On Thu, May 5, 2016 at 2:45 PM, Ron Garret wrote:
>
> On May 5, 2016, at 11:13 AM, Kevin wrote:
>
>> One can never be to secure!
>
> Actually, I learned the hard way last week that this is not true.
>
> Four years ago I bought a 2010 MacBook air from a private party (i.e. I’ve
> owned it for four years, and it was two years old when I bought it). I did a
> clean install of OS X, and used the machine with no problems for the next
> four years.
>
> Last week, someone apparently put an iCloud lock on the machine. It turns
> out that wiping the hard drive does not remove the machine’s iCloud binding.
> If the machine has been associated with an iCloud account at any time in its
> history, only the owner of the associated account (or Apple) can remove that
> binding. And Apple will only do it if you can produce a proof-of-purchase,
> which for them is a receipt from an authorized reseller. The iCloud lock is
> implemented in EFI firmware, so not even replacing the internal drive will
> remove it.
>
> It gets worse: Apple refuses to contact the owner of the iCloud account that
> placed the lock. The lock message provides no information (it simply says,
> “Machine locked pending investigation.”) So even if the machine I bought was
> stolen (I have a lot of evidence that it wasn’t, but no proof) I can’t return
> it to its rightful owner because I have no idea who it is. Apple knows, but
> they won’t tell me (which is understandable) nor will they contact that
> person on my behalf (which is not). They also don’t provide any way of
> checking whether a Mac has an existing iCloud binding. (They provide this
> service for mobile devices, but not for Macs.) The only way to tell is to
> take the machine into an Apple store and have them check it.
>
Drag them into court... Let them spend $25,000 attempting to defend
their position. It will cost you about $50.00 to file it.
Money is the only thing corporations care about. Hit back where it hurts.
Jeff
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography