Sounds awesome to me. Working as intended. When I used to travel, I'd have to take a backup phone and laptop with me that I'd leave in a travel safe, the hotel safe, or a hotel lockbox at the front desk so I could be assured I wouldn't be out of commission for work / digital life if someone stole my laptop and phone while I was mobile. Now, I basically don't have to worry beyond taking standard opsec precautions, because Apple devices are ignored by thieves.
Any legitimate reseller would not have an issue because the original owner which sold the laptop to them would have wiped the device and removed the activation lock. The fact stolen goods end up as scrap and have no useful value beyond scrap value is not only okay with me, I think it's a net positive for society and one of the best things Apple has done for their customers and the world.
Sounds like you didn't fully read the article. Nothing is said about stolen property.
> Responsible recyclers and refurbishers wipe the data from used devices before selling them on. In these cases, the data is wiped, but cannot be assigned to a new user, making them effectively worthless. Instead of finding these machines a second home, Bumstead and others are dismantling them and selling the parts. These computers often end up at recycling centers after corporations go out of business or buy all new machines.
Apple has an easy path to reset an Apple Silicon device by the original owner so it can be sold and used by another. I know because I've done it. But if it is stolen, game over.
Yeah, extra work for overworked IT departments. I'm sure they'll be happy to add extra work they dont have to do.
Ive worked with second hand devices for a long time. Ive had many come through that have activation/MDM/etc locks and have tried calling the IT dept they came from and all but about one time they pretty much just laughed at me or just played dumb about it entirely. Apple and other vendors were no help in this as they just tell you to contact the original owner.
The only actual step is to click "Erase All Content and Settings", aka. wipe the machine, which is what every sane IT department should do when decommissioning a device. Assuming they're using any kind of MDM solution, they can do it with one click through their MDM.
The IT department has no idea what kind of password that user was using, and they have no idea what kind of valuable data is on that machine. If that user's password was just "password" (or sticky-noted next to the trackpad), that IT department is going to get in serious trouble once all that proprietary data ends up in the wrong hands, if they didn't wipe the machine before handing it off to a third party.
If wiping the machine before getting rid of it is "extra work", then that IT department isn't doing their jobs to begin with. I'm certain such IT departments exist, but that's not enough of a reason to make theft easier.
That is not enough. You have to remove the device from your iCloud account too.
Source: just wiped and sent back a MacBook Air to my old workspace. My colleague finished the macOS setup and logged in with their iCloud account. After resetting it again (to re-do the setup in the way they wanted) it was locked to my account. So not even installing macOS and logging in to iCloud will bind the machine to you.
Imagine doing that with a machine you bought second hand and the original owner can’t be reached anymore.
No, that button is enough. That button did not exist on older versions, so you definitely did not click it if it did not work. If you're running the version of macOS that was released over a year ago (Monterey) or running Ventura (released more recently), then the button will exist.
"Activation Lock is disabled when you use the Erase All Content and Settings feature."
Apple confirms that the feature works exactly as I said and exactly as users expect. I've used it myself, and it does work.
Users running software that is several major versions out of date will have a more difficult experience, since that button did not exist, and they would have to first remove Activation Lock before going into Recovery Mode to manually format the Mac. Those are the remaining steps that were linked several comments up from here: https://news.ycombinator.com/item?id=34505523
Apple has made the process as easy as it possible can be now, identical to the process used to factory reset an iPhone.
Well, apparently it’s possible to “hold it wrong” then.
I’d argue if you can wipe it (which requires your iCloud account approval), install it as someone else, login with that new iCloud account, then reset it and it suddenly reverts back to the previous owner, something is wrong or very unintuitive.
The problem on Mac it seems is that there are two official ways to do it. One proper way (the “Erase All Content and Settings”) and one other way (the way we did it, boot into recovery and format it, then go through setup with another iCloud account which apparently just temporarily lets another user use the machine). On iPhone there is no user accessible recovery mode so that can’t happen there.
>and one other way (the way we did it, boot into recovery and format it, then go through setup with another iCloud account which apparently just temporarily lets another user use the machine).
If you go through recovery, you can delete the content, but when you go to reinstall, you will be prompted for the credentials for the user tied to it.
