Another reason to hate #Apple We're seeing more 2018+ MacBook Pro/Air donations — but Apple's T2 chip means even after iCloud sign-out and reset, the firmware stays locked to the original account.
-
@LoneLocust @codemonkeymike yeah I’m calling BS on this. I have reset countless Macs, and while it’s true that Activation Lock is a pain, it’s completely false that it’s forever tied to an Apple account. If they remove it properly, the account association is gone completely.
It can be tricky to remove it properly because sometimes you think you removed it just for it to reappear later, but it’s absolutely doable.
@can I’m not doubting that there’s a problem of locked machines downwind in the second hand market — people do die without providing their passwords, so there are machines that “died” with their owner, and that is a waste.
I’m just trying to understand in what circumstances Apple has the power to do anything about it, if any.
-
Another reason to hate #Apple We're seeing more 2018+ MacBook Pro/Air donations — but Apple's T2 chip means even after iCloud sign-out and reset, the firmware stays locked to the original account.
Without donor contact, these machines are useless.
I've upcycled ~1,000 older Macs, but T2 era machines will end that. It's controlling, creates e-waste, and will only get worse. #righttorepair matters — Apple couldn't care less.
I'm not an apple user so I wonder, is that a result of the original user not removing their account correctly or is this is a matter of "once the owner, forever the owner"?
-
Another reason to hate #Apple We're seeing more 2018+ MacBook Pro/Air donations — but Apple's T2 chip means even after iCloud sign-out and reset, the firmware stays locked to the original account.
Without donor contact, these machines are useless.
I've upcycled ~1,000 older Macs, but T2 era machines will end that. It's controlling, creates e-waste, and will only get worse. #righttorepair matters — Apple couldn't care less.
@codemonkeymike Contact Apple. Ask for the Enterprise Support Team to look into this. You will have to have some sort of proof about what your organisation does; how you normally obtain the machines. It's likely a "device to device" decision since the devices are locked by the (ex)owner. However, in certain cases Apple may be able to help. (Note: if these used to be for example university DEP enrolled machines, Apple likely can not do anything)
-
@can I’m not doubting that there’s a problem of locked machines downwind in the second hand market — people do die without providing their passwords, so there are machines that “died” with their owner, and that is a waste.
I’m just trying to understand in what circumstances Apple has the power to do anything about it, if any.
@LoneLocust Apple can unlock these Macs, and there’s a process to do it. But you need an invoice with the serial number that states that you are the owner of the device. Obviously the rules there are very strict, otherwise every thief would just fake an invoice and get the Mac unlocked, at which point why even bother with the lock.
The process works well for people with an original invoice from an Apple reseller (I’ve done it many times myself), but you probably won’t get anywhere as soon as the Mac has changed owners once.
Personally, I think it’s a good compromise. The fact that it’s almost impossible for thieves to unlock Macs is a huge win, and *if* people properly dispose of the Macs, reselling/recycling works still.
-
Another reason to hate #Apple We're seeing more 2018+ MacBook Pro/Air donations — but Apple's T2 chip means even after iCloud sign-out and reset, the firmware stays locked to the original account.
Without donor contact, these machines are useless.
I've upcycled ~1,000 older Macs, but T2 era machines will end that. It's controlling, creates e-waste, and will only get worse. #righttorepair matters — Apple couldn't care less.
@codemonkeymike I am not a lawyer, but I am under the impression that the upcoming Circular Economy Act in the EU will prevent manufacturers from pulling off shit like this.
-
@coldclimate it really hurts every one of my brain cells. How could they not have thought about this?
@codemonkeymike @coldclimate I'm one hundred percent sure they DID think of this
-
Another reason to hate #Apple We're seeing more 2018+ MacBook Pro/Air donations — but Apple's T2 chip means even after iCloud sign-out and reset, the firmware stays locked to the original account.
Without donor contact, these machines are useless.
I've upcycled ~1,000 older Macs, but T2 era machines will end that. It's controlling, creates e-waste, and will only get worse. #righttorepair matters — Apple couldn't care less.
@codemonkeymike right there.
I am never (unless they change radically) going to purchase an Apple product.
I will not willingly support this sort of shit. They can have the fastest laptop CPUs with the best battery life, etc. And they can keep it for all i care. I'll not support that sort of practice.
-
@codemonkeymike I had someone give me a used iPad last year and they hadn't reset it and the absolute nightmare I had getting it to work.
They wound up having to trust me with their username and password to log into their account so I could physically deal with it on the device.
Absolute fucking bullshit.
@retrosponge @codemonkeymike I tried to take over an old iPad my mom had forgotten the PIN to. I have to have a Mac to reset it and then I have to repeat it again one week later. Trash.
-
Another reason to hate #Apple We're seeing more 2018+ MacBook Pro/Air donations — but Apple's T2 chip means even after iCloud sign-out and reset, the firmware stays locked to the original account.
Without donor contact, these machines are useless.
I've upcycled ~1,000 older Macs, but T2 era machines will end that. It's controlling, creates e-waste, and will only get worse. #righttorepair matters — Apple couldn't care less.
@codemonkeymike do you have any more info on the internal workings of these restrictions? Because the T2 chip has known vulnerabilities in both SecureROM and SEPROM...
-
Another reason to hate #Apple We're seeing more 2018+ MacBook Pro/Air donations — but Apple's T2 chip means even after iCloud sign-out and reset, the firmware stays locked to the original account.
Without donor contact, these machines are useless.
I've upcycled ~1,000 older Macs, but T2 era machines will end that. It's controlling, creates e-waste, and will only get worse. #righttorepair matters — Apple couldn't care less.
