardware would be pointless. It's the orthodoxy geeks who turn it off to feel like they "own" their hardware that make it a chance play & worth a shot for the criminals & hurt normies.
> confront them while conscious and threaten them to give them their money
This is called robbery, theft means no confrontation.
Passwords and drive encryption protect data. Remote bricking supposedly decreases the resale value of the laptop hardware, which supposedly makes people steal them less.
Which achieves the goal (not have laptop with this important info stolen).
According to https://www.businessofapps.com/data/cash-app-statistics/
51 million monthly active users in 2022 and 13 million people had the Cash Card in 2021.
You don't want the thief to steal a locked device. You want the devices to have a reputation for not worthing as much on the black market if stolen. That creates a deterrent effect, and is arguably one of the reasons why the average person's phone is stolen less.
As to whether this effect is worth suffocating the secondary parts market, it really depends on whether you're actually a potential participant in it. One can argue that the vast majority of iPhone/Mac users never thought of buying parts or using non-official channels for repairing the device.
Or simply with a unique private key, printed inside a tamper proof envelope? You can at least backup the private key to somewhere safe, if you want.
Many people will lose the key (that's ok, not worse than the current situation), but at least those who care won't.
With some QR code and the device's camera, you don't need any new hardware.
I must point out that in the original article, the author lost their MacBook and then complained it was locked after it was returned. (It would be analogous to getting it stolen then having the thief reactivate the lock.)
But then the person who steals your laptop (as in this story) can turn it back on and you’re shit out of luck.
Laptop theft was never a pressing enough matter for me to do anything except encrypting its disk. I never met anybody around here that claims to have done anything about protecting from it (except for physically protecting it). And nobody that I know has a locked-down device that would be worthless if stolen.
For a while I thought--and it seemed to be-- that it was pointless to steal an iPhone for that reason.
Then my phone was stolen last summer. The kind of folks that are gonna steal phones don't care one way or the other. Maybe they'll get lucky and it's unlocked (you'd be surprised!) but if not they'll just dump it in quantity for parts.
The kind of person stealing a phone isn't usually very bright and making calculated cunning decisions here.
Seriously?
People like that exist?
Now I am tempted to shun anyone carrying a fruit phone.
I don't know how old you were in the 2000's, but even in restricted access college libraries, laptops were stolen constantly. In the first few years after iPhones came around, phone theft started becoming super common, and was eventually a constant source of news.
Back then the thieves weren't limited to professionals who had access to a fence who has contacts with shady factories overseas. Every single hard up person could benefit from grabbing a device, and doing a DFU reset or wiping the hard drive. The market and opportunity for thievery was soooo much bigger.
I’m 95% sure you’re very wrong on this. Anecdotally it seems to me that phone theft is massively down from where it was 10-20 years ago.
> This line of argument just _irks_ me
That’s fine you just have different preferences and/or priorities than other people. Nothing unique about that.
> What this really does is suffocate the secondary parts market,
Certainly true. IMHO forcing Apple to sell parts for a reasonable prices would be a massively better solution
> I can damned well decide that on my own.
Isn’t it optional? On Macs anyway? (I’m not really sure)
"What this really does is suffocate the secondary parts market"
Quit the opposite, second hand parts from disassembled devices is probably even more prolific now (you're prolly getting an artificially lower price b/c of thefts)
I think you should be more sympathetic to people that live in situations where this policy has made a huge difference- where the cost of the phone is a large chunk of their income. And where nabbing a phone could net you effectively a month's income. I'm happy for you that you live in a place that has so little theft this isn't a concern for you.
My original incentive for spending the last 15 years and thousands of dollars in the Apple ecosystem is that their products would "just work" for my family.
Nowadays I'm spending hours on the phone with our daughter who's in tears because Apple keeps locking her out of her iPad or laptop.
I'm also not going to get into my mom having a lifetime's worth of photographs locked up in her iMac that we're literally only going to be able to get hold of if I take an overseas trip to England to do it myself. (btw, if anyone can recommend an Apple shop in the south of England who actually know what they're doing…)
So guess where Dad is shopping these holidays?
Yup, not Apple!
There's so little competition in this space that voting with your wallet barely moves the needle. Giving a company public feedback doesn't hurt.
My next computer will sadly probably not be a Mac. Who knows what I won't be allowed to do with it by the time it comes to refresh mine.
This particular feature, Activation Lock, is an optional feature you can turn on. The problem (in this case) is that someone else enabled the feature after wiping while they had physical access to the laptop
How? The person you replied to says
> The value of stolen (activation-locked) iPhones and Macs is largely only on in overseas markets where they can strip the device down to usable parts
If the only doable thing with a stolen Mac is to use it for parts, I think that would increase the availability of parts, not decrease it.
And OP is complaining that Apple gave them that option in the first place…
Don’t most other phones have an equivalent feature? Samsung certainly does and they together with Apple control the overwhelming majority of the market almost everywhere
> I think you'd need a lot more evidence to argue convincingly that this policy made a huge difference.
I disagree. It’s perfectly obvious that it made a very big difference. The market price of stolen phones is now much, much lower that it used be which significantly alter the cost/benefit ratio from the perspective of would be thieves.
It was a real problem that kids walking around high-school, or people walking in the street, were carrying something easily stolen and fenced for several hundred dollars. Ride-by theft by bike was a notorious mode. The equivalent would be people walking around with a stack of $50s flapping in their hands. A target like that is called an "attractive nuisance", and the law has a long tradition of discouraging them.
https://news.sophos.com/en-us/2015/07/02/smartphone-anti-the...
Yeah, just set up the machine using your own iCloud account, before it's too late to return for a refund.
So they'd be no worse off than they are the way things currently work, except with the ability for the few who do care about this sort of thing having a better workaround than "try to email the CEO and pray that he somehow notices"
> This is not a technical problem and you cannot fix it with a technical solution
Funny, that's exactly how I see bricking a laptop to try to curtail thieves, only it actually does solve the problem, but only by creating a worse one
- Find My Device wasn’t enabled on the mac and it was stolen.
- somebody reset it and tied it tot their account
- then the same person passed it to another party and bricked it by reporting it stolen.
- somehow the original owner managed to recover it
Would the original owner been able to avoid all this has they actually enabled this security feature in the first place?
> Funny, that's exactly how I see bricking a laptop to try to curtail thieves
People love to repeat slogans, regardless of whether those slogans actually apply to whatever it is they're talking about.
https://www.mensxp.com/technology/games/55824-asus-rog-keyst...
The first-party software supports using the key to unlock a hidden encrypted volume, as well as instantly locking the computer when the key is removed. I'm not 100% sure if it can be used to secure bootup.
c:\programdata\asus\virtualdrive
As I understand it the owner chose to not enable the security feature. The thief however did.
How else would you suggest this choice be implemented? Apple selling different models with or without the feature? Because then nobody would just buy the less “secure” option and Apple would rightfully soon discontinue it
Isn't that the whole point of this argument? The buyer shouldn't need to convince Apple. My suggestion was to eliminate Apple's power to brick a device and then be the judge who decides whether you own the machine or not.
The private key mechanism is a good way to deter theft, but Apple should not be policing it. The steal back is really an edge case that doesn't need to be covered by a technical solution.
wait, they made something that looks like an HSM and is marketed like an HSM, but actually it's just a glorified ID card? That's stupid