Meaning, you can delete, but you can't reinstall without being prompted for authorization by the account that currently 'owns' that computer.
Going into macOS Recovery is not an official way to transfer ownership. It can be used to reinstall the OS or delete the data volume on the disk. But it does not change anything on the hardware security chip, which is what Activation Lock uses.
I've worked with some of these responsible recyclers before. Everyone knows the deal.
If you want IT asset disposition, it'll nominally cost you -- for pickup and processing, and optional value-adds like secure data destruction certificates. If the assets have remarket value, that can begin to subsidize the cost, easily zeroing it out, or even returning profit to the IT department. Recyclers are happy to pay IT departments to pick up their old Apple equipment -- and they know to ask ahead of time, "are these activation locked?"
These recyclers often have vertical integration on the refurbishing side, running an Amazon eCommerce department so they can directly capture that remarket value. And once they've got that going, their bottleneck to growth is how much material they can bring in -- which is never enough.
So the recyclers and refurbishers invariably need to buy material from other recyclers. There's an entire economy around selling pallet-fulls of used, minimally-inspected or completely "as is", Apple and PC equipment. Specialized invite-only communities exist for selling this material in bulk, with lots of overseas actors in on the game. Every R2 recycler is involved here, along with lots of actors from India and China in particular.
Having seen inside that sausage factory, fraud and theft is a legitimate problem. There's more than a fair share of "don't ask questions". More than a fair share of "yup we're definitely R2 certified, winkwink". More than a fair share of wining and dining the R2 auditors to get that certificate under the table in the first place.
I'm gonna go with the GP comment here -- the system is working as intended. Industrialized theft of this sort is much more eminently solvable through technological means than through overstretched law enforcement, especially when a non-negligible amount of material comes from overseas.
It's on the IT departments to figure out if they have enough time to activation-unlock their assets before disposition. Do they want to pay the recycler to pick up all that material, or do they want to sell the material and pad their budget?
A quick look at the Jamf documentation suggests it's pretty easy to mass unlock these devices, so I'm not buying that it's that much of a strain.
>Yeah, extra work for overworked IT departments. I'm sure they'll be happy to add extra work they dont have to do.
But at the benefit of less-burdened security teams, and greatly enhanced peace of mind for users and info-sensitive organizations? You can argue it's taking something highly risky like security and shifting those man hours to something not as threatening.
> With new apple machines there is no possibility of this.
It isn't necessary to destroy the physical media anymore, so that reduction in e-waste is fine with me. Just properly erase the device by clicking the button in settings.
But security is about more than what you do at the end of a machine’s ownership, it’s all the things you have to consider while the machine is out in the world with very sensitive information on it. And now those security departments have much less to worry about because of this security architecture in the chip.
As the sibling commenter points out, this should also result in less waste as those drives do not need to be destroyed if the device is properly unlocked.
What information would be recoverable without the storage device? ROM dumps? I doubt the majority of these computers are running any super secret firmware and if they are I assume there would be extra precautions taken when its EoL.
I'm talking about machines in active use that are out in the world, with their owners -- security teams have much less to worry about than they used to, as the modern Apple security architecture takes much of the burden off them.
And there is a perfectly secure way of having FileVault always on by default, and by rotating the keys, you are effectively "destroying" all the data on them anyway, with the bonus of not physically harming anything.
Unless, cryptography itself is broken... which would bring much wider-scale problems than destroying information on old drives anyway.
I rather IT is forced to properly reset laptops even if takes longer because there has been too many incidents of data leaks when IT doesn't take time to properly remove data before donating laptops.
Hardware lifecycle process may vary but it still needs to be accounted for.
The activation lock removal is hardly an obscure hack, this is a process failure. Good on Apple for making these machines take their secrets to the grave.
For IT departments there is a way to request a reset from apple if you have apple enterprise support and can prove that the device is yours. It has to be in DEP or you have to send them an invoice.
Hmm, I've seen recyclers with stacks of these machines (including new M1 Max's) that they say they have to throw out because they can't do this. I wonder if you are missing something.
We're not missing something, the recyclers are. The original owner just has to use their Apple ID to disassociate the device. The problem is, that step isn't happening, and the juggling of devices from reseller to reseller results in the original "owner" becoming lost.
