I'm glad the machine was restored to usable condition, I've had a laptop stolen from me in the past, it was returned in an evidence bag, in about 1000 pieces, which was very frustrating to get an excited call a year after it'd happened telling me the police had recovered it, only to be greeted with, well, an unusable husk.
That said, yours is a completely artificial problem imposed upon you by the company you made a purchase from. You don't have the private keys to your own device, which means ultimately, your usage of that device is conditional on being in the good graces of a group of very wealthy, indifferent, strangers.
That, in, and of itself, is the issue at hand here, and while you've found yourself a favorable outcome, you're likely an exception to the rule.
What is the better solution that retains the anti-theft capabilities of the device? The value of stolen (activation-locked) iPhones and Macs is largely only on in overseas markets where they can strip the device down to usable parts - or, if you're lucky, you'll get threatening text messages telling you to remove the device from your icloud[0, 1] so they can sell it as a fully working phone.
The inability for a thief to just flash the device with fresh firmware and use it as if it were new is a key selling point of the device and might justify the higher price tag to some buyers.
0: https://old.reddit.com/r/applehelp/comments/13yn1o0/phone_st...
1: https://old.reddit.com/r/applehelp/comments/16fcd4c/recently...
This line of argument just _irks_ me. I don't care enough about thieves for this to even matter to me. And I think this is zero-sum for the consumer. Maybe more devices get stolen (probably not, if I'm a thief I'm still snatching it and throwing it in a river or something). What this really does is suffocate the secondary parts market, so it costs more to repair the things or they just require a replacement.
Many, many users of these devices have rarely, if ever, had anything stolen from them. And as one such person, I don't want to hear a company tell me I can't even have the _option_ of an open device because "it's for my own good". I can damned well decide that on my own.
You don't want the thief to steal a locked device. You want the devices to have a reputation for not worthing as much on the black market if stolen. That creates a deterrent effect, and is arguably one of the reasons why the average person's phone is stolen less.
As to whether this effect is worth suffocating the secondary parts market, it really depends on whether you're actually a potential participant in it. One can argue that the vast majority of iPhone/Mac users never thought of buying parts or using non-official channels for repairing the device.
The laptop could come with a USB-C "master key" on the box, tied to that specific laptop. Keep that key at home, and all the anti-theft benefits continue to apply, while keeping the owner in control of their hardware.
Everyone who doesn’t throw that useless weird dongle out with the box will lose it immediately. This is not a technical problem and you cannot fix it with a technical solution.
So they'd be no worse off than they are the way things currently work, except with the ability for the few who do care about this sort of thing having a better workaround than "try to email the CEO and pray that he somehow notices"
Funny, that's exactly how I see bricking a laptop to try to curtail thieves, only it actually does solve the problem, but only by creating a worse one
Is this the case though? From what I understood in the article:
- Find My Device wasn’t enabled on the mac and it was stolen.
- somebody reset it and tied it tot their account
- then the same person passed it to another party and bricked it by reporting it stolen.
- somehow the original owner managed to recover it
Would the original owner been able to avoid all this has they actually enabled this security feature in the first place?
Yes, if they had enabled Find My.
People love to repeat slogans, regardless of whether those slogans actually apply to whatever it is they're talking about.
I believe some ASUS laptops come with a built-in security key called the "keystone" that slots into the chassis. It's visually similar to those security devices built into treadmills that will stop the machine if it gets yanked out (by someone falling or etc). It could probably be used like a master key.
The Kensington lock slot on the chassis is extremely common. My Surface Book didn’t have one, but every other laptop I’ve had has had one.
https://en.wikipedia.org/wiki/Kensington_Security_Slot
It's a security key, as in a Hardware Security Module, it's not just a lock slot. Look up "asus keystone" and you can find images of it.
https://www.mensxp.com/technology/games/55824-asus-rog-keyst...
The first-party software supports using the key to unlock a hidden encrypted volume, as well as instantly locking the computer when the key is removed. I'm not 100% sure if it can be used to secure bootup.
lol, no it’s not, it’s an NFC chip with an account ID on it. That allegedly encrypted hd is just a vhd stored in programdata that anyone can mount and read. It’s not a Kensington lock but it provides the same amount of data security as one.
c:\programdata\asus\virtualdrive
wait, they made something that looks like an HSM and is marketed like an HSM, but actually it's just a glorified ID card? That's stupid
Or simply with a unique private key, printed inside a tamper proof envelope? You can at least backup the private key to somewhere safe, if you want.
