Another reason to hate #Apple We're seeing more 2018+ MacBook Pro/Air donations — but Apple's T2 chip means even after iCloud sign-out and reset, the firmware stays locked to the original account.
-
@codemonkeymike
I'll be curious to see that, do you have a link to it?
@Victorsigmoid@magnetic_tape @codemonkeymike I watched the ifixit video, https://www.ifixit.com/Guide/How+to+Remove+MacBook+ID+Activation+Lock+by+T203/143072
-
@codemonkeymike @paulywill What exactly keeps the bootloader locked ?
If its a password or a config, or anything that is runtime change-able, it is then kept alive by the onboard battery.
So cutting off ALL available power should hard reset the thing.The only way around this is if Apple hard coded the lock/password/whatever on a silicon level.
@yama @codemonkeymike @paulywill
It's in non-volatile memory (EEPROM) embedded in the chipset. It won't forget for 100 years. -
Another reason to hate #Apple We're seeing more 2018+ MacBook Pro/Air donations — but Apple's T2 chip means even after iCloud sign-out and reset, the firmware stays locked to the original account.
Without donor contact, these machines are useless.
I've upcycled ~1,000 older Macs, but T2 era machines will end that. It's controlling, creates e-waste, and will only get worse. #righttorepair matters — Apple couldn't care less.
@codemonkeymike I've had go stop taking most idevices because even after resetting them they end up being locked to a schools activation server which makes them unusable
So they all end up going to recycle -
Another reason to hate #Apple We're seeing more 2018+ MacBook Pro/Air donations — but Apple's T2 chip means even after iCloud sign-out and reset, the firmware stays locked to the original account.
Without donor contact, these machines are useless.
I've upcycled ~1,000 older Macs, but T2 era machines will end that. It's controlling, creates e-waste, and will only get worse. #righttorepair matters — Apple couldn't care less.
@codemonkeymike i've been asked about this for android because someone was given an old tablet and FRP won't let them reinstall the device. -
@codemonkeymike @paulywill What exactly keeps the bootloader locked ?
If its a password or a config, or anything that is runtime change-able, it is then kept alive by the onboard battery.
So cutting off ALL available power should hard reset the thing.The only way around this is if Apple hard coded the lock/password/whatever on a silicon level.
@yama @codemonkeymike @paulywill Why would they put it in volatile storage kept alive with a battery, if they have flash memory?
-
@codemonkeymike but if Apple can remove the lock then surely it’s equally possible that someone else could too which would sort of defeat the purpose, wouldn’t it?
Certainly, I would agree that if a person goes through the steps to wipe the machine to give it away or sell then that process should absolutely remove all of the security locks from the machine.
@LoneLocust @codemonkeymike no, only Apple can clear it from their server database.
-
@LoneLocust @codemonkeymike no, only Apple can clear it from their server database.
@nicolas17 @codemonkeymike I’m genuinely not understanding what you mean. Is the problem the T2 chip that can’t be circumvented, or something on Apple’s server?
-
Another reason to hate #Apple We're seeing more 2018+ MacBook Pro/Air donations — but Apple's T2 chip means even after iCloud sign-out and reset, the firmware stays locked to the original account.
Without donor contact, these machines are useless.
I've upcycled ~1,000 older Macs, but T2 era machines will end that. It's controlling, creates e-waste, and will only get worse. #righttorepair matters — Apple couldn't care less.
@codemonkeymike Suspect you are talking about two different things. For a machine owned by an end user, removing the iCloud account and performing a factory reset absolutely makes that Mac available for activation and use by a new user, T2 or no. However, if the device is owned by the end user’s school or employer and enrolled by that organization to their device management, they would have to unenroll it.
-
@codemonkeymike Suspect you are talking about two different things. For a machine owned by an end user, removing the iCloud account and performing a factory reset absolutely makes that Mac available for activation and use by a new user, T2 or no. However, if the device is owned by the end user’s school or employer and enrolled by that organization to their device management, they would have to unenroll it.
@codemonkeymike The organization can do that from their Device Enrollment Portal, if they are willing to do so. The organization’s device management may also have to be removed. Agree that that sucks for someone in your position but if an individual is giving you a device that’s enrolled in that way usually it’s not theirs to give away.
-
Another reason to hate #Apple We're seeing more 2018+ MacBook Pro/Air donations — but Apple's T2 chip means even after iCloud sign-out and reset, the firmware stays locked to the original account.
Without donor contact, these machines are useless.
I've upcycled ~1,000 older Macs, but T2 era machines will end that. It's controlling, creates e-waste, and will only get worse. #righttorepair matters — Apple couldn't care less.
@codemonkeymike yikes. I was just reading about imjtool and fighting edl qualcomm and some of the tools might help with T2?? I hate this shit
-
Another reason to hate #Apple We're seeing more 2018+ MacBook Pro/Air donations — but Apple's T2 chip means even after iCloud sign-out and reset, the firmware stays locked to the original account.