Juggling of devices from reseller to reseller sounds like laundering stolen goods to me.
If it’s a legitimate sale, the original recycler will require the seller to wipe/unlock the device or they will only give a steeply discounted price. If the seller is going to get hundreds/thousands less by not wiping the device, they will do it.
Thus, the only problem for recyclers is recycling stolen laptops.
If the IT staff have been laid off already, there is no one left to wipe the devices. You can't really expect the bankruptcy administrators to know this (yet).
If the problem is the "throwing out" part, they can just give it to Apple for recycling. Then it won’t be e-waste anymore. Or to the police and let them deal with it.
If the problem is the financial part, just go back to the person they bought it and get the money back.
If they're taking a risk and buying it legally from, for example, a police auction, or from someone who "might have forgotten to contact the owner": it's a risk.
If it was acquired illegally, I can't say they deserve a solution to their problem.
Nobody is entitled to get money in exchange for potentially stolen goods or items acquired without due diligence.
I'm not sure I understand your comment here? Are you referring to the end of your MacBooks' life, or the beginning? It's somewhat ambiguous.
Assuming you are referring to end of life process:
Apple's kit sold as refurb is done from their incoming returns — faulty, or otherwise unwanted, systems.
Everything sent to them as a trade-in isn't handled by Apple at all: it's contracted out to third-party companies. (This likely applies to their recycling programme also, but I've not looked into it)
At least: these things certainly used to be the case — and there have been a whole bunch of articles online that support this, over the years. I would love to see evidence to the contrary if things have changed?
— But like I said: I'm not sure I understand your comment, so maybe my points here are irrelevant.
I'm glad they have that process outlined, but dang if it couldn't use a little streamlining. Individually sign out of iTunes(step 4), and iCloud(5), and iMessage(6)? They couldn't add something to the OS that does all three for you? And the later steps (erasing disk[8], reinstalling MacOS[8], and resetting NVRAM[9]) don't somehow already break those sessions?
If you're using macOS Monterey or later on a Mac with Apple silicon or a Mac with the Apple T2 Security Chip, use Erase All Content and Settings instead of the remaining steps in this article. For any other Mac or macOS, continue to step 3.
Most of these steps don't affect activation lock - removing activation lock is as simple as disabling Find My, which can also be done by signing out of iCloud. Removing from iCloud.com (Find My) is also sufficient.
Nothing else is needed to disable activation lock.
No, if you reinstall macos without removing the machine from your apple account it will lock down just like a factory reset iPhone and require you to login to the original account.
The article says that some corporations do not care and do not cooperate after unloading the machine to recyclers. (Including schools - which makes a bit more sense, one can assume school computer for pupils does not have any security-critical information, apart from maybe network config etc).
Strangely, if you follow steps 1 and 2 then you miss step 3, which is to back up or transfer your files. Why would the owner of an Apple Silicon machine not want to do this?
> If you're using macOS Monterey or later on a Mac with Apple silicon or a Mac with the Apple T2 Security Chip, use Erase All Content and Settings instead of the remaining steps in this article.
So, it is literally a two step process for any Mac released since the end of 2017, and the first step is just an optional reminder to cancel or transfer your AppleCare coverage if you have any.
So, one real step. Wow, so hard.
> assuming that the seller is even aware
The buyer should make the seller aware of the problem, because it is in the buyer's interest not to end up with scrap.
But, regardless, why would the seller not want to wipe their computer first? The seller will inevitably hit the button mentioned in the help article simply because that's the only obvious way to wipe the computer to anyone who isn't super technical. This is a problem that practically solves itself for devices that aren't stolen.
>> The buyer should make the seller aware of the problem, because it is in the buyer's interest not to end up with scrap.
How does this assume anything about the owner/seller?
It’s entirely on the buyer to make sure they’re getting what they want out of a transaction (as long as the seller is not misrepresenting the product), and activation lock has been a thing for like a decade on Apple devices, so it should be widely known. If they make major purchases without even doing the bare minimum of due diligence, they will have a bad time regardless of activation lock. I’ve seen people buy ancient MacBooks off eBay that can’t run the software they need, simply because they didn’t do the research. That isn’t the seller’s fault.