Many people will lose the key (that's ok, not worse than the current situation), but at least those who care won't.
So both you and Apple would have access to that private key and you would be able to recover it from Apple if you lose it? Directly or the way it’s handled now. Cause otherwise it wouldn’t really work
Apple can have their own, separate private key for convenience (so that you can reset your device using an iCloud account). Your private key is for when you forget your iCloud password (or the device is bricked, as in the article) and Tim Cook can't be bothered to step in.
But if Apple believes that original proof of purchase (the receipt that the author presented to Apple in hopes that it would convince them to unlock the laptop) is insufficient (and let's assume the lack of cryptographic signing of said receipt isn't the problem; Apple can verify the receipt another way) because the original owner could've sold the laptop to a second owner and then stolen it back, then why would Apple think it's ok to accept "your private key" as proof that you're still the owner? You could've sold the laptop and stolen it back -- the exact hypothetical situation that prevents them from considering the original bill of sale -- and then used the key that you had possession (or knowledge) of the whole time! A secondhand buyer should demand the key if it's physical, but if it can be duplicated this breaks down.
In fact, it could even just be a plastic "owner's card" like the one you get when you buy a new lock, that, presumably, you must have to order new keys.
With some QR code and the device's camera, you don't need any new hardware.
What happens when you lose it?
If it’s a fail safe, then losing it will impact very few people.
The point I was attempting to make is I don't care what the thief does. I want the option to disable it if I've determined (on my own, with no help from anyone else!) that I'm not at a high risk of theft in the first place.
Fair point.
I must point out that in the original article, the author lost their MacBook and then complained it was locked after it was returned. (It would be analogous to getting it stolen then having the thief reactivate the lock.)
“must”? The lockout is only the reason that an event consisting of a misplaced device that was returned, instead turned into the constructive loss of the device in question.
Well yes?
As I understand it the owner chose to not enable the security feature. The thief however did.
How else would you suggest this choice be implemented? Apple selling different models with or without the feature? Because then nobody would just buy the less “secure” option and Apple would rightfully soon discontinue it
A security feature that causes a security vulnerability that wouldn't exist without the feature, is not a good security feature. The existence of the security feature makes it less secure, for some people. Why wouldn't they buy the version without it?
Okay, and you can.
But then the person who steals your laptop (as in this story) can turn it back on and you’re shit out of luck.
Isn’t that what happened here? Owner didn’t enable security feature (Find my…). Then some series of events led the thief to reset device, enable Find My, and lock themselves out.
This also deters one from buying a used Mac or iDevice, because apparently it's on the seller to remove the device from their account, and they can lock/deactivate it remotely at will. Any proof that the device was actually removed from the seller's account is subject to forgery.
Yikes wait so is there no way to guarantee against this? Like if I buy a 4K MacBook Pro second hand on eBay surely I am able to guarantee they’re not gonna brick it on me in six months?!
Yeah, just set up the machine using your own iCloud account, before it's too late to return for a refund.
For context I live in Brazil.
Laptop theft was never a pressing enough matter for me to do anything except encrypting its disk. I never met anybody around here that claims to have done anything about protecting from it (except for physically protecting it). And nobody that I know has a locked-down device that would be worthless if stolen.
Seriously?
People like that exist?
Now I am tempted to shun anyone carrying a fruit phone.
You can decide this by not owning an Apple device
I mean, this is the obvious end state for a lot of us. I've been an Apple fanboy and Mac owner for over 10 years, and Apple is slowly but surely losing me as a customer due to all these ideas that nerf their computers "for my own sake". I don't need protection from my computer and applications, and my computer does not need protection from me. The user should be the final authority on what gets run on the computer, and Apple has been steadily drifting from this principle.
My next computer will sadly probably not be a Mac. Who knows what I won't be allowed to do with it by the time it comes to refresh mine.
That's the decision I came to a couple of years ago after 18 years as an Apple hardware user. Having said that, I still use an iPhone because the use and risk profiles are so different. The phone is literally the "keys to my kingdom".
Obviously.
This is not a great argument given that Apple is in the business of selling Apple devices.
My original incentive for spending the last 15 years and thousands of dollars in the Apple ecosystem is that their products would "just work" for my family.
Nowadays I'm spending hours on the phone with our daughter who's in tears because Apple keeps locking her out of her iPad or laptop.
