Sounds awesome to me. Working as intended. When I used to travel, I'd have to take a backup phone and laptop with me that I'd leave in a travel safe, the hotel safe, or a hotel lockbox at the front desk so I could be assured I wouldn't be out of commission for work / digital life if someone stole my laptop and phone while I was mobile. Now, I basically don't have to worry beyond taking standard opsec precautions, because Apple devices are ignored by thieves.
Any legitimate reseller would not have an issue because the original owner which sold the laptop to them would have wiped the device and removed the activation lock. The fact stolen goods end up as scrap and have no useful value beyond scrap value is not only okay with me, I think it's a net positive for society and one of the best things Apple has done for their customers and the world.
Sounds like you didn't fully read the article. Nothing is said about stolen property.
> Responsible recyclers and refurbishers wipe the data from used devices before selling them on. In these cases, the data is wiped, but cannot be assigned to a new user, making them effectively worthless. Instead of finding these machines a second home, Bumstead and others are dismantling them and selling the parts. These computers often end up at recycling centers after corporations go out of business or buy all new machines.
Apple has an easy path to reset an Apple Silicon device by the original owner so it can be sold and used by another. I know because I've done it. But if it is stolen, game over.
Yeah, extra work for overworked IT departments. I'm sure they'll be happy to add extra work they dont have to do.
Ive worked with second hand devices for a long time. Ive had many come through that have activation/MDM/etc locks and have tried calling the IT dept they came from and all but about one time they pretty much just laughed at me or just played dumb about it entirely. Apple and other vendors were no help in this as they just tell you to contact the original owner.
The only actual step is to click "Erase All Content and Settings", aka. wipe the machine, which is what every sane IT department should do when decommissioning a device. Assuming they're using any kind of MDM solution, they can do it with one click through their MDM.
The IT department has no idea what kind of password that user was using, and they have no idea what kind of valuable data is on that machine. If that user's password was just "password" (or sticky-noted next to the trackpad), that IT department is going to get in serious trouble once all that proprietary data ends up in the wrong hands, if they didn't wipe the machine before handing it off to a third party.
If wiping the machine before getting rid of it is "extra work", then that IT department isn't doing their jobs to begin with. I'm certain such IT departments exist, but that's not enough of a reason to make theft easier.
That is not enough. You have to remove the device from your iCloud account too.
Source: just wiped and sent back a MacBook Air to my old workspace. My colleague finished the macOS setup and logged in with their iCloud account. After resetting it again (to re-do the setup in the way they wanted) it was locked to my account. So not even installing macOS and logging in to iCloud will bind the machine to you.
Imagine doing that with a machine you bought second hand and the original owner can’t be reached anymore.
No, that button is enough. That button did not exist on older versions, so you definitely did not click it if it did not work. If you're running the version of macOS that was released over a year ago (Monterey) or running Ventura (released more recently), then the button will exist.
"Activation Lock is disabled when you use the Erase All Content and Settings feature."
Apple confirms that the feature works exactly as I said and exactly as users expect. I've used it myself, and it does work.
Users running software that is several major versions out of date will have a more difficult experience, since that button did not exist, and they would have to first remove Activation Lock before going into Recovery Mode to manually format the Mac. Those are the remaining steps that were linked several comments up from here: https://news.ycombinator.com/item?id=34505523
Apple has made the process as easy as it possible can be now, identical to the process used to factory reset an iPhone.
Well, apparently it’s possible to “hold it wrong” then.
I’d argue if you can wipe it (which requires your iCloud account approval), install it as someone else, login with that new iCloud account, then reset it and it suddenly reverts back to the previous owner, something is wrong or very unintuitive.
The problem on Mac it seems is that there are two official ways to do it. One proper way (the “Erase All Content and Settings”) and one other way (the way we did it, boot into recovery and format it, then go through setup with another iCloud account which apparently just temporarily lets another user use the machine). On iPhone there is no user accessible recovery mode so that can’t happen there.
>and one other way (the way we did it, boot into recovery and format it, then go through setup with another iCloud account which apparently just temporarily lets another user use the machine).
If you go through recovery, you can delete the content, but when you go to reinstall, you will be prompted for the credentials for the user tied to it.
Meaning, you can delete, but you can't reinstall without being prompted for authorization by the account that currently 'owns' that computer.
Going into macOS Recovery is not an official way to transfer ownership. It can be used to reinstall the OS or delete the data volume on the disk. But it does not change anything on the hardware security chip, which is what Activation Lock uses.
I've worked with some of these responsible recyclers before. Everyone knows the deal.
If you want IT asset disposition, it'll nominally cost you -- for pickup and processing, and optional value-adds like secure data destruction certificates. If the assets have remarket value, that can begin to subsidize the cost, easily zeroing it out, or even returning profit to the IT department. Recyclers are happy to pay IT departments to pick up their old Apple equipment -- and they know to ask ahead of time, "are these activation locked?"
These recyclers often have vertical integration on the refurbishing side, running an Amazon eCommerce department so they can directly capture that remarket value. And once they've got that going, their bottleneck to growth is how much material they can bring in -- which is never enough.
So the recyclers and refurbishers invariably need to buy material from other recyclers. There's an entire economy around selling pallet-fulls of used, minimally-inspected or completely "as is", Apple and PC equipment. Specialized invite-only communities exist for selling this material in bulk, with lots of overseas actors in on the game. Every R2 recycler is involved here, along with lots of actors from India and China in particular.
Having seen inside that sausage factory, fraud and theft is a legitimate problem. There's more than a fair share of "don't ask questions". More than a fair share of "yup we're definitely R2 certified, winkwink". More than a fair share of wining and dining the R2 auditors to get that certificate under the table in the first place.
I'm gonna go with the GP comment here -- the system is working as intended. Industrialized theft of this sort is much more eminently solvable through technological means than through overstretched law enforcement, especially when a non-negligible amount of material comes from overseas.
It's on the IT departments to figure out if they have enough time to activation-unlock their assets before disposition. Do they want to pay the recycler to pick up all that material, or do they want to sell the material and pad their budget?
A quick look at the Jamf documentation suggests it's pretty easy to mass unlock these devices, so I'm not buying that it's that much of a strain.
>Yeah, extra work for overworked IT departments. I'm sure they'll be happy to add extra work they dont have to do.
But at the benefit of less-burdened security teams, and greatly enhanced peace of mind for users and info-sensitive organizations? You can argue it's taking something highly risky like security and shifting those man hours to something not as threatening.
> With new apple machines there is no possibility of this.
It isn't necessary to destroy the physical media anymore, so that reduction in e-waste is fine with me. Just properly erase the device by clicking the button in settings.
But security is about more than what you do at the end of a machine’s ownership, it’s all the things you have to consider while the machine is out in the world with very sensitive information on it. And now those security departments have much less to worry about because of this security architecture in the chip.
As the sibling commenter points out, this should also result in less waste as those drives do not need to be destroyed if the device is properly unlocked.
What information would be recoverable without the storage device? ROM dumps? I doubt the majority of these computers are running any super secret firmware and if they are I assume there would be extra precautions taken when its EoL.
I'm talking about machines in active use that are out in the world, with their owners -- security teams have much less to worry about than they used to, as the modern Apple security architecture takes much of the burden off them.
And there is a perfectly secure way of having FileVault always on by default, and by rotating the keys, you are effectively "destroying" all the data on them anyway, with the bonus of not physically harming anything.
Unless, cryptography itself is broken... which would bring much wider-scale problems than destroying information on old drives anyway.
I rather IT is forced to properly reset laptops even if takes longer because there has been too many incidents of data leaks when IT doesn't take time to properly remove data before donating laptops.
Hardware lifecycle process may vary but it still needs to be accounted for.
The activation lock removal is hardly an obscure hack, this is a process failure. Good on Apple for making these machines take their secrets to the grave.
For IT departments there is a way to request a reset from apple if you have apple enterprise support and can prove that the device is yours. It has to be in DEP or you have to send them an invoice.
Hmm, I've seen recyclers with stacks of these machines (including new M1 Max's) that they say they have to throw out because they can't do this. I wonder if you are missing something.
We're not missing something, the recyclers are. The original owner just has to use their Apple ID to disassociate the device. The problem is, that step isn't happening, and the juggling of devices from reseller to reseller results in the original "owner" becoming lost.
Juggling of devices from reseller to reseller sounds like laundering stolen goods to me.
If it’s a legitimate sale, the original recycler will require the seller to wipe/unlock the device or they will only give a steeply discounted price. If the seller is going to get hundreds/thousands less by not wiping the device, they will do it.
Thus, the only problem for recyclers is recycling stolen laptops.
If the IT staff have been laid off already, there is no one left to wipe the devices. You can't really expect the bankruptcy administrators to know this (yet).
If the problem is the "throwing out" part, they can just give it to Apple for recycling. Then it won’t be e-waste anymore. Or to the police and let them deal with it.
If the problem is the financial part, just go back to the person they bought it and get the money back.
If they're taking a risk and buying it legally from, for example, a police auction, or from someone who "might have forgotten to contact the owner": it's a risk.
If it was acquired illegally, I can't say they deserve a solution to their problem.
Nobody is entitled to get money in exchange for potentially stolen goods or items acquired without due diligence.
I'm not sure I understand your comment here? Are you referring to the end of your MacBooks' life, or the beginning? It's somewhat ambiguous.
Assuming you are referring to end of life process:
Apple's kit sold as refurb is done from their incoming returns — faulty, or otherwise unwanted, systems.
Everything sent to them as a trade-in isn't handled by Apple at all: it's contracted out to third-party companies. (This likely applies to their recycling programme also, but I've not looked into it)
At least: these things certainly used to be the case — and there have been a whole bunch of articles online that support this, over the years. I would love to see evidence to the contrary if things have changed?
— But like I said: I'm not sure I understand your comment, so maybe my points here are irrelevant.
I'm glad they have that process outlined, but dang if it couldn't use a little streamlining. Individually sign out of iTunes(step 4), and iCloud(5), and iMessage(6)? They couldn't add something to the OS that does all three for you? And the later steps (erasing disk[8], reinstalling MacOS[8], and resetting NVRAM[9]) don't somehow already break those sessions?
If you're using macOS Monterey or later on a Mac with Apple silicon or a Mac with the Apple T2 Security Chip, use Erase All Content and Settings instead of the remaining steps in this article. For any other Mac or macOS, continue to step 3.