If the seller is misrepresenting the product as having the activation lock removed when it isn’t, that becomes a legal issue. On platforms like eBay, they will happily side with the buyer and refund them in cases like that. For B2B stuff, that’s why lawyers exist.
it's a single step if you don't have applecare and applecare just makes it harder, because you need to cancel it.
it's just a two button process with big fat red buttons and you need to enter you password.
> Responsible recyclers and refurbishers wipe the data from used devices before selling them on. In these cases, the data is wiped, but cannot be assigned to a new user, making them effectively worthless.
I'm sorry but this is bullshit too.
I have sold my fair share of old Apple devices via so-called "responsible recyclers and refurbishers".
When submitting the form on the website, they all have statements in BIG RED CAPITAL LETTERS saying "please logout from Apple iCloud before sending us your device".
Most of them also have terms and conditions saying they won't pay out and/or will return devices where activation lock is still enabled.
Yes. And what is argued is that they should talk about stolen property. Because if they got the laptops legitimately they should ask the original owners to unlock them. If they can't or won't then something is suspicious. The laptops being stolen is the leading suspicion.
Are we intentionally forgetting the part about how these are recycled machines? Sometimes the business doing the recycling doesnt have direct contact with the owners, often businesses are pawning off months old machines and dont know the last user who had the machine, theres so many scenarios where its not fair to say 'just contact the previous owner' - this grey area just leads to waste, and the only one at fault is Apple
> Sometimes the business doing the recycling doesnt have direct contact with the owners,
Did the owners just push the laptop under the door and run away? At the point where they receive the laptop they can say: "If the laptop is locked it will cost you $X to dispose it here. If it is unlocked we pay you $Y."
Set X and Y appropriately and people who can will unlock them.
No, what we're saying is we only have the business's word on that, and that isn't worth very much. There are tons of shady recyclers who look the other way at laptops that "fell off the back of a truck", and I'm very confident that's what's happening here, and you (and Vice) are falling for it. The bit about multiple thousands of business laptops getting junked is a total ragebait distraction, because any business of that size has MDM enabled. What they're really complaining about is individual laptops whose provenance is unknown, and at best they don't care where they came from, at worst they're active participants in the theft rings.
>Sometimes the business doing the recycling doesnt have direct contact with the owners,
Then how do they know that they're not dealing in stolen goods? If they can't establish a chain of custody to a legitimate owner, then they're being irresponsible.
Properly wiping FMM is, in my experience, beyond most owners, especially of they aren't mainly on mac and thus might no longer have access to apple id they used.
In fact, there was a period of time when depending on latest os version and hw version, the steps changed.
The one time I bought a mac personally, the reseller tried to follow the correct procedure... But they used an outdated one. Contacting previous owner led to threats of litigation for phone call mobbing.
Any Macs made in the past 5 years require exactly one step: clicking "Erase All Content and Settings", which is exactly the button anyone would push when trying to wipe a machine before giving it to someone else.
Things may have been more complicated before that, but Apple has made it as easy as it possibly can be now without telling thieves to just start grabbing every Mac they see.
Not past 5 years - MBP 2018 with Catalina didn't unlock when using that. It's possible that it was a bug, but after previous owner nearly threatened lawsuit for "phone mobbing" (I wasn't the first person trying to call them to remove it from FMM) I kinda gave up. Needed to use the machine right away and broken FMM belonging to locked-out Apple ID didn't stop me from that.
Yes, past 5 years. That’s what the Apple documentation says, since it says it applies to any Mac that was T2 or newer. That doesn’t mean that it would have worked this way 5 years ago. Software improvements with macOS have definitely made the process simpler than it used to be.
"Erase All Content and Settings" did not exist in macOS Catalina. Back then, you had to manually reboot into recovery and reinstall the OS that way, which unfortunately did nothing for Activation Lock, and was a confusingly advanced procedure to expect end users to perform in the first place.
Now, someone just has to go into settings and click that button and macOS will handle everything. It's exactly like wiping an iPhone, including using the same button name. Apple has done what they can to make this as user friendly as it can be now.