I'm also not going to get into my mom having a lifetime's worth of photographs locked up in her iMac that we're literally only going to be able to get hold of if I take an overseas trip to England to do it myself. (btw, if anyone can recommend an Apple shop in the south of England who actually know what they're doing…)
So guess where Dad is shopping these holidays?
Yup, not Apple!
This line gets repeated a lot. Sometimes people need both A and B, but they have to choose A xor B.
There's so little competition in this space that voting with your wallet barely moves the needle. Giving a company public feedback doesn't hurt.
These anti-theft systems are one of the big reasons that so few users have their phones & laptops stolen from them.
I don't know how old you were in the 2000's, but even in restricted access college libraries, laptops were stolen constantly. In the first few years after iPhones came around, phone theft started becoming super common, and was eventually a constant source of news.
Back then the thieves weren't limited to professionals who had access to a fence who has contacts with shady factories overseas. Every single hard up person could benefit from grabbing a device, and doing a DFU reset or wiping the hard drive. The market and opportunity for thievery was soooo much bigger.
I'm not sure I buy this logic. The timeline you give could be just as easily explained as people taking time to learn to account for carrying around something valuable in a form factor they're not used to (e.g. accidentally leaving it on a table and using the bathroom only to find it gone when they returned). It's also not like Apple devices make up the majority of the phone or laptop market, and at least for laptops I'm pretty sure there's no standard equivalent for whatever remote lockout thing happened to the macbook in the article. I think you'd need a lot more evidence to argue convincingly that this policy made a huge difference.
No. It was a policy problem large enough that legislators required it as a condition of selling phones.
It was a real problem that kids walking around high-school, or people walking in the street, were carrying something easily stolen and fenced for several hundred dollars. Ride-by theft by bike was a notorious mode. The equivalent would be people walking around with a stack of $50s flapping in their hands. A target like that is called an "attractive nuisance", and the law has a long tradition of discouraging them.
https://news.sophos.com/en-us/2015/07/02/smartphone-anti-the...
In many western countries, e.g. the US, iPhones do make up the majority of the phone market.
Don’t most other phones have an equivalent feature? Samsung certainly does and they together with Apple control the overwhelming majority of the market almost everywhere
I disagree. It’s perfectly obvious that it made a very big difference. The market price of stolen phones is now much, much lower that it used be which significantly alter the cost/benefit ratio from the perspective of would be thieves.
My local shopping mall had visible from the food court these ATM looking machines that spit out cash if you put cell phones in, and I would watch kids standing there with bags of phones exchanging one phone after another.
I’m 95% sure you’re very wrong on this. Anecdotally it seems to me that phone theft is massively down from where it was 10-20 years ago.
That’s fine you just have different preferences and/or priorities than other people. Nothing unique about that.
Certainly true. IMHO forcing Apple to sell parts for a reasonable prices would be a massively better solution
Isn’t it optional? On Macs anyway? (I’m not really sure)
Yes, Find My is optional, which is why this whole chain of events could occur.
The solution is simply to give the consumer the choice. Some will want theft protection and some won’t. Problem solved!!
That choice already exists! If you don't enable Find My on your device then anyone can DFU it to a blank slate without issue. You must opt-in to this feature.
Ok no one literally cares what you think. Apple is solving a problem and you’re just an annoying nerd.
But you DO have the option of setting up your Mac as an "open device", that is exactly what the article is about.
And OP is complaining that Apple gave them that option in the first place…
In many countries people get killed for a Phone (or much less) Just that you know the world is not the sq foot where you live now.
How? The person you replied to says
If the only doable thing with a stolen Mac is to use it for parts, I think that would increase the availability of parts, not decrease it.
I fail to see how Apple's corporate policy robbing you of your device is somehow an anti-theft capability.
If you are permanently deprived of your rightful property, you are a victim of theft. Whether it's via EULA and private keys, or via street thug with a wrench, I'm not sure it makes any realistic difference.
How would you provide this type of locking system without giving users access to their own private keys, then having a much worse problem where dozens of users lose their private keys and forever brick their device?
I wouldn't. It's unethical and frankly evil. Physical access should always trump any remotely installed policies, otherwise you can never truly own something.
This, and remote attestation, are tools to enforce DRM. The anti theft stuff is just a marketing strategy you fell for.
Frankly, it’s ethical and it saves the lives of millions of small children. I don’t want my phone stolen, and if it is stolen, I don’t want thieves to have access to my data or any of my digital assets. If you’re OK with your phone and digital identities being stolen in the name of freedom, by all means use Android.
Millions of children are gonna die if iPhones don't have DRM? No.