Most of these steps don't affect activation lock - removing activation lock is as simple as disabling Find My, which can also be done by signing out of iCloud. Removing from iCloud.com (Find My) is also sufficient.
Nothing else is needed to disable activation lock.
No, if you reinstall macos without removing the machine from your apple account it will lock down just like a factory reset iPhone and require you to login to the original account.
The article says that some corporations do not care and do not cooperate after unloading the machine to recyclers. (Including schools - which makes a bit more sense, one can assume school computer for pupils does not have any security-critical information, apart from maybe network config etc).
Strangely, if you follow steps 1 and 2 then you miss step 3, which is to back up or transfer your files. Why would the owner of an Apple Silicon machine not want to do this?
> If you're using macOS Monterey or later on a Mac with Apple silicon or a Mac with the Apple T2 Security Chip, use Erase All Content and Settings instead of the remaining steps in this article.
So, it is literally a two step process for any Mac released since the end of 2017, and the first step is just an optional reminder to cancel or transfer your AppleCare coverage if you have any.
So, one real step. Wow, so hard.
> assuming that the seller is even aware
The buyer should make the seller aware of the problem, because it is in the buyer's interest not to end up with scrap.
But, regardless, why would the seller not want to wipe their computer first? The seller will inevitably hit the button mentioned in the help article simply because that's the only obvious way to wipe the computer to anyone who isn't super technical. This is a problem that practically solves itself for devices that aren't stolen.
>> The buyer should make the seller aware of the problem, because it is in the buyer's interest not to end up with scrap.
How does this assume anything about the owner/seller?
It’s entirely on the buyer to make sure they’re getting what they want out of a transaction (as long as the seller is not misrepresenting the product), and activation lock has been a thing for like a decade on Apple devices, so it should be widely known. If they make major purchases without even doing the bare minimum of due diligence, they will have a bad time regardless of activation lock. I’ve seen people buy ancient MacBooks off eBay that can’t run the software they need, simply because they didn’t do the research. That isn’t the seller’s fault.
If the seller is misrepresenting the product as having the activation lock removed when it isn’t, that becomes a legal issue. On platforms like eBay, they will happily side with the buyer and refund them in cases like that. For B2B stuff, that’s why lawyers exist.
it's a single step if you don't have applecare and applecare just makes it harder, because you need to cancel it.
it's just a two button process with big fat red buttons and you need to enter you password.
> Responsible recyclers and refurbishers wipe the data from used devices before selling them on. In these cases, the data is wiped, but cannot be assigned to a new user, making them effectively worthless.
I'm sorry but this is bullshit too.
I have sold my fair share of old Apple devices via so-called "responsible recyclers and refurbishers".
When submitting the form on the website, they all have statements in BIG RED CAPITAL LETTERS saying "please logout from Apple iCloud before sending us your device".
Most of them also have terms and conditions saying they won't pay out and/or will return devices where activation lock is still enabled.
Yes. And what is argued is that they should talk about stolen property. Because if they got the laptops legitimately they should ask the original owners to unlock them. If they can't or won't then something is suspicious. The laptops being stolen is the leading suspicion.
Are we intentionally forgetting the part about how these are recycled machines? Sometimes the business doing the recycling doesnt have direct contact with the owners, often businesses are pawning off months old machines and dont know the last user who had the machine, theres so many scenarios where its not fair to say 'just contact the previous owner' - this grey area just leads to waste, and the only one at fault is Apple
> Sometimes the business doing the recycling doesnt have direct contact with the owners,
Did the owners just push the laptop under the door and run away? At the point where they receive the laptop they can say: "If the laptop is locked it will cost you $X to dispose it here. If it is unlocked we pay you $Y."
Set X and Y appropriately and people who can will unlock them.
No, what we're saying is we only have the business's word on that, and that isn't worth very much. There are tons of shady recyclers who look the other way at laptops that "fell off the back of a truck", and I'm very confident that's what's happening here, and you (and Vice) are falling for it. The bit about multiple thousands of business laptops getting junked is a total ragebait distraction, because any business of that size has MDM enabled. What they're really complaining about is individual laptops whose provenance is unknown, and at best they don't care where they came from, at worst they're active participants in the theft rings.
>Sometimes the business doing the recycling doesnt have direct contact with the owners,
Then how do they know that they're not dealing in stolen goods? If they can't establish a chain of custody to a legitimate owner, then they're being irresponsible.
Properly wiping FMM is, in my experience, beyond most owners, especially of they aren't mainly on mac and thus might no longer have access to apple id they used.
In fact, there was a period of time when depending on latest os version and hw version, the steps changed.
The one time I bought a mac personally, the reseller tried to follow the correct procedure... But they used an outdated one. Contacting previous owner led to threats of litigation for phone call mobbing.
Any Macs made in the past 5 years require exactly one step: clicking "Erase All Content and Settings", which is exactly the button anyone would push when trying to wipe a machine before giving it to someone else.
Things may have been more complicated before that, but Apple has made it as easy as it possibly can be now without telling thieves to just start grabbing every Mac they see.
Not past 5 years - MBP 2018 with Catalina didn't unlock when using that. It's possible that it was a bug, but after previous owner nearly threatened lawsuit for "phone mobbing" (I wasn't the first person trying to call them to remove it from FMM) I kinda gave up. Needed to use the machine right away and broken FMM belonging to locked-out Apple ID didn't stop me from that.
Yes, past 5 years. That’s what the Apple documentation says, since it says it applies to any Mac that was T2 or newer. That doesn’t mean that it would have worked this way 5 years ago. Software improvements with macOS have definitely made the process simpler than it used to be.
"Erase All Content and Settings" did not exist in macOS Catalina. Back then, you had to manually reboot into recovery and reinstall the OS that way, which unfortunately did nothing for Activation Lock, and was a confusingly advanced procedure to expect end users to perform in the first place.
Now, someone just has to go into settings and click that button and macOS will handle everything. It's exactly like wiping an iPhone, including using the same button name. Apple has done what they can to make this as user friendly as it can be now.
Guess this is a good reason for repairers/resellers or buyers to ensure activation status on any Apple device they get their hands on. Easy for repairers/resellers to ensure since they tend to be directly in contact with the company and make it policy. For general buyers, they have to be proactive before making any purchases over an Apple device. As it's easier to contact the seller in question while they are actively selling vs hoping they'll respond post-sale.
The refurbished probably shouldn’t purchase those machines then if it’s a known issue. There’s a tradeoff here, and needing the owner to run a command to reset the machine seems preferable to having them be valuable if stolen
Sure, but in terms of how a non-technical user feels, I suspect that "it's still there, but trust me that nobody can access it" isn't as comforting as it just not being there at all. Thus an incentive exists.
This still sounds great! If thieves know they can't get more than scrap value for a MacBook, they will more likely search out other targets (like PCs) to make their drug money.
Smart recycling centers and refurbished, like Apple, don’t take possession of MacBooks with Activation Lock turned on. Legitimate people can easily turn it off.
> Any legitimate reseller would not have an issue because the original owner which sold the laptop to them would have wiped the device and removed the activation lock.
This is exactly what goes wrong, way too many times. After encountering this issue with various friends and family, with locked iphones, I strongly believe we've gone wrong somewhere. People simply are not aware that their device is protected like this, until it actually hits them, which for way too many people, is simply "never". And in the case they are aware, they don't know how to remove the locks either.
Contacting the previous owner isn't as simple as it may seem, as iphones will typically obscure the owner's name. If the phone has passed any reasonable amount of hands, been locked in a closet for a few years, or was set up with another relative's account, disabling any of these kinds of locks is a losing game, usually ending up in frustration and the purchase of a new device anyway. Now consider what happens when workplaces discard devices en masse.
I completely agree with wanting good protection for my data on my devices, but people should be able to give away and sell these devices without worrying that the device will end up bricked in the process.
>I completely agree with wanting good protection for my data on my devices, but people should be able to give away and sell these devices without worrying that the device will end up bricked in the process.
This is not an acceptable compromise. These devices are the keys to a person’s entire existence, no compromise should be made to offset the user’s ignorance.
This is the same problem as the account security problem. If the original owner did not remove their account from the device, you can't contact them, and you don't have a receipt, you are indistinguishable from someone who stole the device.
It's like buying a car from someone who doesn't have the keys for it or any paperwork. Sure, it's not quite common knowledge like buying a car yet, but it will be eventually.
>It's like buying a car from someone who doesn't have the keys for it or any paperwork. Sure, it's not quite common knowledge like buying a car yet, but it will be eventually.
This is a really good point, but I'd like to counter with the observation that the anti-theft features of cars don't routinely brick products the way Apple does with activation lock.
Newer cars will only work with their official keys. My car is locked and if I lose my two keys, I’d need to go back to the mother company for another key.
However, a car parts are not molded like an Apple laptop. Most of them can be sold for good value.
More waste is awesome to you? Apple making it impossible to recycle their products (genrating more profit for themselves, which is not casual) is awesome?
From TFA, which you clearly did not read:
> Often the previous owners are corporations or schools who buy and sell the machines in bulk and aren't interested in helping recyclers or refurbishers unlock them. "Previous owners do not return phone calls, and large corporations that dump 3000 machines assume they have been destroyed, so it is critical we have a solution that does not depend on the previous owner approving,” Bumstead said. “And after all, we have property rights, so the original owner is not the current owner and does not technically have a right to condemn to death what is no longer their property."
> and large corporations that dump 3000 machines assume they have been destroyed
You clearly did not read, or comprehend, the quote you just pasted in here. This is someone committing fraud against the companies paying them to destroy decommissioned computer systems, something they may be legally obligated to do for compliance reasons. They're trying to make a buck on the backend instead of doing what their customers paid them to do.
I read, and comprehended the article, did you?
From the HN guidelines [1]:
"Please don't comment on whether someone read an article."
> Any legitimate reseller would not have an issue because the original owner which sold the laptop to them would have wiped the device and removed the activation lock.
Clearly didn't read the article. They receive shipments of 1000s from corps, who don't bother to remove the ownership.
> They receive shipments of 1000s from corps, who don't bother to remove the ownership.
They received shipments that the corporations thought were /destroyed/, likely legally required for compliance purposes, and they are participating in a fraud that violates compliance regulations by attempting to recycle rather than destroy these systems. The reason they don't want to contact the corporations to remove the activation lock is because the company doesn't know the systems were not destroyed, which is a quote from the person interviewed, in the fine article, which I read and clearly comprehended more than you.