Guess this is a good reason for repairers/resellers or buyers to ensure activation status on any Apple device they get their hands on. Easy for repairers/resellers to ensure since they tend to be directly in contact with the company and make it policy. For general buyers, they have to be proactive before making any purchases over an Apple device. As it's easier to contact the seller in question while they are actively selling vs hoping they'll respond post-sale.
The refurbished probably shouldn’t purchase those machines then if it’s a known issue. There’s a tradeoff here, and needing the owner to run a command to reset the machine seems preferable to having them be valuable if stolen
Sure, but in terms of how a non-technical user feels, I suspect that "it's still there, but trust me that nobody can access it" isn't as comforting as it just not being there at all. Thus an incentive exists.
This still sounds great! If thieves know they can't get more than scrap value for a MacBook, they will more likely search out other targets (like PCs) to make their drug money.
Smart recycling centers and refurbished, like Apple, don’t take possession of MacBooks with Activation Lock turned on. Legitimate people can easily turn it off.
> Any legitimate reseller would not have an issue because the original owner which sold the laptop to them would have wiped the device and removed the activation lock.
This is exactly what goes wrong, way too many times. After encountering this issue with various friends and family, with locked iphones, I strongly believe we've gone wrong somewhere. People simply are not aware that their device is protected like this, until it actually hits them, which for way too many people, is simply "never". And in the case they are aware, they don't know how to remove the locks either.
Contacting the previous owner isn't as simple as it may seem, as iphones will typically obscure the owner's name. If the phone has passed any reasonable amount of hands, been locked in a closet for a few years, or was set up with another relative's account, disabling any of these kinds of locks is a losing game, usually ending up in frustration and the purchase of a new device anyway. Now consider what happens when workplaces discard devices en masse.
I completely agree with wanting good protection for my data on my devices, but people should be able to give away and sell these devices without worrying that the device will end up bricked in the process.
>I completely agree with wanting good protection for my data on my devices, but people should be able to give away and sell these devices without worrying that the device will end up bricked in the process.
This is not an acceptable compromise. These devices are the keys to a person’s entire existence, no compromise should be made to offset the user’s ignorance.
This is the same problem as the account security problem. If the original owner did not remove their account from the device, you can't contact them, and you don't have a receipt, you are indistinguishable from someone who stole the device.
It's like buying a car from someone who doesn't have the keys for it or any paperwork. Sure, it's not quite common knowledge like buying a car yet, but it will be eventually.
>It's like buying a car from someone who doesn't have the keys for it or any paperwork. Sure, it's not quite common knowledge like buying a car yet, but it will be eventually.
This is a really good point, but I'd like to counter with the observation that the anti-theft features of cars don't routinely brick products the way Apple does with activation lock.
Newer cars will only work with their official keys. My car is locked and if I lose my two keys, I’d need to go back to the mother company for another key.
However, a car parts are not molded like an Apple laptop. Most of them can be sold for good value.
More waste is awesome to you? Apple making it impossible to recycle their products (genrating more profit for themselves, which is not casual) is awesome?
From TFA, which you clearly did not read:
> Often the previous owners are corporations or schools who buy and sell the machines in bulk and aren't interested in helping recyclers or refurbishers unlock them. "Previous owners do not return phone calls, and large corporations that dump 3000 machines assume they have been destroyed, so it is critical we have a solution that does not depend on the previous owner approving,” Bumstead said. “And after all, we have property rights, so the original owner is not the current owner and does not technically have a right to condemn to death what is no longer their property."
> and large corporations that dump 3000 machines assume they have been destroyed
You clearly did not read, or comprehend, the quote you just pasted in here. This is someone committing fraud against the companies paying them to destroy decommissioned computer systems, something they may be legally obligated to do for compliance reasons. They're trying to make a buck on the backend instead of doing what their customers paid them to do.
I read, and comprehended the article, did you?
From the HN guidelines [1]:
"Please don't comment on whether someone read an article."
> Any legitimate reseller would not have an issue because the original owner which sold the laptop to them would have wiped the device and removed the activation lock.
Clearly didn't read the article. They receive shipments of 1000s from corps, who don't bother to remove the ownership.
> They receive shipments of 1000s from corps, who don't bother to remove the ownership.