What are you even talking about? That's just a bunch of exaggerated nonsense lol
so if you steal something and therefore have physical access to it, that should trump the original owner who no longer has it because you stole it even if they have the receipt with the serial number on it?
Yeah. Techbros aren't the new police.
Isn’t that what happened here? The thief and not the owner reported it as “stolen” and thus bricked. The thief could’ve as well just thrown an actual brick on it with similar effects
Also it works. Both for deincentivizing theft and allows you to recover the device had you actually enabled the feature (so not this case)
I see your point, but if it were me in OP’s shoes, I’d be annoyed by the fact that even though I chose not to enable the anti-theft stuff, Apple presumes that the laptop is “unowned” and can still be enrolled into the anti-theft service. I would much rather have the laptop ship with a physical copy of the private key that will unlock the device (paper with a QR code on it would be sufficient), that way I retain ownership of the device regardless of what the thief does. Everything else could stay the same.
Edit: also, reporting as stolen is not the same as a thief smashing the laptop with a brick — the crucial difference is that by reporting as stolen, the thief retains access to the device while locking out anyone else. The post even speculates that the shop involved used this technique to extort the person who brought the laptop to them.
That doesn't make sense. First of all, "this type of locking system" is clearly a failure because it allowed an unauthorized random person to report a computer as "lost" when he didn't own it. So the answer to your first question is: You wouldn't.
Second, what does this even mean: "without giving users access to their own private keys, then having a much worse problem where dozens of users lose their private keys and forever brick their device?" What scenario exactly does that refer to?
Because (if I under the article correctly?) the owner hadn’t actually enabled “find my mac”?
The (admittedly vague article) said it was "wiped," though. By whom?
By the thief/shop who linked it to their account? IIRC you can still wipe macs without having the password as long as all the theft protection stuff isn’t enabled.
A system where users can recover their devices if they successfully hold onto their private keys is much better than a system where they can't recover their devices at all without Apple's reluctant help.
Isn’t the issue in this case that the use didn’t enable “find my mac” in the first place, the thief was able to tie the device to their account and then brick it?
I assume he would’ve been able to recover it if he had “held on to his private key” (having the device be linked to his account being the current equivalent)?
Maybe for power users, sure. But for regular people (Apple’s biggest market) it’s not an issue: they just register their devices and don’t have to worry about it.
Keep the private key with Apple. But also...
Sell an HSM (free when you buy a Mac > $2000? discounted in conjunction with AppleCare?) that will remove activation lock on the Mac it's purchased with.
You seriously can't think of other ways? I can easily think of at least 10 other ways just of the top of my head.
I wouldn't. If someone has a device that is unusable without keys they don't have, they don't actually own that device. Far be it from me to quote the crypto crowd but "not your keys...."
Depends on the person/application.
I, alone, have the keys to my laptop's drive. The device itself is cheap, and insured in most cases, so, if it gets stolen, no worries really.
For a macbook and a not-tech-savvy user, well, we exchange cars all the time, and cars have keys, usually some flavor of RFID included. Cars are less than perfect of course, but, most can add/remove keys given a set of conditions are met. I don't think it'd be outrageous to just have an iphone app that handles the key exchange upon sale. Mix that with a little user education, a little UX, and you're good to go. More or less that'd involve a user resetting the machine and part of that process would include de-enrolling their 2nd factor from the machine to prep it for sale.
That maintains all of the same functionality and then some.
A car !== A computer
State secrets, corporate secrets, personal secrets can all be on a computer. Financial data can be on a computer. There are all sort of things that need much more protection than a car.
The attempt at comparing the two in thinking their security levels can even be compared is just not even sensible
Why so many characters for inequality.
They must be a user of a language that needs === meaning "real equal not imaginary equal"
Also I wish you could still buy cars that were not computers.
This is something that, weirdly enough, perl did really well and then everyone else ignored the good solution in favor of much worse alternatives.
In perl, 0 and "0" will compare equal, which can lead to trouble.
But perl prevented virtually all of that trouble by making the operators on strings different than the operators on numbers. So
is 3, whereas is 12.. vs + for string concat is still one that causes many basic syntax errors for me as I switch back and forth between PHP and JS. I know immediately what I've done as soon as the corresponding syntax error is thrown, but still not immediate enough for when I'm actually typing it.
That was the joke
https://duckduckgo.com/?q=!%3D%3D&t=h_&ia=web
It's also a lot harder to steal someone's car without already having the ability to get in and turn it on; you can't just pick it up and walk away.