This is a business participating in fraud and assisting people who steal electronics and they are upset that their business model has been disrupted. Good. Fuck them.
Also from the HN guidelines [1]: "Please don't comment on whether someone read an article."
This doesn’t match my own experience. iPhones have had a similar activation lock for MUCH longer, and are still frequently stolen. My understanding is they just get chopped up for parts and resold. I doubt most thieves are able to id which macbooks have activation locks and at this point MOST of them in the wild still don’t.
I suspect this is why Apple has been moving to ID check parts against the main board. Makes the parts worth less. Personally I'd like to see them better tied in to your Apple ID so a new phone will completely refuse to use my phone camera module or display unless I have unlinked the phone from my account. If I mark the device as stolen it should just permanently prevent these parts from being used.
Anecdotally, sometimes in my hometown I find dumps of bags from car thieves. I go through them and try to return the remnants to their respective owners. The thieves passed up things like a $5k engagement ring in a cloth bag and a startup founder's personal notes on proprietary technology just because they were not recognizable within 2 seconds as having value. Meanwhile, every single Apple device was gone. It was kinda 50/50 regarding Android phones, but laptops (especially corporately-allocated ones) are also always taken.
So if this really is such a dealbreaker, the thieves haven't noticed yet. Which means their fences haven't noticed yet. Which means their customers haven't noticed yet. Which means what you said is probably wrong, and probably there are ways around the activation lock that the authors of the article have somehow missed out on, or perhaps they're being sold/disassembled for parts.
Locked iphones are easy to resell for their parts but you get pennies on the dollars. Last time I checked (long time ago), you could get the latest gen top tier model in perfect condition on ebay for less than 100$ with a blacklisted IMEI (they work but can't use cell network). For a fully locked phone, I doubt the thief would get more than 10% of the original value. They might not throw it in the trash, but they also won't go out of their way to try to steal the one you have in your pocket.
They get less money for them, but they still get scrap value. The fences definitely notice, they ship them in containers off to where they can be disassembled, so maybe you get $5-10 for that laptop, but hey, that is still some amount of fentanyl.
By making the fence value of the products less, however, it definitely creates a disincentive to work hard to steal a laptop. If it is easy, ya, its gone, but otherwise, their are much better ways to earn those five bucks.
The scrap part is the worst of this. Nice single use laptops on 3 year turnover cycles? No thanks. Unless Apple is responsible for turning the left overs into usable objects and not diverted to e-waste.
In the article they outline a pretty decent way to overcome this through apple themselves which I'd be much happier with.
It's also a remarkably effective e-waste creation program. But I don't see the sense in creating more (probably poorly controlled) e-waste as a solution to this problem.
A safe has a pretty extremely effective security feature that prevents the kinds of thievery at the scale of Apple devices: namely, mass. A secondary contribution of course comes from the tendency to be placed deep inside a building.
Apple devices wouldn't sell at all if they tried to implement this kind of security.
I don't think it's working as intended. Like the article states, there should be a path for machines acquired legitimately to be unlocked. The example given is a registered recycler can submit the serial for unlock, then apple attempts to contact the registered owner. If no answer is received within 30 days, the machine is unlocked.
Plenty of companies don't care to unlock these properly before recycling and it's creating excessive waste.
That registered recycler very quickly becomes an Apple sanctioned fence for stolen goods.
E-waste is going to happen regardless and it would be more proper for Apple to have a computer recycling program, which already exists, or to turn the old computers into spare parts for repair.
Eliminating the potential for theft is a massive win. I remember what it was like before activation lock existed and how high of a target iPhones were. As soon as that feature came out the thieves were screwed out of a potential payday. Now we don’t have to worry about our phones being stolen.
This feels similar to backdooring encrypted systems. The upsides are similar: some trusted entity has the ability to act in a supposed best interest - national security in the case of encryption, reducing e-waste in the latter. Unfortunately, the downsides are also similar: it's necessary to put an outsized amount of trust in an entity (government, Apple, or whomever) that not everyone wants to place that trust in.
The backdoor is already there, is it not? According to Apple's support site, you can remove the lock remotely [1], which means they can remove the lock remotely. You're already trusting Apple.
Given that, removing the activation lock after notifying you with a 30/60/whatever day window to respond seems like a reasonable policy to me.
Similar, maybe. You're not backdooring file vault though. Just the ability to resell a machine. Personally, I feel pretty good as long as my data can't be accessed.
> there should be a path for machines acquired legitimately to be unlocked
I think it's perfectly fair for "legitamately acquired" to mean the original owner consented by unlocking the device. The peace of mind and security if you own a T2 device is the way it should be, and if you want to sell it, you just factory reset it, which is a quick process.
That's not the case though, they are finding. A person like you or me might follow the process correctly, but a company going bankrupt or aging out old equipment doesn't care nor have any incentive to properly unlock their machines before shipping to a recycler. Thus contributing to massive waste.
> but a company going bankrupt or aging out old equipment doesn't care nor have any incentive to properly unlock
This is not true. The bankruptcy process attempts to recover as much value from assets as possible, and so creditors and the process should absolutely care to properly unlock in order to extract maximum value.
Similarly, aging out old equipment is still sold to make money, and unlocking should achieve more resale value.
The incentives are absolutely there. And the article does absolutely zero investigation as to where exactly there's a breakdown in incentives or communication, or if it's even a major issue at all. Maybe the process is working 99% of the time.
The user who refused to unlock it before selling and/or the purchaser who did not check that it was unlocked before purchasing are the ones contributing to massive waste here, not Apple.
Unless this is what's happening in the majority of cases I don't think it's fair to focus on it. My hunch is that most of the laptops in that article are either stolen or dumped by users/corps who couldn't be bothered to unlock them.
If you had enabled Find My Mac on a T2 equipped mac, factory reset WON'T unlock the device.
However, since Apple actually had full authority and cryptographic ownership of the chip, they can generate a key given serial number which will reset T2 contents.
Personally, I think the setup should be that you don't have to go to apple for it, but it should immediately wipe device identity and disk encryption then (and the disk should always be encrypted)
> If you had enabled Find My Mac on a T2 equipped mac, factory reset WON'T unlock the device.
I don’t think that’s true, I’ve never had to do that, and this is not a part of Apple’s documented reset process for resale of a machine. If you are the device’s actual owner and you use the simple process Apple outlines, it will reset it for a new owner, period.
At the time I bought, the documented process included "manually disassociate FMM from the device in iCloud settings"... except it wasn't well propagated information and the previous owner and reseller just tried factory reset.
Been there, went with Apple support over it, the only reason I still don't have it unlocked is because I didn't have time or energy to redo the whole setup. Might redo the apple-driven unlock process, but the hw is not worth it really.
EDIT: Apparently the nice simpler procedure that does wipe FMM only arrived in Monterey.
I have physical proof on my hands. It's possible that they fixed it in later version of the OS, but factory reset is what the reseller did with previous owner, and it did not wipe FMM registration, leaving the laptop half-stuck in terms of ownership - I only figured it out trying to register FMM to myself.
Any T2 Mac or newer requires only that button to be pressed, and then click through the wizard to complete the process. If someone is running outdated macOS, they won't have that button at all, since older versions of macOS required you to format computers the hard way using recovery mode, which didn't handle activation lock concerns.
Which still leaves considerable amount of laptops with broken FMM registrations in T2. Especially since it was upgrading to Catalina, iirc, that started problems.
> there should be a path for machines acquired legitimately to be unlocked.
There is exactly that pathway. If you have the consent of the original owner, which I think is an important and required quality of "acquired legitimately", you can have the original owner remove the device from their Apple account remotely, or to wipe the device and reset it while logged in prior to physically handing it over to you.
If neither of these things have happened, on what basis do you believe the complaintant has "acquired legitimately"? Is consent of the original owner not important in your view?
This is exactly the same thing as the Feds saying they should be able to have a backdoor that works for them and nobody else. The whole point of this lock is that only the owner can unlock it. If Apple (or anyone else) can, it’s backdoored and therefore broken.
Apple obviously can, but they won't. And their front end retail staff aren't given that power. Apple as a company however can obviously just do whatever they want to them.
This is quite complicated. For example, it assumes that Apple has to have contacts of every device owner, which is not just unrealistic, but could also be impossible to ensure in some countries due to privacy laws.
Yeah, however. If a machine is activation locked, it's associated with an Apple ID. That Apple ID in itself is a contact point. Like the article states, a system where you have 30 days to deny an unlock would be nice. Or you could just report to Apple right away the machine was stolen, which blacklists the machine from an unlock request.
I recently sold an M1, and did factory reset before that. I don't remember anything about "Activation Lock", this word combination never came up. It seemed to work ok after reset. Have I scr**ed the buyer unknowingly?
In that case you wouldn't have seen it mentioned. When you go through the erase data and settings process, it asks you if you want to remove the device from Find My and disabled the activation lock, at which point it prompts again to login to iCloud. If you didn't have it enabled, it wipes without prompting.
All phones, Android and iOS are activation locked. The phones are sent away to be parted out. Basically all the spare parts you see on ebay and Amazon are stolen. No one makes real 3rd party iphone screens so its almost certainly stolen.
How do you know? On what basis do you make this claim?
Only with the consent of the original owner can you legitimize the transfer of property, and the activation lock is the exact technical means to get that consent and legitimize that transfer.
This comment relies on the original owners not being either stupid or apathetic. I've bought many second hand devices over the years, from actual owners, who had no idea how to properly reset them.
If you are a business that buys used electronics, it's a business imperative for you to ensure that the sellers unlock things before they're sold to you. If you don't take this on, this is kind of a self-own. There's really only two ways to look at this if you end up with a bunch of locked devices:
1. You buy and traffic in stolen goods, you're a fence. Good thing you got fucked.
2. You don't do a good job of operationalizing your core business, and ensuring that sellers unlock devices before handing them over. Good, you suck at business and those that don't should rise to the top.
I don't see how any of this is a negative, except the environmental impact at the end, which considering most of this is aluminum and recyclable, is minimized and an acceptable trade-offs for the massive anti-theft and data protection benefits.
Except when I get activation locked out of my own devices that I bought directly from Apple, which does happen from time to time. Fortunately, that's never happened while traveling, but if it did, I'd be in trouble. Getting it removed is a pain and can take a while.
Why does it happen? I don't know. Apple doesn't know. Nobody knows. Maybe they just really like talking to me and reviewing my receipts.