They received shipments that the corporations thought were /destroyed/, likely legally required for compliance purposes, and they are participating in a fraud that violates compliance regulations by attempting to recycle rather than destroy these systems. The reason they don't want to contact the corporations to remove the activation lock is because the company doesn't know the systems were not destroyed, which is a quote from the person interviewed, in the fine article, which I read and clearly comprehended more than you.
This is a business participating in fraud and assisting people who steal electronics and they are upset that their business model has been disrupted. Good. Fuck them.
Also from the HN guidelines [1]: "Please don't comment on whether someone read an article."
This doesn’t match my own experience. iPhones have had a similar activation lock for MUCH longer, and are still frequently stolen. My understanding is they just get chopped up for parts and resold. I doubt most thieves are able to id which macbooks have activation locks and at this point MOST of them in the wild still don’t.
I suspect this is why Apple has been moving to ID check parts against the main board. Makes the parts worth less. Personally I'd like to see them better tied in to your Apple ID so a new phone will completely refuse to use my phone camera module or display unless I have unlinked the phone from my account. If I mark the device as stolen it should just permanently prevent these parts from being used.
Anecdotally, sometimes in my hometown I find dumps of bags from car thieves. I go through them and try to return the remnants to their respective owners. The thieves passed up things like a $5k engagement ring in a cloth bag and a startup founder's personal notes on proprietary technology just because they were not recognizable within 2 seconds as having value. Meanwhile, every single Apple device was gone. It was kinda 50/50 regarding Android phones, but laptops (especially corporately-allocated ones) are also always taken.
So if this really is such a dealbreaker, the thieves haven't noticed yet. Which means their fences haven't noticed yet. Which means their customers haven't noticed yet. Which means what you said is probably wrong, and probably there are ways around the activation lock that the authors of the article have somehow missed out on, or perhaps they're being sold/disassembled for parts.
Locked iphones are easy to resell for their parts but you get pennies on the dollars. Last time I checked (long time ago), you could get the latest gen top tier model in perfect condition on ebay for less than 100$ with a blacklisted IMEI (they work but can't use cell network). For a fully locked phone, I doubt the thief would get more than 10% of the original value. They might not throw it in the trash, but they also won't go out of their way to try to steal the one you have in your pocket.
They get less money for them, but they still get scrap value. The fences definitely notice, they ship them in containers off to where they can be disassembled, so maybe you get $5-10 for that laptop, but hey, that is still some amount of fentanyl.
By making the fence value of the products less, however, it definitely creates a disincentive to work hard to steal a laptop. If it is easy, ya, its gone, but otherwise, their are much better ways to earn those five bucks.
The scrap part is the worst of this. Nice single use laptops on 3 year turnover cycles? No thanks. Unless Apple is responsible for turning the left overs into usable objects and not diverted to e-waste.
In the article they outline a pretty decent way to overcome this through apple themselves which I'd be much happier with.
It's also a remarkably effective e-waste creation program. But I don't see the sense in creating more (probably poorly controlled) e-waste as a solution to this problem.
A safe has a pretty extremely effective security feature that prevents the kinds of thievery at the scale of Apple devices: namely, mass. A secondary contribution of course comes from the tendency to be placed deep inside a building.
Apple devices wouldn't sell at all if they tried to implement this kind of security.
I don't think it's working as intended. Like the article states, there should be a path for machines acquired legitimately to be unlocked. The example given is a registered recycler can submit the serial for unlock, then apple attempts to contact the registered owner. If no answer is received within 30 days, the machine is unlocked.
Plenty of companies don't care to unlock these properly before recycling and it's creating excessive waste.
That registered recycler very quickly becomes an Apple sanctioned fence for stolen goods.
E-waste is going to happen regardless and it would be more proper for Apple to have a computer recycling program, which already exists, or to turn the old computers into spare parts for repair.
Eliminating the potential for theft is a massive win. I remember what it was like before activation lock existed and how high of a target iPhones were. As soon as that feature came out the thieves were screwed out of a potential payday. Now we don’t have to worry about our phones being stolen.