I also think that car security is maybe not a good standard to try to emulate, given how often they have what in my opinion might be the worst security message of all time: the car alarm. I've never once heard a car alarm and thought "aha, someone must be trying to steal that car". As far as I can tell, false positives are both much more common than true positives and literally indistinguishable to bystanders, so any time someone hears a car alarm the person causing it could just claim it's their car and they activated it by mistake and no one would question it. They're also so annoyingly loud that they disturb basically everyone on the block, and they can happen at literally any time. After around 10 seconds of a car alarm waking me up from deep sleep I would probably root for a thief to get away with taking the car just to make the sound go away.
You can pick up a car and take it without the owners consent, it needs heavy equipment (though there are also under-wheel robots that can move a car).
For the vast majority of people there will not be state secrets on the computer, many not even financial data. And I sincerely hope that if you carry around state secrets, it's not apple who holds the keys.
The reality is for most people the most valuable thing on their laptop are some photos. The car on the other hand holds significantly more monetary value for many, so the financial impact of loosing a car is typically much higher
That's why they have insurance.
For most people, the most valuable thing they have is the browser with all of their cookies saving their accounts and stored password managers. If readers on this forum can't think of why a laptop or other personal computing device like phone might be more valuable and how to access that data, then I'd suggest creative thinking is just not being applied very well.
the state secret thing was in jest.
Why not?
State secrets can also be in one of those mailer boxes in your car, or you might have a body in the trunk you don't want people to find. Or I might be inside the car, and I want as much protection as possible (but without adding too much weight)
You can also buy "hardened" cars that make intrusion significantly harder, there's also a vocal minority that wants to understand everything going on the car and doesn't trust the government (coreboot/ pre-emissions controls) and there's people who use vehicles that are the road equivalent of a Chromebook and also people that have really tricked-out systems that have more power on demand than will ever conceivably be used anywhere other than synthetic workloads (dynamometers) or high-end professional stuff (racing.)
Sure, but nobody is clamoring for literally every car on the market to have a remote lockout only possible to disable by the OEM or if the original owner chooses explicitly to pass on the privilege. It would be ludicrous for the solution to potentially accidentally leaving some documents in the glove compartment to be allowing the original owner of a used car to retain the privilege to brick the car after someone else buys it.
One that doesn't literally make the device unusable in the case of a mistake. We protect far more valuable property with far less fancy mechanisms. If you're genuinely worried about theft, then you need layers of simple security, not a one shot nuclear bomb embedded into your device.
Is that why people care about theft?
I cannot name a single thing I own that is more valuable than the information contained in my electronic devices.
You could steal the contents of my house and the building materials and it still would not be more valuable.
This seems to imply that your device contains the only copy of this information in existence and that cloud backups and PIN keys are inadequate for your security requirements.
Are people actually trying to steal your information or just the chunk of valuable plastic that's currently a portal for accessing some of it?
Meanwhile.. all the animals and sometimes children at my house are more valuable than any of my information, at least, to me. And of course, the most valuable and abstract of them all, my own health.
It's not losing the information that the computer holds that's the risk. For most people, their computer contains the keys to be able to steal all their money and major assets, commit crimes in their name, defraud their family and friends, and endanger their employment. Those keys are embodied in the trusted ability to access their primary email and social media accounts, and possibly their work accounts too.
Yes, and I can do all that now without your device, and I was able to do it before digital devices became prevalent. Yet, it does not happen, because no one has any motive to do this to you even if the means to do it has now been reduced to simply taking your phone. If someone has that motive then access to your phone will /not/ be the deciding factor.
The opportunity costs don't bear out either, as just because someone has an expensive piece of tech, does not mean they have the kind of assets you can drain into Bermuda. The reward ratio is not significant to plan for this eventuality in any meaningful way.
Which is why most people when faced with the prospect of insane security will just choose to layer two simpler methods together instead, such as basic old 2FA via SMS or FIDO. These technically reduce security barrier of entry but allow the portions of the implementation to live further apart from each other, which for most people, is enough.
Also, if your work didn't issue you a secure PC and trusted 2FA hardware, then allows you to have privileged information like email on your home laptop, that's entirely bad policy on their part.
Ease of committing a crime is surely a factor in probability of that crime occurring.
Far more people are willing to look over a shoulder for someone’s phone PIN or slip them a roofie to get access to bank account apps and transfer money than they are to confront them while conscious and threaten them to give them their money.