Without donor contact, these machines are useless.
I've upcycled ~1,000 older Macs, but T2 era machines will end that. It's controlling, creates e-waste, and will only get worse. #righttorepair matters — Apple couldn't care less.
@codemonkeymike
If you recycle them through apple you should get gift cards? -
@yama @codemonkeymike @paulywill Why would they put it in volatile storage kept alive with a battery, if they have flash memory?
@nicolas17 @yama @codemonkeymike @paulywill this, most modern machines use NVRAM for variable store. You can't reset it by just yoinking the power.
Not sure how it's done on T2-based x86 (assuming T2 acts as ROT), x86 itself isn't fused so firmware isn't tamper-protected but it could be done by T2 (from what I remember, T2 emulates SPI to the x86 host and actual x86 UEFI lives in dedicated portion of an "SSD".
T2 should be vulnerable to checkra1n though, so it should be possible to fool the ROT and at least modify NVRAM variables to change security policy but it would require some research. -
@coreysnipes textbook Apple.. I hate it so much.
Like, I can't even tell you how many lives have been improved and SAVED because I was able to install linux on an older mac and give it to someone.
This kills that..
@codemonkeymike @coreysnipes this is intentional, not a mistake!
-
@nicolas17 @yama @codemonkeymike @paulywill this, most modern machines use NVRAM for variable store. You can't reset it by just yoinking the power.
Not sure how it's done on T2-based x86 (assuming T2 acts as ROT), x86 itself isn't fused so firmware isn't tamper-protected but it could be done by T2 (from what I remember, T2 emulates SPI to the x86 host and actual x86 UEFI lives in dedicated portion of an "SSD".
T2 should be vulnerable to checkra1n though, so it should be possible to fool the ROT and at least modify NVRAM variables to change security policy but it would require some research.@elly @codemonkeymike @paulywill @nicolas17 @yama case in point, it's #AntiRepairDesign and there is no legitimate reason whatsoever!…
-
Another reason to hate #Apple We're seeing more 2018+ MacBook Pro/Air donations — but Apple's T2 chip means even after iCloud sign-out and reset, the firmware stays locked to the original account.
Without donor contact, these machines are useless.
I've upcycled ~1,000 older Macs, but T2 era machines will end that. It's controlling, creates e-waste, and will only get worse. #righttorepair matters — Apple couldn't care less.
@codemonkeymike
That does make it difficult for you.I realize you didn’t ask for these two cents, but it was you photo that shocked me the most. You will suffer additionally from cracked displays with such a tall stack of devices. I’d suggest no more than five high when horizontally stacked.
Good luck working with Apple on clearing Activation Locks. You may need to be registered as a business / agency to get the support you will need.
-
@elly @codemonkeymike @paulywill @nicolas17 @yama case in point, it's #AntiRepairDesign and there is no legitimate reason whatsoever!…
@elly @codemonkeymike @paulywill @nicolas17 @yama Worse even: #Apple's "#AEFI" / "#BridgeOS" is also on the same #SSD as the #OS, so when the SSDs suicide with
VBAT(13,2V) on 2,7V (or inevitably dies over useage due to writes) the device is braindead.- And that too is purposeful #AntiRepairDesign!
-
@codemonkeymike Android tablets are exactly the same, by the way.
@oscherler @codemonkeymike IME Android tablets don't even have serious bootloader locking, unlike phones. You can basically do whatever with them.
-
@codemonkeymike Link to information about this? Are you saying that the donors failed to clear these machines properly before getting rid of them, or that it is impossible for them to do so?
It’s possible to wipe the machine in a way that fails to remove the lock, and it’s not obvious to the user that it’s still locked when they think they’ve wiped it.
-
Another reason to hate #Apple We're seeing more 2018+ MacBook Pro/Air donations — but Apple's T2 chip means even after iCloud sign-out and reset, the firmware stays locked to the original account.
Without donor contact, these machines are useless.
I've upcycled ~1,000 older Macs, but T2 era machines will end that. It's controlling, creates e-waste, and will only get worse. #righttorepair matters — Apple couldn't care less.
@codemonkeymike Gee that sucks. If I ever get rid of my intel macbook I'll have to remember to unlock everything.
-
Another reason to hate #Apple We're seeing more 2018+ MacBook Pro/Air donations — but Apple's T2 chip means even after iCloud sign-out and reset, the firmware stays locked to the original account.
Without donor contact, these machines are useless.
I've upcycled ~1,000 older Macs, but T2 era machines will end that. It's controlling, creates e-waste, and will only get worse. #righttorepair matters — Apple couldn't care less.
@codemonkeymike There are many Windows laptops that can be used for Linux, why should Mac users who pay for security worry about this use of their old computer? If you don’t want a Mac don’t buy one, T2 chip or no. And Apple Silicon has this security built in without a T2 chip, so it isn’t only the T2. You can fix this by passing laws, but you can also pass laws to unlock other kinds of computer security, where does that end?