I would do things to get a break from it, but the reality is you can't really escape when you work remotely. You are tied to that digital life as a basis for the travel itself, as well as the employment that affords you the opportunity to do so. I am not one of those people that's constantly on my phone, but for most of my travel I was in operational roles where I was on-call 24/7, and using my phone or similar devices for basic services while traveling like translation, maps, cars, train tickets, plane tickets, hotels, payments, etc.
What you describe is kind of what I suspected, in terms of that specific job requiring you to be that available, which is why the question was genuine. I also work remotely, and have at times travelled simultaneously, but never in the same way, unless it's the constraint I'm accepting because I actually don't have the vacation time. As in, if I'm in vacation, laptop stays at home, otherwise I'm just trying to do both and sometimes that's a fair compromise.
Even day to day living stationary, I have a hard time accepting that not being able to escape is a requirement, but I'm not really responsible for any critical systems, and am not paid like that either.
I didn't say I did travel without anything digital. My comment was a question about a degree of connectedness, not the existence of it.
On one hand you have your phone for solving some basic problems, on the other you have to be near reasonably reliable internet constantly, with backup devices and contingency plans for them.
That, I do occasionally find myaelf the opportunity to be completely without digital stuff, and find them quite relaxing.
On the other hand makes theft of Macbooks unprofitable. Which I am super happy about. I want all my devices to be worth scrap if they are ever stolen.
And I am even happy as a second hand laptop buyer. The last thing I need is to buy a stolen laptop. At least here, I am still liable even if I don't know for a fact that it is stolen. In any case I don't want any part in stolen goods market.
I think, over time, laptop owners will learn to preserve their key so that they can unlock the laptop when they want to resell it and buyers will learn to check if the laptop is unlocked. What's the problem?
The problem is that they are not properly scrapped. A perfectly good laptop ends up as electronic waste, and not just stolen laptops, it happens to end-of-life laptops from big companies too.
If you could ask Apple to pick up the laptop for free, so that they can refurbish it and sell it at a discounted price, it would be no problem. No business for thieves, no waste, and more good machines available for a budget. But they have no reason to do that as it goes against their business model.
Apple couldn't do that because they'd potentially be making money off reselling stolen goods. If you can contact the original owner, then you can ask them to unlock it. If you can't, then how can you know that the device wasn't stolen?
Aren't there legal exceptions when you give out something? Otherwise it could cause a lot of trouble to charities that work with donations. It would be a big problem for the recycling industry too.
Even if there's a legal loophole (I doubt it), why would Apple want to become known as a reseller of stolen laptops? I don't know the legal technicalities, but if you have a reasonable suspicion that an item might be stolen, then reselling it is at least unethical and probably legally dubious too.
> On the other hand makes theft of Macbooks unprofitable.
Only if the thief knows that. An organized robbery ring might. The opportunistic kid hanging around the cafeteria or coffee who has 5 seconds to swoop may not.
If my laptop gets stolen, I might have the last laugh, but it'll be a forced one.
The reason laptops or phones are stolen is simply because they're perceived as valuable. If stealing an Apple product isn't perceived as a good opportunity people will opt to steal other phones and laptops instead. It will take time for this feedback loop to be circled a few times.
Even the thickest of individual thieves will soon get it that "Apple log" == "impossible to fence". They'll still be stripped for parts and there are some shady Chinese factories that can actually defeat Apple's locks, but it's statistically insignificant.
Theft is still profitable. They are maybe getting less money by selling for parts to a fence than if selling a laptop that can be resold straight away, maybe by themselves. Still some money.
With some devices like iPhones Apple goes even further preventing swapping the components between phones. This prevents selling stolen devices even for parts.
Yep, this is exactly why the TouchID component is paired with the motherboard/display.
Otherwise the thief could just steal the phone, wire in a hacked Touch ID that accepts any thumbprint and resell the phone.
This way it's way too expensive to be profitable unless you're doing it on an industrial scale. Most thieves resort to trying to con the previous owner into giving their Apple ID for unlocking.
sortof, it may just mean more complicated networks for selling/shipping for use as parts. see this example of a stolen iphone from london getting shipped to china: https://hachyderm.io/@em0/109494729273725207
If Apple actually cared about solving stolen devices, it would be possible to return the device to Apple. Failing a reunification with the owner, it would be passed on to a recycling center.
Forcing laptops to be scrapped only solves the problem of Apple's bottom line.
Its not trolling, I find this design absolutely morally abhorrent. I dont buy new devices, I always buy used, and theres nothing more disgusting to me than a bricked but perfectly usable device. In the future there will be stacks and stacks of these m series macbooks, the owners will be long gone and no longer care what happens to them, and people who need them wont be able to use them, ever. Thats horrendous and not at all what I want from my technology.
and if the legitimate owner is dead? What about if they simply also forgot the credentials? What about items that have been forgotten, or left in a drawer for some time? How about devices from a business that went bankrupt? what about donated school laptops?
They can still resell their laptop. They just need to google "how to resell macbook" and find this Apple support document and follow the instructions. It seems pretty easy and specifically mentions the T2 security chip.
If they're legitimately reselling the laptop and didn't know about the activation lock, the person/company they sold it to could contact them to unlock it. I'm confused how this harms any legitimate reseller or buyer.
There will always be people incapable of doing simple things. Google your problem and follow instructions. Can't be helped. Not a reason to stop progress (most of the time).
> I want all my devices to be worth scrap if they are ever stolen.
A device which exploded if it was ever more than 15 feet from you would also satisfy that desideratum. There are other things to take into consideration.
Yeah, that sentence tells everyone who's paying attention all they need to know. These folks are not operating a legitimate business and they're mad that their fencing operation can't handle stolen Apple products.
Most people selling their Macs do not even know that they have to formally pass ownership on to someone else, as though it were a car. This is a restriction that was not there pre-M1.
> Most people selling their Macs do not even know that they have to formally pass ownership on to someone else
Then the person who buys it from them is going to send it back, and they'll know next time, or however that gets resolved. If they're selling it to a reputable commercial entity, that entity will know it needs to be done, and will ask them to do it first. Every iPhone I've sold to a company in the last x years has needed this process done...
But it has been there for a good decade for iPhones.
The buyer should know this and ask the seller to unlock their device(s). And if it's a legit seller, you can contact them afterwards and have them unlock it.
> But it has been there for a good decade for iPhones.
And iPhones still get stolen. As much as people may not like theft, it is less of a social ill than waste is.
If you want to deter theft, work towards a society that doesn't drive people to thievery, rather than trying to solve it with weak technical solutions that do nothing to address the underlying problem. Apple could be more effective at preventing theft by donating a billion dollars a year to fight poverty, although that would risk doing some good for the world.
> As much as people may not like theft, it is less of a social ill than waste is.
That's... a take. It sounds like you don't personally believe in property rights, and therefore think solving global poverty (an intractable problem that has never had a meaningful solution in all of human history) is a better way to solve theft than just addressing theft directly. The weird thing is people steal even when they aren't experiencing poverty.
Theft is an unalloyed social ill, and the only examples of theft that can be remotely justified are contrived examples of theft under oppression of basic survival needs, which is not the context, socially or otherwise, of the places where iPhones and laptops are being stolen, so not really relevant. Theft is wrong. Theft is social ill that has far-reaching consequences and many second and third order effects in society. Ending theft is a good thing, and is more than worth the trade-off of the minimal additional waste (considering aluminum is very recyclable).
> That's... a take. It sounds like you don't personally believe in property rights
I allege that this is a take. It's possible to believe in property rights while also understanding that human desperation drives people to theft. The vast majority of people resorting to thievery were driven to it because of the circumstances of their life, not because they're doing it for kicks. In a battle between property rights and human rights, at some point human rights takes precedence. You don't need to go Full Communism, you just need to acknowledge that desperate societies are not polite or prosperous societies.
Sure, then we can consider the category of human rights may contain (among other things) the right to personal property, as well as the right to be assured of your next meal, and there is no law of nature that says that rights cannot be in conflict. In a society of extreme scarcity, the latter may be unachievable. In a prosperous society like the one that I live in, the latter is entirely achievable, although sabotaged by short-sighted people who have yet to understand that treating crime at the source--human desperation--is more effective and efficient than treating the symptoms of crime.
> as well as the right to be assured of your next meal
No such right seems to exist, in my view. That said, we have a duty and obligation as a society to help out those in need, but this is not the same thing as this being a human right. That meal requires the labor of another, and there is no human right in my viewpoint that causes the enslavement of someone else.
Unfortunately, it doesn't matter whether or not we believe it to exist. If given the choice between crime and starvation, people will choose crime. One can believe in the inviolability of personal property all they want; they'll change their tune when hunger sets in.
> That meal requires the labor of another, and there is no human right in my viewpoint that causes the enslavement of someone else.
Sure. But nature is not so kind. You have food, and someone is coming for it. Your option is to either kill them or give it to them. If you would die without that food, then the moral choice is obvious. If you have so much food that it would be physically impossible for you to notice the loss of any of it, then the alternative is true.
Hopefully, now people will know this. And it is a good thing. There are plenty of stories of people selling their laptops without wiping data and laptop falling in wrong hands.
They don't need to "pass ownership", just hit the reset all content button (on modern devices). Any competent recycling/disposal process tells people to do this.
And if they don't, they can delete the device from iCloud.com (Find My) to bypass the issue.
This is wrong. Stuff makes it into the recycle/waste stream all the time without the owners careful de-authing. People die and their estates are liquidated. Things are damaged and discarded, or lost and written off, all the time.
Accusing someone trying to keep electronics out of the trash of laundering stolen goods is not ok.
You’re not the one paying the “small price”, the planet is the one paying it. Given that, I don’t think you get to say if it’s a small price or not. But as i’ve addressed in a root level comment - this is not an either-or situation, we can have both e-waste recycling and even better anti-theft measures: https://news.ycombinator.com/item?id=34506120
I get to say anything I want. In any case the planet is reaping other rewards from the deal, and the tradeoff is worth it. And ewaste does not go away in any scenario other than humans going away, which is not on the table as far as I know.
The current mass extinction that's happening doesn't really care if you have a "healthy society". Even if we decide we only care about humans, widespread lung issues, massive deaths in the wake of heat waves, and of course cancer...
I find it hard to believe that corporations with this volume of (short term!) device turnover don't have basic device management in place, and the staff to operate it. Managed Apple devices are enrolled during prestage, which means the administrating account is able to unlock them independent of the employee Apple ID.