This feels similar to backdooring encrypted systems. The upsides are similar: some trusted entity has the ability to act in a supposed best interest - national security in the case of encryption, reducing e-waste in the latter. Unfortunately, the downsides are also similar: it's necessary to put an outsized amount of trust in an entity (government, Apple, or whomever) that not everyone wants to place that trust in.
The backdoor is already there, is it not? According to Apple's support site, you can remove the lock remotely [1], which means they can remove the lock remotely. You're already trusting Apple.
Given that, removing the activation lock after notifying you with a 30/60/whatever day window to respond seems like a reasonable policy to me.
Similar, maybe. You're not backdooring file vault though. Just the ability to resell a machine. Personally, I feel pretty good as long as my data can't be accessed.
> there should be a path for machines acquired legitimately to be unlocked
I think it's perfectly fair for "legitamately acquired" to mean the original owner consented by unlocking the device. The peace of mind and security if you own a T2 device is the way it should be, and if you want to sell it, you just factory reset it, which is a quick process.
That's not the case though, they are finding. A person like you or me might follow the process correctly, but a company going bankrupt or aging out old equipment doesn't care nor have any incentive to properly unlock their machines before shipping to a recycler. Thus contributing to massive waste.
> but a company going bankrupt or aging out old equipment doesn't care nor have any incentive to properly unlock
This is not true. The bankruptcy process attempts to recover as much value from assets as possible, and so creditors and the process should absolutely care to properly unlock in order to extract maximum value.
Similarly, aging out old equipment is still sold to make money, and unlocking should achieve more resale value.
The incentives are absolutely there. And the article does absolutely zero investigation as to where exactly there's a breakdown in incentives or communication, or if it's even a major issue at all. Maybe the process is working 99% of the time.
The user who refused to unlock it before selling and/or the purchaser who did not check that it was unlocked before purchasing are the ones contributing to massive waste here, not Apple.
Unless this is what's happening in the majority of cases I don't think it's fair to focus on it. My hunch is that most of the laptops in that article are either stolen or dumped by users/corps who couldn't be bothered to unlock them.
If you had enabled Find My Mac on a T2 equipped mac, factory reset WON'T unlock the device.
However, since Apple actually had full authority and cryptographic ownership of the chip, they can generate a key given serial number which will reset T2 contents.
Personally, I think the setup should be that you don't have to go to apple for it, but it should immediately wipe device identity and disk encryption then (and the disk should always be encrypted)
> If you had enabled Find My Mac on a T2 equipped mac, factory reset WON'T unlock the device.
I don’t think that’s true, I’ve never had to do that, and this is not a part of Apple’s documented reset process for resale of a machine. If you are the device’s actual owner and you use the simple process Apple outlines, it will reset it for a new owner, period.
At the time I bought, the documented process included "manually disassociate FMM from the device in iCloud settings"... except it wasn't well propagated information and the previous owner and reseller just tried factory reset.
Been there, went with Apple support over it, the only reason I still don't have it unlocked is because I didn't have time or energy to redo the whole setup. Might redo the apple-driven unlock process, but the hw is not worth it really.
EDIT: Apparently the nice simpler procedure that does wipe FMM only arrived in Monterey.
I have physical proof on my hands. It's possible that they fixed it in later version of the OS, but factory reset is what the reseller did with previous owner, and it did not wipe FMM registration, leaving the laptop half-stuck in terms of ownership - I only figured it out trying to register FMM to myself.
Any T2 Mac or newer requires only that button to be pressed, and then click through the wizard to complete the process. If someone is running outdated macOS, they won't have that button at all, since older versions of macOS required you to format computers the hard way using recovery mode, which didn't handle activation lock concerns.
Which still leaves considerable amount of laptops with broken FMM registrations in T2. Especially since it was upgrading to Catalina, iirc, that started problems.
> there should be a path for machines acquired legitimately to be unlocked.
There is exactly that pathway. If you have the consent of the original owner, which I think is an important and required quality of "acquired legitimately", you can have the original owner remove the device from their Apple account remotely, or to wipe the device and reset it while logged in prior to physically handing it over to you.
If neither of these things have happened, on what basis do you believe the complaintant has "acquired legitimately"? Is consent of the original owner not important in your view?