(Hence the advice to keep access information to only nominal amounts of wealth in phones).
The other factor is turning a profit. You have a brick, you can sell it for parts through China and get a few cents. You have a fully functioning phone/laptop, you can sell it for a lot. If everyone had Find My on then stealing Apple hardware would be pointless. It's the orthodoxy geeks who turn it off to feel like they "own" their hardware that make it a chance play & worth a shot for the criminals & hurt normies.
This is called robbery, theft means no confrontation.
If possession of a laptop allowed that sort of access, the thief could just unlink the device from apple id.
Passwords and drive encryption protect data. Remote bricking supposedly decreases the resale value of the laptop hardware, which supposedly makes people steal them less.
Which achieves the goal (not have laptop with this important info stolen).
I expected loved ones to be excluded from the definition of property in this context, being a discussion about theft and not more violent things like kidnapping.
I do not know everyone’s intentions, I just know what my loss potential is. I do not keep many paper records, so getting into my digital files will give up all of my information as well as TOTP and SMS 2FA codes that serve as proof of my identity.
Once someone can prove they are me, then it is an uphill battle for me to prove someone else was being me, and even doing that does not always help.
You need only look at cellular carriers and the rampant social engineering going on that gets people's cell numbers (and thus SMS messages) diverted to understand that you can't give people an inch here or the entire system falls apart. The system must be designed around human factors like customer service agents being yelled at by a scammer pretending to be the legitimate owner.
By definition making a system even somewhat secure against social engineering and the like means it is less forgiving of mistakes.
And once again I must keep reminding people that "Find My" is an opt-in feature that you are not required to use.
Isn’t that the bad part about this story? That someone with your laptop can reset it if you’ve not used ‘find my’?
Having a phone stolen is a massive inconvenience, and it used to happen on large scale.
The main way to reduce the risk of that (which actually works) is by targeting the motivation of the thieves by making the stolen device nearly worthless for resale or reuse - i.e. literally making both the device and its parts unusable even for a semi-skilled operator of a pawn shop buying large quantities of stolen phones.
It's not that my specific information is so worth protecting, but that there is a social benefit as if everyone's phones are nearly worthless to steal, then the thefts go way down.
There are two kinds of people in the world; people who believe "anti-theft" is a reasonable justification for this, and people who believe that this is just another tired "trade freedom for security" argument.
You'll rarely convince either side to change their mind on this. Its an issue that pokes at a really deep element of personal philosophy.
Here's my argument from the opposite side to try, however: Asking about how you can retain the anti-theft capability isn't relevant to the discussion, because sacrificing freedom for that, especially to the degree Apple does, is not worth any trade-off. This is the same right to repair issue that HackerNews, generally, derides John Deere for; the main difference, beyond Apple's psy-op level marketing, is that Apple hasn't pushed exploitation of this control as hard. But: They absolutely, undeniably do exploit many of the people within their system of control, not just indirectly ("the control is exploitation" is kind of a dumb argument), but very directly, between extremely high upfront costs, high repair fees, cryptographically refusing to allow third party parts, etc. Additionally: their self-control in pushing further exploitation is almost definitely a product of market success, because in the mega-capitalist system Apple lives in benevolence may be the result of culture or leadership, but it is allowed by market success, and denied during market failure.
A lot of that boils down to the original thesis; very fundamental personal philosophy. I don't believe, personally, that it is ethical for individuals or companies to do something unethical (non-negotiably asserting significant control over physical goods they sell) because it enables something ethical (reducing incidents of theft).
That might be controversial, which is fine. I think a point of that which is likely even more controversial is the argument that even asserting control over devices in isolation is unethical. I hope it isn't controversial, but I feel like it might be simply given the way the world is turning. That's a different topic of discussion; but in short, I think there's a strong argument that restricting freedom to independently modify and repair physical goods you purchase is a form of classism. Additionally, to turn the dial to 11 on this, that this assertion of central control has a very real, negative impact on national security.
It's only controversial because it goes against their narrative of wanting to do away with private ownership completely (and wanting you to be happy about it.) I've seen it called "digital feudalism" here.
I think the "getting rid of private ownership" thing is a red herring. I don't think its accurate to say that most people hold it as some kind of deep personal philosophy; not to the "renting is sometimes convenient and good" degree, but the "ownership is bad and should be discouraged" degree. Obviously there exists people with communist ideology, which while I disagree with feels at least defensible; but we're not talking about Land and Inventions, we're talking about, you know, bricks of Smart Metal in our bags.