You would need a combination of very high cashflow and lax/incompetent device management, plus a direct contact that grabs large amounts of these "used" computers without applying the most basic of processes for making sure the devices being repurposed can be, well, repurposed.
I want to have good faith, but this sounds a lot like "thousands of quasi-new, pricey laptops are sold to us with a 'former corporate owner' that mysteriously doesn't answer phone or email, and we would like to act like they're ours now."
It seems like this is an issue only if your business plan is to squint very hard every time you look at the source for the "used" laptops you're buying.
At the same time, I do want old laptops to not become e-waste if the approval process is too difficult for previous owners.
The approval process needs to ensure that some enterprise IT drone can easily go through a pallet of laptops, wipe them all, and put them on eBay, without depending on Janet from sales properly following the decommissioning process, without requiring them to navigate a phone tree at Apple to read off serial numbers.
If the laptop is more valuable as scrap than as used minus costs of recycling, it will be scrapped. If scrap minus costs of disassembly and hazmat disposal is less than zero, it will end up in the landfill. In spite of all the work going into lead-free components, halide-free solder, and so on, we still don't want that.
That already exists. If you buy a bunch of laptops from apple and use an MDM, it already associates the serial numbers with your account. You can remove the serial numbers from your system at any time, then they are unlocked.
You already have this choice, and it is not incompatible with finding a way to use the machine without its contents (a recycler in this case might be forced to wipe it - win/win). But Apple is just too greedy, and successfully already sold you this as a feature, not a limitation of their own system.
what about when the current owner is no longer known? How many macbooks sit forgotten in a closet for years before being donated? How many millions rely on used, older tech to access technology?
Are all these macs stolen? Why aren't resellers requiring users to change/disclose their passwords or wipe the machine themselves before accepting the unit?
Yeah, this sounds 100% like "working as intended". Even if they aren't stolen, this prevents people who've gotten their hands on these laptops for free/cheap (recycling) don't also get their hands on an unassuming user's data. I'd rather that my data is protected than someone make a quick buck from my refuse (or worse, by stealing from me).
For legitimate transactions or ones where the data liabilities are fully disclosed, you can obviously get around this easily.
When my son's school locker room was burglarized, they didn't bother with iPhones and took higher-end Android devices only. It's precisely the second order effect you want as a user.
It's more than data. Apple's disk encryption already does that on iOS.
Activation lock isn't just data protection: It is Anti-theft. The concept was that bricking the hardware if it is stolen would reduce the, at the time, massive rise of theft. Activation lock on iOS (and all kinds of keying hardware to that board) basically shut down cell phone theft as they become worthless. They added the same to MacOS.
Yeah, I haven't heard of someone having their iPhone stolen since about 2015. Killing the illegal resale market with "if you don't know the password, the phone is a brick" is probably the biggest reduction in crime that society has ever experienced.
> Yeah, I haven't heard of someone having their iPhone stolen since about 2015
You haven't been paying attention then. In London, phone snatching (iPhones preferred) has been and remains an epidemic to the tune of tens of thousands a year - in a single city.
They might not be resold at full price, but even selling to a fence for parts is profitable if your acquisition cost is zero.
> They might not be resold at full price, but even selling to a fence for parts is profitable if your acquisition cost is zero.
Apple has started blacklisting parts associated with locked iPhones. At this point the only reusable bit is the case and possibly battery. The display, Face ID, Touch sensor, and such are all bricked. Overall the reduction is massive in any form. There isn't a 100% effective solution but you can easily cut down on 90%.
What parts? The screen / front camera assembly also stays locked if the phone it was on was stolen. The FaceID / TouchID data is stored on the camera module.
And now we're into John Deere levels of "fuck you, pay me" whenever anything breaks.
No thanks. The secondary repair market is extremely important to keep on life support.
If you cede all repair work to manufacturer blessed shops the amount of waste and expense skyrockets.
I want patched together laptops working 12 years from now, just like I have old T-series laptops from back in the day with various replacement parts humming away right now in my homelab. It's silly to just toss everything in the trash the moment is breaks.
At component level, yeah no impossible but for general resale it wouldn't be too hard. I'm pretty sure the Face ID and Touch ID modules already do this.
You would need to add some general identifiers to parts with a GUID and at production/official repair time, register those parts to an iPhone S/N. If Activation locked, those parts would need to not be able to be registered to another iphone until the original device is unlocked, thus clearing those parts.
Look - I get that it's probably not too hard to do with most of the parts that contain active electronics, but the comment I was replying to said all the parts.
How are you going to lock down the phone body? Or the screen (not including the digitizer)? Which, coincidentally, are probably the 2 most damaged parts of a phone.
I suppose there's probably some way Apple could lock them down. But that seems like an expense wildly out of proportion to the potential benefit.
My family has still gotten their phone stolen (albeit when abroad). Anti-theft is the reason I'm happy to support Apple's practices that make it harder to swap generic components between phones. I'd rather no components be swappable without Apple intervention.
The legal owner and the person whose account is on the device may not necessarily be the same person. Especially in situations with smaller companies without device management, or e-waste recycling
The legal owner is the only entity that gets to decide if the device should be sold or not.
A person who is temporarily assigned the use of a company machine will not be able to prevent the legal owner of the machine from turning off activation lock.
If that's the case then I guess it wouldn't be too much work for Apple to provide a way to contact the original owner and ask them if they would mind it being wiped and reactivated for recycling.
I'm sure some percentage of owners would allow that if it was just a click of a button and would help cut down on e-waste. As long as the machine isn't stolen and you know you're not going to expose any data then why not?
(...and if it is stolen then the owner can expect the recycler to explain where they got it from and return it.)
I wondered how to phrase this and I think I’ve done a bad job based on the downvotes.
I don’t mean that Apple allow a third party to contact anyone directly, I agree that that would be terrible.
Instead I could see Apple themselves contacting the last known owner to ask permission to wipe and open the laptop for reuse.
If that’s not what you want then you tell Apple the once and that’s the end of it.
Reuse won’t always be what people want but if a laptop can be repaired and securely reused then that’s much, much more energy efficient than recycling it.
allowing this would open the possibility of thefts forcing the victims to respond in a specific way thus opening a possibility of violence along with theft.
so no to that. the solution to work as deterrent should be final: stolen device = brick device, no other possibility.
in the case of solving theft of devices we have to choose the price we want to pay. all solutions are based on various ways to deter the theft. there is no solution to stop the action of theft once started. thus all solutions have a price that could range from false positives (like legit owners being locked out) to waste like theft happens because they dont know that they cannot unlock it without destroying the device.
You can already do that on Find my Mac by locking the phone/laptop remotely. Same way as you would when your credit card is stolen; a couple of clicks and no one else can use it.
No, Apple cannot unlock the machine and that is the point. No government can compel Apple to decrypt anything. If you trade in an old device with Apple they provide detailed instructions more then once on unlocking and wiping before shipping. If you do not follow them, you do not get your trade in credit.
Apple can remove activation lock, which is the context of "unlock" here. The person you replied to is not talking about decrypting the contents of the laptop.
However, Apple chooses not to do this unless they can establish that it is actually your device. Giving trade-in credit for activation locked devices would effectively be giving thieves an easy way to make money off of these otherwise useless devices, so they don't do that to avoid incentivizing theft.
It would be cool if Apple offered a program where these activation locked devices could be returned to Apple for free. Apple could contact the last known owner and let them know their device has been recovered. If Apple doesn't hear back from them, then they could wipe the device and sell it as refurbished, or recycle it (depending on how damaged it is). This avoids creating an incentive for thieves to steal, but also overcomes the e-waste argument.
The article claims that the issue is schools and businesses jettisoning these devices in bulk and not wanting to go to the effort of resetting them properly.
It seems dubious to me. Shouldn’t the reseller withhold payment until the device is verified to be usable? And shouldn’t schools and businesses be incentivized to reset the devices since they want the full resale value?
I might be wrong but I believe Apple can unlock these machines with proof of purchase. At least I remember carrying a non MDM enrolled device from a departed employee to Apple in the past to have the activation lock removed and all I needed was a receipt and patience.
The company I work for has to do it from time to time with Apple's help. We have Mac users who, for example, return locked Macs when leaving the company... we unlock them then with Apple's help.
There are actually a few ways around iCloud lock, they all aren't great for thieves:
1. An insider (hard to get)
2. Phishing the owner (your device has been found, just sign into your Apple ID on this specific login form...)
3. Physically going to an Apple Store, with faked proof of purchase, and ideally a convincing disguise
4. Resell to some Chinese reseller (particularly because China doesn't use the same IMEI blocklist as the rest of the world), and take whatever they give you, and then it's not your problem anymore
Option #3 is surprisingly popular for petty criminals.
I mean the article says that they "assume they have been destroyed" so maybe it's businesses paying for hardware to be destroyed and now it's not possible to resell instead.
Back in my day, when we returned school supplies our teachers made us erase the markings we made so they could be reused, or else we had to pay the replacement cost. That was a lot more work than wiping a hard drive.
That’s exactly the point. If you properly wipe it, it’ll get the activation lock removed. Either resellers are doing things wrong, or these devices are being stolen and offloaded cheap. This isn’t exactly a new problem either, it was a problem with enterprise windows devices and locked bootloaders too, this is just harder/“impossible” to bypass.
It's a bummer, I could have keep using it as a media platform or a plain functional laptop without root if I had knew that before hand.
I had my account on this. I formatted and that when I saw that I will not be able to re-install anything that I realized I bricked a perfectly fine machine.
This. Activation Lock is an Anti-Theft, not a privacy mesure.
By making stolen hardware a brick, it reduces the upside to a thief to pennies on the dollar. This makes the legal risk not worth it. Thus: massive drops in theft. https://techcrunch.com/2015/02/11/apples-activation-lock-lea...
They tend to call themselves recyclers in the trade not resellers. They buy crates of these and play the probability game. They make more money on making frankenlaptops than actually stripping and recycling them. In fact most of them don't even recycle stuff themselves and subcontract that out periodically to other companies that actually do it.
They are getting pissy because Apple trashed their probability game.