This is exactly the same thing as the Feds saying they should be able to have a backdoor that works for them and nobody else. The whole point of this lock is that only the owner can unlock it. If Apple (or anyone else) can, it’s backdoored and therefore broken.
Apple obviously can, but they won't. And their front end retail staff aren't given that power. Apple as a company however can obviously just do whatever they want to them.
This is quite complicated. For example, it assumes that Apple has to have contacts of every device owner, which is not just unrealistic, but could also be impossible to ensure in some countries due to privacy laws.
Yeah, however. If a machine is activation locked, it's associated with an Apple ID. That Apple ID in itself is a contact point. Like the article states, a system where you have 30 days to deny an unlock would be nice. Or you could just report to Apple right away the machine was stolen, which blacklists the machine from an unlock request.
I recently sold an M1, and did factory reset before that. I don't remember anything about "Activation Lock", this word combination never came up. It seemed to work ok after reset. Have I scr**ed the buyer unknowingly?
In that case you wouldn't have seen it mentioned. When you go through the erase data and settings process, it asks you if you want to remove the device from Find My and disabled the activation lock, at which point it prompts again to login to iCloud. If you didn't have it enabled, it wipes without prompting.
All phones, Android and iOS are activation locked. The phones are sent away to be parted out. Basically all the spare parts you see on ebay and Amazon are stolen. No one makes real 3rd party iphone screens so its almost certainly stolen.
How do you know? On what basis do you make this claim?
Only with the consent of the original owner can you legitimize the transfer of property, and the activation lock is the exact technical means to get that consent and legitimize that transfer.
This comment relies on the original owners not being either stupid or apathetic. I've bought many second hand devices over the years, from actual owners, who had no idea how to properly reset them.
If you are a business that buys used electronics, it's a business imperative for you to ensure that the sellers unlock things before they're sold to you. If you don't take this on, this is kind of a self-own. There's really only two ways to look at this if you end up with a bunch of locked devices:
1. You buy and traffic in stolen goods, you're a fence. Good thing you got fucked.
2. You don't do a good job of operationalizing your core business, and ensuring that sellers unlock devices before handing them over. Good, you suck at business and those that don't should rise to the top.
I don't see how any of this is a negative, except the environmental impact at the end, which considering most of this is aluminum and recyclable, is minimized and an acceptable trade-offs for the massive anti-theft and data protection benefits.
Except when I get activation locked out of my own devices that I bought directly from Apple, which does happen from time to time. Fortunately, that's never happened while traveling, but if it did, I'd be in trouble. Getting it removed is a pain and can take a while.
Why does it happen? I don't know. Apple doesn't know. Nobody knows. Maybe they just really like talking to me and reviewing my receipts.
I would do things to get a break from it, but the reality is you can't really escape when you work remotely. You are tied to that digital life as a basis for the travel itself, as well as the employment that affords you the opportunity to do so. I am not one of those people that's constantly on my phone, but for most of my travel I was in operational roles where I was on-call 24/7, and using my phone or similar devices for basic services while traveling like translation, maps, cars, train tickets, plane tickets, hotels, payments, etc.
What you describe is kind of what I suspected, in terms of that specific job requiring you to be that available, which is why the question was genuine. I also work remotely, and have at times travelled simultaneously, but never in the same way, unless it's the constraint I'm accepting because I actually don't have the vacation time. As in, if I'm in vacation, laptop stays at home, otherwise I'm just trying to do both and sometimes that's a fair compromise.
Even day to day living stationary, I have a hard time accepting that not being able to escape is a requirement, but I'm not really responsible for any critical systems, and am not paid like that either.
I didn't say I did travel without anything digital. My comment was a question about a degree of connectedness, not the existence of it.
On one hand you have your phone for solving some basic problems, on the other you have to be near reasonably reliable internet constantly, with backup devices and contingency plans for them.
That, I do occasionally find myaelf the opportunity to be completely without digital stuff, and find them quite relaxing.
Any legitimate reseller would not have an issue because the original owner which sold the laptop to them would have wiped the device and removed the activation lock. The fact stolen goods end up as scrap and have no useful value beyond scrap value is not only okay with me, I think it's a net positive for society and one of the best things Apple has done for their customers and the world.