@codemonkeymike incredible
! MacOS is and always being a trending OS - or almost the cool expensive solution to Windows - pretty nice to be able to use Linux on whatever you want; looking forward to alternative to Android too 
-
Another reason to hate #Apple We're seeing more 2018+ MacBook Pro/Air donations — but Apple's T2 chip means even after iCloud sign-out and reset, the firmware stays locked to the original account.
Without donor contact, these machines are useless.
I've upcycled ~1,000 older Macs, but T2 era machines will end that. It's controlling, creates e-waste, and will only get worse. #righttorepair matters — Apple couldn't care less.
@codemonkeymike I assume you've already tried a bunch of things, I guess that iFixit's solution of desoldering/resoldering isn't feasable?
And have you considered using e.g. https://checkm8.info/mac-activation-lock-bypass? -
@maverick604 @codemonkeymike @bigzaphod and I think you really don't understand what your planet is and why Appel sucks on all levels. They just want to keep your datas in their datacenters.
@Mindiell @maverick604 @codemonkeymike @bigzaphod In fact, @maverick604 is absolutely right. Apple absolutely doesn't prevent the reuse of devices, you just have to reset the device before handing it over to a new owner. It is as easy as going into Settings > Reset > Follow guide.
Also, most Macbooks lasts longer than the average laptop, so their first owners benefit from their computer longer.
-
Another reason to hate #Apple We're seeing more 2018+ MacBook Pro/Air donations — but Apple's T2 chip means even after iCloud sign-out and reset, the firmware stays locked to the original account.
Without donor contact, these machines are useless.
I've upcycled ~1,000 older Macs, but T2 era machines will end that. It's controlling, creates e-waste, and will only get worse. #righttorepair matters — Apple couldn't care less.
@codemonkeymike are they Intel based? Because there is a solution for that: https://checkm8.info/mac-activation-lock-bypass
-
R relay@relay.infosec.exchange shared this topic
-
Another reason to hate #Apple We're seeing more 2018+ MacBook Pro/Air donations — but Apple's T2 chip means even after iCloud sign-out and reset, the firmware stays locked to the original account.
Without donor contact, these machines are useless.
I've upcycled ~1,000 older Macs, but T2 era machines will end that. It's controlling, creates e-waste, and will only get worse. #righttorepair matters — Apple couldn't care less.
@codemonkeymike This is why I have never and will never own an Apple product. I've never seen another company with so much contempt for their own customers.
-
Another reason to hate #Apple We're seeing more 2018+ MacBook Pro/Air donations — but Apple's T2 chip means even after iCloud sign-out and reset, the firmware stays locked to the original account.
Without donor contact, these machines are useless.
I've upcycled ~1,000 older Macs, but T2 era machines will end that. It's controlling, creates e-waste, and will only get worse. #righttorepair matters — Apple couldn't care less.
@codemonkeymike Slightly different thing, but gawsh I recently had to look into Apple's repair system as I unfortunately dropped my MBP at our hackerspace and smashed the screen
I paid something like 600eur for the machine 2nd hand, Apple quoted 999eur for a replacement screen. Ha-ha...Also ofc there's a chip preventing from simply switching a screen from another unit, so even with the 450eur screens from eBay it's just not worth it just in case I'd mess it up soldering.
It's now a desktop.
-
Another reason to hate #Apple We're seeing more 2018+ MacBook Pro/Air donations — but Apple's T2 chip means even after iCloud sign-out and reset, the firmware stays locked to the original account.
Without donor contact, these machines are useless.
I've upcycled ~1,000 older Macs, but T2 era machines will end that. It's controlling, creates e-waste, and will only get worse. #righttorepair matters — Apple couldn't care less.
@codemonkeymike
So you are blaming Apple for their stupid client? -
@codemonkeymike @coldclimate Keep in mind how proud they were of resisting government attempts to access devices and saying that they would design them so that Apple would have no ability to unlock them for governments.
@HitokiriEric @codemonkeymike @coldclimate But unlocking them to provide access to stored data is completely different than unlocking it so that it is wiped clean, fresh, and shiny for somebody else to use.
-
@jokeyrhyme@aus.social @codemonkeymike@fosstodon.org
It does ask that but users generally don't read properly and just click on Continue... -
@nicolas17 @yama @codemonkeymike @paulywill this, most modern machines use NVRAM for variable store. You can't reset it by just yoinking the power.
Not sure how it's done on T2-based x86 (assuming T2 acts as ROT), x86 itself isn't fused so firmware isn't tamper-protected but it could be done by T2 (from what I remember, T2 emulates SPI to the x86 host and actual x86 UEFI lives in dedicated portion of an "SSD".
T2 should be vulnerable to checkra1n though, so it should be possible to fool the ROT and at least modify NVRAM variables to change security policy but it would require some research.@elly @codemonkeymike @paulywill @nicolas17 @yama I strongly think there is some workarround to get NVRAM reset and fuck with the UEFI to work arround T2 but I sadly can't say more on this. Wiping the compleat disk including the UEFI could be a first step to figure out more i guess a sperate device from china is not needed acutually.
-
I'm not an apple user so I wonder, is that a result of the original user not removing their account correctly or is this is a matter of "once the owner, forever the owner"?
@ABT554 @codemonkeymike The owner needed to retrace their steps of enabling a firmware password to remove it, which is specific to the two final years of Intel Macs; models since 2020 simply do the same reset as iPhones.
This is an anti-theft measure, not an evil megacorp move.