I left my job at a publicly traded company you've heard of in the summer, seeing layoffs on the horizon (i was right!). The company has never responded to my request for a shipping label to return the macbook they bought for me. But it was remotely disabled, and now is impossible to get into. I'd happily factory reset it and give it to my nephew or something but I can't get it. So, I've asked a few times, emailing the IT contacts I have there, because I want to get rid of the damn thing. No response. But I can't legally sell it since it's not mine, and Apple will likely not bypass the firmware password for me. What am I supposed to do with this thing (besides pay my own freight to ship it back to the company I guess, something I refuse to do out of spite). Anyway, I can see how a lot of laptops might end up in the dust bin because of things like this.
>”Often the previous owners are corporations or schools who buy and sell the machines in bulk and aren't interested in helping recyclers or refurbishers unlock them.”
A lot of these units have small issues that would prevent unlocking. Like a keyboard issue or an LCD issue. Guaranteed to end up in the trash under this setup.
No, companies and businesses go bankrupt, and often dump items at the last minute to recoup losses. Other times, IT departments are given bad info and devices are not owned by the user they were told, and other times the owner is simply too dumb or lazy to unlock themselves.
hardly justifies turning working technology into a brick
Users, particularly those not absorbed into the Apple ecosystem, don't keep their iCloud account in high regard and by the time they're getting rid of their computer, have long ago forgotten the password. Additionally, they don't realise there are special steps required before handing off these computers.
Not necessarily stolen, people just don't know better. The article explains that companies/schools operate in bulk, meaning they just drop thousands of in bulk - so they dont care if the are locked or not.
I googled "how to resell macbook" and found this article on how to properly do it and reset all the T2 security chip stuff. It seems trivial to do before selling your Mac
These macbooks need to be treated like a used car now. I've traded in 2 cars and they look it over and take it for a 5 minute drive to make sure it is okay then give me the money. They aren't going to take my word that the car is fine.
Anyone buying a used macbook needs to verify that the machine has been properly reset. This should probably take a minute or less.
Price for Macbook that has been properly reset = $500 - 1500
It is if you are a company that needs to refurbish laptops from employees that have left, which is a thing. They just hand in their laptop but they might not be around to do things like wiping their laptop properly. There are all sorts of legitimate reasons to want to do that and wipe a laptop. There are also companies leasing laptops that need to worry about what happens when the lease ends and the laptop comes back. Their target audience is a mix of all sorts of users, most of which are not necessarily be capable of erasing their own laptop properly.
Because of this article, I'm updating our internal employee off-boarding check list to make sure we don't end up with a lot of bricked hardware.
I will state that I have never used Macs in a corporate environment. Every Windows laptop I have ever had has an employee has so much extra corporate security software on it that they can remotely lock me out, reset it, wipe it, etc. They don't need the password I use for anything.
Does Apple or any third parties make software to do this?
Essentially the T2 security chip needs to allow 2 passwords so that both the user AND corporate IT can reset the machine etc.
If a company is leasing laptops then they need to treat this process like an apartment security deposit. When I rented my first apartment I had to pay one month's rent up front. I moved out 4 years later and they inspected my apartment for damage and after they found nothing wrong they gave me my original security deposit back.
Actually it's a little more nuanced than that. If you buy an activation locked MacBook from a registered business in the UK and have an authentic receipt for it, Apple will unlock it. I know someone who has been through that process.
If the device is marked in lost in iCloud though, it isn't happening.
Ergo if you're going to risk it, stick it on a credit card.
For an individual, this is absolutely worth it. The problem is corporate/education IT departments do not operate on the same economics as you or I. You'd think that you can just multiply 60 laptops by their value as "for parts" versus their value as used, properly reset devices minus the intern's hourly rate. Clever you, you've found a way to make money! But big corporations don't think that way, they already know how their bread is buttered and don't have flexible processes in place to reward the elimination of inefficiencies or creative discovery of new income sources.
I've bought a number of used Thinkpads, laser printers/copiers, workstations, etc. that were previously owned by big companies. They don't go through the wiping process. If it has a removable drive caddy the whole thing comes out and goes in the trash, and you need to find a spare part that costs as much as the whole used laptop if a lookalike isn't available. They don't care whether the BIOS is locked, that doesn't have their data on it.
The intern saddled with unloading the pallet of old laptops is never going to see any of that hypothetical $500-$1500. And who would ever give an intern the local admin password to run erase assistant, potentially letting them decrypt the data of a senior employee previously logged into the Mac, just before covering their tracks by deleting the access logs?
I remember when activation lock came to the iPhone. The guys selling "gently used" phones in front of the Metro stopped selling them overnight, it seems. They quickly pivoted to Android. And it for a while everyone was trying to press a Galaxy S in your hand for a quick buck.
As a laptop owner, this actually sounds pretty good, because it heavily dis-incentivizes theft. However, as a laptop buyer, it's hard not to feel like Apple's security posture is conveniently aligned with their market interests.
It increases participation in the second hand market, actually. This only applies to Macs stolen / sold without a reset, so when I buy second hand I know the Mac wasn’t stolen, and I know there’s less incentive to steal this laptop because thieves can’t use it anyway.
What’s wrong with Apple having market interests and protecting their customers at the same time?
You could argue that theft would increase Apple’s sales, because the people buying stolen ones were never going to buy a new one anyway, and the relatively well off victims of theft have to buy a replacement from Apple, again and again.
So not sure what you mean.
If you mean it’s in their market interest to make sure their customers are well taken care of, I see no problem with that.
As someone who lives in what you could call a low-trust society (the opposite of a place like Japan or Singapore where property theft is incredibly rare & almost never violent) my impression was that iPhones/Macbooks were massive theft magnets prior to Apple's new locking approach. I'm all for recycling and can't wait for Framework to be available in my country etc., but I'm certain that the reduction in theft desirability of Apple tech due to this type of locking is actually saving lives by reducing violent crime interactions.
As far as I see there is also still a massive market here for second hand Apple tech despite these locks, people just follow the process to dissociate their accounts.
I'd even say that Apple laptops and phones go through more hands than others because of how long the software gets updated for. I still see iPhone 5S around and those just got an security update this week - maybe 10 years after introduction?
So this article feels quite clickbaity - trying to blow up one recycler's preference that bulk donations could skip these locks into a whole "Apple not doing enough to deal with e-waste" angle. Obviously every big company could do more on this front but I haven't heard of another device manufacturer putting as much recycled contents into new devices [1], running such a comprehensive global certified refurb program and finally keeping the software update cycles as long so the device doesn't need to be scrapped in the first place. The article should focus on the companies that are ditching thousands of perfectly good Macbooks without prepping them appropriately.
> “When we come upon a locked machine that was legally acquired, we should be able to log into our Apple account, enter the serial and any given information, then click a button and submit the machine to Apple for unlocking,” he said. “Then Apple could explore its records, query the original owner if it wants, but then at the end of the day if there are no red flags and the original owner does not protest within 30 days, the device should be auto-unlocked."
That doesn’t make any sense.
1. Who is going to pay for all that?
2. That 30 day timeout just means it will be unlocked and again stolen devices will be desirable / unlocked…
Ultimately the recyclers need to make it worthwhile for the original owner to unlock these devices. Not some workaround.
Ever heard of spam? It’s one of the biggest ways to get around the iCloud lock right now: Phish the owner that their device has been found, just Sign in with Apple ID on this login form. 2FA has made it harder but they’ve got ways…
That would make it really confusing. You could get such a text from either Apple or a criminal and you’d better know which. No thanks!
Also applies to, say, 2019 Macs you bought with cash at the Apple Store, set a firmware password at setup, then never needed so forgot until the Ventura update failed and now you need to install fresh.
Nope, not yours.
Even inside Apple Care window, with the Mac in your owned device list, with your welcome to this Mac email from launch day, Apple won't help without original receipt.
I actually support this - the amount of material involved isn't trivial but is largely aluminum. I think the positives of deterring thieves / illegal resellers far exceeds the environmental impact. A better approach in my opinion is Apple licensing certain resellers to allow a reset with some kind of proof of purchase. This kind of provenance is already coming to eBay and tbh this is another key area of right to repair in which I disagree with Louis Rossman.
I'd say over 60% at least - a friend of mine bought a second-hand M1 macbook without any issues. Key here is that the previous user has to initiate a full-wipe on the device, if that happens anyone can continue to use the device. This is similar to SIM locks on iPhones, completely intended to reduce theft.
Everyone in the comments saying this is good because of theft is missing the forest for the trees.
It would be quite simple for Apple to setup a rescue program that actually got people their stolen devices back and solves the recycling problem:
1. A recycler with an activation-locked device pings apple.
2. Apple pings the former owner.
3. If the former owner wants it the recycler forfeits it to the nearest apple store where it’s shipped at the owner’s expense to the former owner.
4. If the former owner doesn’t want it or doesn’t respond in 60 days, it’s wiped and unlocked.
Activation lock is nice because it deters theft, but it doesn’t get you your stuff back and results in a ton of e-waste in the long run. A solution like this balances those two conflicting problems. Legit recyclers can keep stuff out of the waste stream. Theft is still strongly discouraged, and this time you might actually get your phone/macbook back!
I'm stuck with several relatively new (2015, HD, run tvOS 16) Apple TVs that came from a government auction. They were used in a school, and were never removed from "Apple School Manager", their MDM system for schools. Apparently Apple can mark serials as part of a school or business's fleet, and upon setting up the device, it automatically is registered and pulls down the MDM profiles.
Only the school can remove them from the system, and although Apple's terms of service _require_ them to be in control of the device for it to be registered (i.e. not sold to a third party, me), I have been completely unable to convince the school to help me on the matter. Contacting Apple doesn't seem like much of an option either, as they don't even publicly post contact info for this kind of support.
Based on most of the comments I'm seeing, it's like people didn't fully read the article. In particular, this quote:
> Responsible recyclers and refurbishers wipe the data from used devices before selling them on. In these cases, the data is wiped, but cannot be assigned to a new user, making them effectively worthless. Instead of finding these machines a second home, Bumstead and others are dismantling them and selling the parts. These computers often end up at recycling centers after corporations go out of business or buy all new machines.
It's saying that the machines are being wiped for prior owner security, but that this removes the ability for a new user to activate the laptop.
It wasn't possible for the new user to activate the laptop anyway. The activation lock is on Apple's end. If the previous owner logs into their iCloud account and disassociates the machine, the machine is no longer activation locked.
What you're missing is that the article says the ones doing the wiping are "responsible recyclers and refurbishers" -- at this point the machine has already passed out of the hands of the owner, so it can't really be argued that the owner's privacy or consent were protected. Kind of like a thief saying they clean cars before reselling them, but now they no longer find the title in the glovebox.
