I see what you mean :)
On 5/5/2016 2:45 PM, Ron Garret wrote:
On May 5, 2016, at 11:13 AM, Kevin <kevinsisco61...@gmail.com> wrote:
One can never be to secure!
Actually, I learned the hard way last week that this is not true.
Four years ago I bought a 2010 MacBook air from a private party (i.e. I’ve
owned it for four years, and it was two years old when I bought it). I did a
clean install of OS X, and used the machine with no problems for the next four
years.
Last week, someone apparently put an iCloud lock on the machine. It turns out
that wiping the hard drive does not remove the machine’s iCloud binding. If
the machine has been associated with an iCloud account at any time in its
history, only the owner of the associated account (or Apple) can remove that
binding. And Apple will only do it if you can produce a proof-of-purchase,
which for them is a receipt from an authorized reseller. The iCloud lock is
implemented in EFI firmware, so not even replacing the internal drive will
remove it.
It gets worse: Apple refuses to contact the owner of the iCloud account that
placed the lock. The lock message provides no information (it simply says,
“Machine locked pending investigation.”) So even if the machine I bought was
stolen (I have a lot of evidence that it wasn’t, but no proof) I can’t return
it to its rightful owner because I have no idea who it is. Apple knows, but
they won’t tell me (which is understandable) nor will they contact that person
on my behalf (which is not). They also don’t provide any way of checking
whether a Mac has an existing iCloud binding. (They provide this service for
mobile devices, but not for Macs.) The only way to tell is to take the machine
into an Apple store and have them check it.
IMHO that’s too secure.
rg
---
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus
_______________________________________________
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