That differentiation is important, because it reveals the main reason why Apple is successful, and why they don't get market pushback: Most people just don't care. There's a good chunk of radicalization on the side of Freedom, there's very little radicalization on the other side, mostly just people who haven't thought about it enough, and then there's the vast majority in the middle who just don't care.
I take comfort in that reality, because it indicates to me that this will probably change. We're seeing right to repair gain steam in US legislature. It takes time to develop shared language and understanding on why this is important, and why it matters, with those people in the center, many in positions of power.
Most people don't care for a simple reason: As long as these things are not in their way, they certainly don't care. That changes as soon as such stuff presents obstacles, which can start simply by such tech causing issues for the legal owners of such products.
This is why this whole issue causes more trouble with John Deere: It is in the way of what people do.
A dictatorship can work out nicely as long as it doesn't stand in the way of the people.
If you don't care about the "anti-theft" capabilities, simply don't turn on activation lock.
This story is about somebody who did exactly that, and then discovered they suddenly cared about theft when their device was stolen.
Pick a lane.
There apparently ARE no "anti-theft" capabilities. Look at this:
"They explained to me that the MacBook was wiped in the middle of August (after I had lost it) and then reported lost by a newly created iCloud account"
How can an unauthorized user suddenly claim ownership of a wiped computer and then "report it lost?" Why does Apple accept a loss report from someone who is not the owner of the computer? If this is actually what happened, there's no excuse for that glaring stupidity.
Because the person in the article left their laptop unregistered and unlocked on purpose. When it was stolen, the thief was able to register it as though it were brand new (which it basically was).
Nope. From the article: "While the person didn’t reset it themselves, they did take it to a shop, and asked them to unlock it. The shop didn’t unlock it, however, they did reset it."
So it WAS "locked." I don't know what you mean by "unregistered," either.
Presumably the computer had a password set. This makes it non-trivial for an unsophisticated thief to unlock it, but there is a documented procedure to do so if you know how to look it up: https://support.apple.com/en-us/102673
A private key that is given to you upon purchase and that you can store in your password manager.
As opposed to your AppleID password, that you pick yourself, and that you can store in your password manager?
You shouldn't have to need an appleid in the first place, as an account can be terminated/revoked any time by the company holding it.
you could have a hardware dongle that you initialize when you activate your phone/laptop. It can be stored at home or in a safe. Then that dongle can unlock the device completely at any time.
Instead, the keys are stored by apple and never returned to you.
Ship the keys with the device on a sheet of paper. Generate them on first boot, display them and strongly encourage users to print and save them. Provide keys to the user on request after a reasonable identity verification. Have the user provide an emergency fallback password on device registration. Hire a skywriter to draw random characters and give the user a particular time to start and stop recording. Mail a hardcopy of the keys to the user. Encode the keys as a subliminal message that your device plays to you in Steve Jobs' voice while you sleep.
Really, literally any other option than "never give the user keys".
FileVault ALREADY gives you the option of creating a backup code to print out and save.
AppleID ALREADY gives you numerous methods of recovering lost passwords, if you remember to set them up in advance.
I have a private key, not on the device, that matches a public key on the device. The device will not perform certain significant operations without a signature from my private key.
C'mon people, this is not rocket science.
[Puts on my best suit and "Elder Microtherion" badge]
Howdy stranger! Have you heard the good news about "FileVault Recovery Keys" ?
https://support.apple.com/guide/mac-help/protect-data-on-you...
First, this is a self-imposed problem; spread crime (theft) won't be solved by reducing the access.
Next, I could have an encrypted drive and a key stored in a key stored in a bank, or an USB storage, or print, or whatever. As a matter of fact, I do have such laptop.
And last - car thievery is still a thing in the EU, even though registering a stolen car is exceeding hard - they are either sold for parts... or exported to Russian (not so much recently for obvious reasons). Of course, Apple comes and tells that only they can repair the laptops/phones/etc. b/c of thievery and serialized parts.
If Apple didn't actively block supply of spare parts, this wouldn't be as attractive as it would have been much cheaper to buy parts from the manufacturer than steal phones, ship them overseas and get (most likely) forced labourers to strip them for parts and ship back.
It Apple's corporate greed that fuels that and government corruption that allows it.
I equate this to owning a car, but giving the master keys to a third-party that doesn't have your best interest at heart, with the ability to lock the owner out of the car simply because his keys were taken.