> Often the previous owners are corporations or schools who buy and sell the machines in bulk and aren't interested in helping recyclers or refurbishers unlock them.
What kind of corporations or schools hand over old computers in bill without wiping them first?
FTA, this seems like a reasonable approach to still mitigate theft while reducing the stuff that gets tossed in the garbage:
> "Bumstead offered some solutions to the problem. “When we come upon a locked machine that was legally acquired, we should be able to log into our Apple account, enter the serial and any given information, then click a button and submit the machine to Apple for unlocking,” he said. “Then Apple could explore its records, query the original owner if it wants, but then at the end of the day if there are no red flags and the original owner does not protest within 30 days, the device should be auto-unlocked.""
I recall when Steam introduced their bans for cheating in games. They have it timed so that do it in batches of 6 month period effectively allowing cheats to operate with impunity for a certain amount of time -- this period is crucial to create ambiguity about which cheats work and and which don't.
When the ban hammer drops there is a lot of upset people screaming in to forums that they were banned but didn't cheat! This reminds me of that. The entire thing is working as intended and there will inevitably be upset people who were just gaming the system before hand.
If I recall, a lot of that was because VAC was extremely paranoid. Many people who ran Python, AHK, or even client-side Source engine scripts would get banned for various reasons without a transparent excuse. I was VAC-banned from CS:GO despite never playing on an official, VAC-secured server in my life. No appeal, no reasoning (I was even using Windows back then).
It seems to be a bit calmer now, but VAC is kinda a perfect example. Apple is over-implementing something in a way that prevents legitimate users from legitimately using things. Yes, their efforts here are valiant, but they're also glaringly imperfect. The thousands of unusable MDM-locked machines are evidence that Apple's process here isn't working as well as it should.
Around 2018, my 2014 Air broke down and I took it to a local guy for a logic board replacement. This guy was quick but he worked sitting on the floor of an empty house full of spare computer parts and needed to rummage or buy until he could fix it. Still, I really needed to continue the work I was doing that day, so, I drove to the Apple Store and bought a new Air, knowing they have a 30 day return policy. Went back to my repair dude and we swapped my hard drive into the new Air. I went home and worked on it for a couple days and he called and said he got the board, just need to come back and swap the drives.
So, drives swapped, 2014 upgraded to a core i7, I moseyed back to the Apple store to return my barely used 2018 laptop. No problemo, said the lady, just gotta scan the serial number off the bottom. Then she got a funny look on her face. "This isn't ah..." and before I could even ask, two security guys were standing next to her. Suddenly, I realized what had happened. The repair guy had switched the base with my old one. I made some excuse that I must've grabbed the wrong laptop from the office, took it back and ran out. About an hour later I walked into the same Apple store with the same "never booted" computer (it was a completely fresh hard drive, after all - they could see that) with the original base and serial number on it. Before I even walked in, security was tailing me (facial recognition)... but although they knew something was askew, they couldn't tell what, and they graciously took the laptop back for a full refund.
I mean, all I did was use it as a screen and a keyboard. If I'd actually booted it on its own drive and installed software on it and returned it, they would've taken it back anyway. I didn't even spin the hard drive.
[EDIT] TO BE VERY CLEAR, I DID NOT TAKE THE I7 BOARD FROM THE NEW LAPTOP AND PUT IT IN THE 2014. That would be extremely unethical. I bought a separate used i7.
> "Previous owners do not return phone calls, and large corporations that dump 3000 machines assume they have been destroyed, so it is critical we have a solution that does not depend on the previous owner approving,” Bumstead said.
> and large corporations that dump 3000 machines assume they have been destroyed
e.g. We lied to the corporations who paid us to destroy their systems and we want to be able to unlock devices, bypass data protection, and fence them, when they are effectively stolen because they were acquired through fraud.
These people are laptop thieves and mad that Apple made their illegal activity difficult. Good for Apple, and fuck this guy.
Apple would have taken all 3000 of those laptops for recycling for absolutely free, except that for expensive items Apple requires you to fill out a form and show ID.
No, the article doesn't address at all why schools/businesses aren't unlocking.
It doesn't address any risks associating with Apple having the power to unlock.
And the article disingenuously claims MacBooks are being sold for "scrap" (which implies merely recovering materials like aluminum) and the intro scarily talks about processes for a part which "ground them into carcinogenic dust". The article doesn't even mention selling for parts until halfway through, and it presents that in a negative light rather than examining why that might be a tradeoff that makes perfect sense, especially since parts availability helps enable third-party repair. (I myself have sometimes found I could get significantly more money selling something as separate parts on eBay rather than as a working whole, which means it's actually better because there's more demand.)
Your third point sounds like the most reasonable use of these machines. I assume that's what the recycling companies are doing but it wasn't explicitly stated in the article.
I think the trick there is that you reset it before selling it.
In my experience dealing with iphones from departed staff, if the iphone is locked to an icloud account there's essentially nothing you can do to get access to it. If you do a DFU restore of the firmware it still comes up with an activation lock. Pretty sure that's what this article is describing for the new apple silicon laptops.
> In my experience dealing with iphones from departed staff, if the iphone is locked to an icloud account there's essentially nothing you can do to get access to it. If you do a DFU restore of the firmware it still comes up with an activation lock.
Does this happen even if the iPhones are managed devices?
I'm fairly sure if the device is enrolled under an apple business account or whatever, then you'd be able to reclaim it. My org's apple business application is currently in limbo so I can't say for sure.
Their is a hardware chip that will force you to prove ownership by logging into a ICloud account.
I "own" one of those. My previous employers never asked me for the laptop back. Even after I send them email about providing me with a fedex label. It was roughtly 2 years ago.
I thought that a good old format would take care of that, but no.
I did saw T2 removal tutorial on youtube thought. You need to remove the T2 chip , implant a new one and flash it.
I'm kinda disappointed on HN to not provide more information on that process.
Well, seems like this is another one of those "here's a shocking anti-consumer practice that certain users will defend" thread.
I'm not going to dig into the irony of grossly overcompensated tech workers defending anti-theft side effects. However, I will say that this also creates a lot of waste that basically forces Apple to be the main channel for resale. Go on Ebay and look at how many MDM-locked Macbooks exist that would be perfectly usable if their previous company was solvent enough to unlock them. In a world where reuse is preferable to reducing or recycling, it's hard to cheer for this from the sidelines.
The only thing that really matters is your data. If that's encrypted, there's not a small-time pickpocket on the planet that can get anything useful from it. If your data isn't backed up and your hardware isn't disposable relative to the frequency of being robbed, then you've arguably got a pretty bad disaster-recovery plan. Consider being less worrysome and more proactive.
> The only thing that really matters is your data.
No, a one or two thousand dollar device getting stolen also really matters. If all a thief can get out of a stolen laptop is $10 of parts, there's less reason to spend time and effort on it, and certainly less reason to, say, kill somebody over it.
If you care about it, get Applecare. Apple literally sells their own insurance against theft, because ultimately it's something that will happen regardless of the software or hardware.
You can disincentivize thievery up to a certain point, but you can't use it as an excuse to cross lines you wouldn't have otherwise. That's just capitalizing on the innate paranoia common in luxury customers, and largely illustrates my point that this is a racket.
This is the same problem cybersecurity people deal with: when everything is working the way it should, other people start to wonder why they even have cybersecurity people. Activation Lock reduces the number of thefts, but you can't see things that stopped happening, so you've decided it isn't doing anything. Some thefts will happen, but a lot of them aren't happening anymore, thanks to Activation Lock. An ounce of prevention is worth a pound of cure. Phone theft used to be a much bigger problem.
When criminals know ahead of time that Apple devices will be bricks if stolen, they are much less likely to try to steal them, which means that a large number of sometimes violent confrontations are being averted. That's how the math works. It's not crazy like you're trying to propose that it is. And no, no one is going to stand there trying to explain to a thief that it will be a brick. The thief either knows ahead of time (and doesn't try to steal it), or they don't and they wouldn't believe the owner anyways. After they steal one, they learn their lesson, and word gets around.
Some people continued stealing activation locked devices because they figured out they could get a few dollars for the parts, even if it is much less than for a functional phone. So, now Apple is starting to serialize those parts to the specific phones, so that those parts are also worthless. That just leaves the value of the scrap metal, which is extremely low, so there is extremely little incentive to steal these devices.
Activation Lock is an anti-thief practice, not anti-consumer, and it has nothing to do with how highly paid "tech workers" are.
Neither will explaining that your laptop is useless to a thief. If someone is going to shoot you over a laptop, they're going to shoot you over a laptop. Obviously it's not worth killing someone for a $3k laptop though (any more than you see someone shot over a Honda Civic), so they won't. Otherwise we'd all be wearing body armor when we write a thesis in Starbucks... which (unless you're American) is a distant fantasy.
> the irony of grossly overcompensated tech workers defending anti-theft side effects.
Who are you to say that these people are grossly overcompensated? Why do you think it's an acceptable implication that because someone is well compensated that they do not have property rights against theft?
It seems to me this is another one of those "here's a thing that makes it harder for people to commit crimes, and criminals and criminal apologists flock to defend crime." threads.
> “Now we're seeing quantity come through because companies with internal 3-year product cycles are starting to dump their 2018/2019s, and inevitably a lot of those are locked,” he said.
Yeah, right! 2c says these computers are MDM locked and still on the managed inventory. These recyclers should talk to their supplier. Just supplier saying “trust me it’s 100%” legal is not enough.
And yeah, I really don’t want Apple or any other manufacturer to make it easier to fence potentially stolen goods. Many people don’t remember the times when white earbuds (ie you have an iPod or iPhone) made you a hot mugging target! It’s not a thing anymore since Apple added reselling locked devices worthless.
Additional thing to note: Why is Apple serializing iPhone parts? Perhaps it is because thieves found activation lock too much of a pain and went to part sales on the grey market. Part serialization is, ultimately, this but further down the road.
There are definitely pros and cons to part serialization.
However, I think we can all agree that when Apple is selling genuine replacement parts, those parts should be ready to pair with the first phone they're put into, instantly, without needing to call Apple Support to finish the repair process. You should also be able to order the parts without needing to give Apple your device's serial number ahead of time. Otherwise, repair shops can't keep genuine parts in stock, and your ability to complete a repair is entirely dependent on whether Apple is staffing their call center sufficiently, which is currently a requirement.
Optionally, maybe there would be a way where the phone could prompt the user to choose whether they want to serialize those replacement parts to this specific device, and then they would be registered with Apple, unable to be moved to a new device if this one were stolen and parted out. An automatic check for whether these parts have previously been registered would not be as onerous as a phone call.
There should be a feature to request an unlock request to the owner. I accidentally re-sold a locked iPhone once and luckily was able to work it out with the buyer but only because they had my contact info. That being said this is a known risk of buying liquidated Apple hardware that should have been factored into the the bids of whoever bought them. When I worked in a bit in IT liquidation back in the day and we guessed 10% of everything was going to be junk and bid accordingly.
My parents/grandparents/brother wouldn't ever know they NEED to unlock the thing before selling it. THAT'S the problem. The people Apple markets most strongly towards have no idea this is an issue or part of the device transfer process.
Forget stolen, the idea that you have to go back to the original vendor to transfer a product is anathema to the prior 100 years of product purchasing experience.
Why isn't this an infringement of the "First Sale Doctrine"?
When your grandparents are selling a laptop and they don't know what is needed to be done, the buyer should be verifying the device is in a suitable manner for purchase. Bare minimum, turn it on and sign in to verify it works.
If they're recycling it, the recycling company should tell them "hit the reset button before sending it to us" and take the 2 seconds upon receiving it to verify, rather than waiting to learn a month later when the owner isn't known.
A friend gave me an old iPhone in a similar state. Really annoying that it couldn't be wiped and reused. It had a broken screen, so I was just going to use it as a cheap ipod to play music in the background in my bathroom, but ended up just recycling it for scrap cause it couldn't be unlocked.
Edit: people are asking, the old iPhone 5 was left at a yoga center for over a year in the lost and found. nobody claimed it. nothing nefarious. my friend who works there gave it to me to see if i could get into it. nope. e-waste. no way to contact the original owner. ended up buying an iphone 6 with a broken screen off fb marketplace for $10... problem solved.
personally, i think they should either have some better mechanism of contacting the original owner or they should have a way to totally wipe the phone after some extended amount of time to get around the theft issue. if someone activates the device again with an icloud account, maybe the device could be restricted until apple contacts you or you provide proof of 'ownership' to the police or something.
It's a shame that Activation Lock does not also activate an Air Tag buried deep inside of the machine. That would be interesting. Even better if those locations could be put on an inexact map. That might make it easier for the police. You know where your macbook is located, and the police can see a public map from Apple, as well.
>“Then Apple could explore its records, query the original owner if it wants, but then at the end of the day if there are no red flags and the original owner does not protest within 30 days, the device should be auto-unlocked."
so, they only have to detain you for 30 days before the lock expires. nice.
I discovered three family iPads are locked to an unknown iCloud account. These were purchased by us new, including one from Verizon.
My oldest child, who is the only one who could have somehow taken them over, never had an iCloud account, so we are stumped. Stumped with three bricks.
My partner tried to recycle to apple her old mac mini.
It was a nightmare of two trips to the apple store and all sorts of machinations.
This was a machine she bought direct from apple. They acknowledged this. There are certainly some issues with their processes which seem to make machine single owner.
Haha! They said they don't know what iCloud account is was registered under. Everything in Apple's world flows from the iCloud, so even with the receipt, the first thing they'll ask is to login and confirm the account is on your iCloud account.
I hate being held hostage to a corporation. Anti-theft mechanisms propagated from a corporation should be understood to generally benefit the corporation first (monopoly on resale market) and the user second (limited protection from petty theft).
I know I'm charmed to live in a place where petty crime is relatively low, but these sorts of "lock it to my Apple account" anti-theft tools feel awfully similar to the use of martial law. It's very helpful in limited circumstances but should never be the default state of our lives.
> Many bypassers have claimed solutions to T2 macs (I have not tried or confirmed they work…I am skeptical) but they admit they have had no success with M1.
Well... The T2 was actually based on the A10 Fusion chip, which is vulnerable to the checkm8 boot ROM exploit. Which, then makes things much easier when you can run arbitrary code. Apple partially fixed things in the A11 and fully fixed them in the A12. Meanwhile, M1 is based on A14 and impervious to the Boot ROM exploit... so no wonder they haven't had luck.
It's probably hard enough to disable when you can run whatever code you want. But when you can't even run code or get in the door...
Top posting because this thread is full of talk about the owner giving permission to unlock.
Wiping is the right concept here. Unlocking is not.
Sure, yes, you need to unlock in order to wipe. Duh.
But unlock is not sufficient to prevent harm.
The owner of the laptop does. fucking. not. have the right to give away the private information of other people that is stored on the laptop. Photos, contact info, private communications, etc., etc.
Wipe, not just unlock. Let’s use the words that fit the end that needs to be reached, not just one step toward that end.
I sold my M1 MacBook Air to someone and bought an M2 MacBook Air to get more storage. I gave them a discount because of physical damage to the machine, but if I had sold it at market value I would've recouped most of my original expenses.
I took the minute to read Apple's instructions before selling so they had no issues, and it's no longer attached to my account.
How does this impact the repair market for Macbooks?
My partner has an M1 MBP with very minor liquid damage on the keyboard that took out most of a row of keys. Apple wants to replace most of the computer for something that I assumed would be $75 in parts, and wants roughly $750 (most of the price of the computer).
Will these scrap macbooks help reduce the parts prices for 3rd party repair shops? Or are parts like the keyboard now locked to the computer?
"Then Apple could explore its records, query the original owner if it wants, but then at the end of the day if there are no red flags and the original owner does not protest within 30 days, the device should be auto-unlocked."
As long as the machine is guaranteed to be wiped as part of the process, this is not a bad idea at all.
I cannot believe that we are living in a world where people would rather their machine get completely bricked and thrown in the dump than have the potential to be used by future generations for countless tasks and innovations. Do we not see the loss? Do we not care about waste? Why in the world would we be okay with bricked devices never being operational again? It clearly doesn't prevent theft, it only prevents use. Even when it wasn't stolen, and rather was improperly recycled, we have a responisbility to make these machines usable again. I personally cannot wait for someone to figure out how to jump the T2 chip, resolving this issue once and for all. Shame on all of us for being so shortsighted.
Consumers may not be used to unlocking a laptop before selling it. But, the process is still far easier than transferring the title on vehicle when selling it.
Not sure about prior models, but at least with M1 it won't work. To change any boot settings or install anything you need to have administrator password.
Considering people who work with fleets of laptops tend to offload them as quickly as possible this sounds like a pain in the ass, even moreso than the SSD being non-removable. This happy little accident will make it more painful than that process needs to be and should be considered by anyone who is hoping to recoup a bit of cost from them at the end of their business cycle.
You know where this leads to? Unrepairable devices.
Afaik you can not change a BMW headlight yourself, because it has a little chip inside to identify the part. If your car electronics does not find the headlight serial number it's looking for, that headlight won't work at all.
So you'll have to go to a BMW dealership (or licensed repair shop) and they have to reprogram the car to accept the new headlight.
Does that really stop thieves? Probably not. Does it hurt end users who want to work for themselves on their cars (or anything alike)? Yes, for sure.
Activation lock on a BMW is something totally different from a serialized headlight.
Now that I think of it, most cars already have a system like this, where they wont start if the original key is not present.
Summary: schools and companies sell their old laptops to recyclers, but don't unlock them first. Historically recyclers never needed to coordinate with the previous owners because once they had the hardware they could do anything they needed. With new security chips, however, these locked computers are nearly worthless.
Since these computers are still valuable, I think we probably end up with a new dynamic where contracts are updated so the previous owners get money back for unlocking them first. That maintains their value without opening a path for thieves to unlock and resell stolen macs.
I like the incentive you propose, but in the case of a company offloading 3000 laptops that are perceived to already be EOL, they likely will not find the financial incentive to be worth their time. I suspect nothing less than regulatory hurdles would resolve this, and I don't think the recyclers have enough pull for that.
If the laptops are worth ~$1000 unlocked and ~$100 locked we're talking about a pretty big loss. Propagating this back up the recycling chain is going to take a while, but eventually all of these companies will have "unlock the laptop" as a step in their checklists.
For MacBooks? Assuming they’re five years old, which is already quite old for an enterprise fleet, we’re talking several hundred dollars per unit still. Easily worth spending time resetting them with jamf
> Responsible recyclers and refurbishers wipe the data from used devices before selling them on. In these cases, the data is wiped, but cannot be assigned to a new user, making them effectively worthless.
Wait. There is no way to assign a new owner to these machines? If I had an old M1 Macbook that I wanted to give to a relative I wouldn't be able to?
No, if you properly reset the machine (which logs you out of iCloud, turns off find my Mac, etc), there’s no problem in giving the used machine to someone else.
It only fails if you don’t log the machine out. This is to deter theft, since a reset requires the user’s password. If it’s not been reset it’s a brick.
Yes, but if you’re the original owner that shouldn’t be an issue.
The other thing to note is that if the computer hasn’t been signed into iCloud or had Find My Mac turned on, none of this necessary. So someone who’s paranoid about phoning home can probably resell after a simple reformat.
imagine for a moment how valuable new cars would be if you could restrict the supply of the used car market by mandatory recycling when the first owner buys a new vehicle.
Apple benefits significantly at least two ways;
1. Increasing overall demand for both new and used (unlocked) Mac Books by restricting supply.
2. Used unlocked Mac books will have a better resale value on the aftermarket thus continuing the folklore that Apple products retain their value for longer.
This begs the question… how much would a used Mac book cost if Activation Lock didn’t exist?
What is the true market price of a used Mac book? Or Apple Stock?
Not everything is a conspiracy. If you buy a used laptop and the previous owner didn't remove it from their icloud first, you can still try to get them to unlock it for you. As a buyer, make sure it was removed from their icloud before you buy it. It's a very useful anti-theft measure, and Apple warns you about this on their site to take those steps before selling it.
Presumably a car is valuable enough that even a large company would be willing to spend several minutes unlocking each to get the full second hand value.
While computers have more confidential data. The article implies that the big company sold them to be destroyed.
Any legitimate reseller would not have an issue because the original owner which sold the laptop to them would have wiped the device and removed the activation lock. The fact stolen goods end up as scrap and have no useful value beyond scrap value is not only okay with me, I think it's a net positive for society and one of the best things Apple has done for their customers and the world.