Any anti-theft method needs to give complete and full control to the owner of the device so this kind of bullshit doesn't happen.
The fact that Apple doesn't provide a mechanism for the owner to gain full and complete control of his device at any given moment has more to do with Apple wanting to control their technology for ulterior motives.
We live in an age where corporations want to take away ownership, and we're letting it happen because we're stupid enough to think that they have our back.
You could encrypt your boot partition as well as the others. ahem... A "friend" of mine does this and he sure looks silly decrypting the laptop 2 times upon turning it on!
Of course, this approach only solves the biggest problem when your device is stolen (your data won't be easily accessible, if at all really). But I wager this friend of mine recognises that as the only thing that has any actual value in there. There are ton of devices out there.
Apple can afford to pay smart people to think for days for a solution. The solutions we will give here after 1 minute of thinking will not be optimum.
The better solution is to not have "anti-theft" nonsense to begin with. They invariably involve giving up the keys to the machine to the trillion dollar corporation. It's not our computers anymore, it's the corporation's and they're merely allowing us to use them. This "anti-theft" stuff is really just DRM disguised as a feature.
Include the unlock key in the box the device was sold in, and in Apple's database. Tech-savvy users can, possessing the key, change it. Tech-unsavvy users can behave the same as they have now, even if they lost the key, as long as they didn't change it. So long as they don't carry the key with the device, all the anti-theft remains.
The freedom-respecting solution is literally trivial. The only reason it is not implemented is because Apple likes owning your devices.
Allow the owner to neuter anti theft if he wants? Make it trapdoor opt out?
I see this argument made all the time. Is there literally any other product for which this is seen as an acceptable "anti-theft" feature? Imagine if we did that to cars.
a: Trivial. User controls the keys, the service only controls the service.
b: Irrelevant. There is a value to the consumer, but it is not worth the cost. There are countless possible conveniences that could be made possible if you were just willing to let someone else have essentially power of attorney over your life.
c: Even if you want to say that there is a technical limitation making a: impossible, and you have a different opinion on b:, the laptop WAS ultimately unbricked, which means all arguments and excuses that were given up to that point to justify not unbricking were proven demostrably false.
I don't just mean they always had the physical ability, I mean the fact that they were ever eventually willing, proves that all along the necessary information existed to allow them to. If there are supposedly two facts: "We can't know it's really you." plus "For integrity and principle reasons, we can't do it if we can't know it's really you.", then even Tim Cook should not have done it no matter the publicity pressure. Tim Cook should have made it a big promotional selling point plastered on those big Apple billboards in NYC how they refused to do the wrong thing even in the face of massive public pressure. Instead, they did it, which means they could have done it in the first place, not just physically but logically.
It proves that they chose not to for reasons which are valuable to Apple and NOT to the user. Another aspect of b: value not worth the cost. Cost being being at someone else's mercy who you have no leverage over.
One of many issues solved by blockchain technologies. You can completely cut out the middleman and get access to your data.
How does blockchain solve this problem?
You still have to rely on a middleman (the blockchain), which I believe isn’t infallible either (human input error, adversarial attacks, phishing, social engineering, network availability, etc)
Looking at the grandparent’s post history, I’m pretty sure they’re either a parody account or a troll.
Yes, of course! Blockchain COMPLETELY solves the problem of losing your keys or having them stolen
https://www.cbsnews.com/news/hard-drive-lost-bitcoin-landfil...
Was it necessary to say “wealthy”? That doesn’t seem relevant, but rather incidental.
Their wealth is a core reason for their indifference, so I'd argue yes, it was necessary.
This here is the misunderstanding. It's simply not possible for you to own Apple's computers.
Yeah laptops are going the same way as content "No you're not buying a book/movie, just a license to use it". It's a bit depressing.
The person is praising Activation Lock and criticizing the fact you can skip setting it up. Yet you want to turn it into a claim Activation Lock is a bad thing.
Nothing more than the typical ‘hurr durr Apple bad’ commenting common on this site. Dull, pointless, not interesting.
Nobody owns even their hardware anymore.
This.
Any other reply is going to be apologetic rambling.
No, this is an entirely self-inflicted problem by the user.
It's 2023. Everybody knows about the telemetry, the unserviceable hardware, the "fuck you" style bug reporting and customer service, and of course the fact that you no longer own your own machine.
Anybody buying Apple (and to a large extend Microsoft) at this point, knowing they have no intention of letting you have access to your own device, also knowing that there are superior open-source options, deserves precisely what they get.