Why would someone not set up activation lock? This is exactly what it is for!
> An attacker could “prank” someone by wiping their MacBook, activating it with their own Apple ID, and then reporting it as lost. The victim then has no way to recover it.
There is really no solving denial-of-service problems associated with losing a device. The priority in that case should be preventing unwanted disclosure of data, which is exactly what Apple did here.
I didn't set up "Find My". The connection with the Activation Lock wasn't obvious to me.
The main thing Apple emphasizes is that you can recover a missing device. But it wasn't obvious to me how that would work without an internet connection (unlike with an iPhone where I have a data plan).
Protecting unwanted disclosure of data is different than preventing the erasing of a device, which is where I'm stuck.
Yeah, I'm a lifelong user of apple products and I had no idea until your article that "Find My" was an activation lock. I thought it just reported your location to Apple, and so I turned it off for privacy reasons...
That's an interesting fight between minimalist designers/product people and a good security team wanting to make things crystal clear. Especially at a company like Apple that really strives to prioritize both. I'd like to be a fly on the wall for that conversation.
Because I want my laptop to be hostile any potential users other than me, the owner. Many other devices can be wiped and put back into service with physical access alone. This is a vulnerability because it makes the device valuable to thieves.
> Imagine buying a car that requires activation from the manufacturer, and they could permanently disable it at any time if someone stole it.
This has been standard on GM vehicles for decades.
OnStar's anti-theft feature requires it to be initiated by the police. Not some rando who stole it and signed in with his own Apple ID... It is a premium service that requires you pay a monthly fee.
Nor does it permanently brick it; it can be unlocked by any dealer, or more likely once the police recover the car. In fact you could probably just remove the OnStar box and the car would be drivable.... it's designed to stop a theft in progress.
Most importantly, if you don't pay for the service it does nothing at all.
Basically the opposite of everything that went wrong in this article.
Yeah, it's a leaky analogy and doesn't quite compare. The biggest difference with cars is that they're titled and so ownership is much easier to prove. Although, if you have title issues with property you can also get yourself into quite a difficult situation. In the case of Apple products, Activation Lock more or less functions like a digital title system.
Not really. Things with value are valuable for thieves. Unusable devices are less valuable than usable ones, which is why iPhone theft has plummeted after the introduction of activation lock. It isn't completely gone, but it is way less of a problem than it used to be.
> The better question is why would someone buy a computer that is so user-hostile it requires "activation"?
It's user hostile but owner friendly.
> Imagine buying a car that requires activation from the manufacturer, and they could permanently disable it at any time if someone stole it.
I would absolutely buy that car. If you want it now, you can purchase OnStar [0] which proves that enough people want it. "Once law enforcement confirms your vehicle has been stolen, our Advisors use GPS to help authorities find your vehicle. But that’s just the beginning. When it’s safe, we’ll work with authorities to remotely slow it down.* And with Remote Ignition Block™,* we can also remotely prevent a thief from restarting your vehicle."
Tech geeks tend to assume everybody wants to live in anarchy. I absolutely think every car should have a remote slower to eliminate the risk of most car chases.
> Tech geeks tend to assume everybody wants to live in anarchy.
The tone I get here is that tech geeks assume we want to live in a civil society, where one can plead their case and see Apple unlock the device when one has shown they have legal ownership and possession of it.
But, if the story is telling the whole story, anarchy is what we are living in. Apple just goes off and does its own thing without recourse.
If you really want, there are devices you can install to do this yourself and self-host the infra for (minus the mobile data), not sure how well they work with fancy modern cars, but they exist.
> I absolutely think every car should have a remote slower to eliminate the risk of most car chases.
I can't wait to be pulled over literally by an angry cop who doesn't care about where they choose to stop my vehicle, and if it's safe for me or not, or deliberately chooses to do stop in a concealed spot for reasons that won't be good me.
> since we're talking about HN's favorite computer company
That's not even remotely true, as evidenced by many other comments on this submission.
A lot of people seem to think that HN has a consensus on various subjects, but I'd say a defining feature of HN is argumentation and lack of consensus.
Such car exists. It is basically any modern car. Even your beloved Tesla. It needs an activation by Tesla and they can revoke that and lock it up at will.
You beloved Porsche is this way as a theft prevention, when you bought the right options.
IRC Renault doesn't sell you the battery for your electric car. You need to rent it. Then it is in the contract, that if you miss your payment that they can lock down the battery and as such the car.
One of the reasons for the activation lock is to deter people from stealing your laptop, since even if someone swipes your laptop from under your nose, they have a brick that they cannot use. Best they can do is cannibalize it for parts (and Apple is even trying to prevent that, for better and for worse).
Are we to suggest buying Microsoft instead? Windows login and forced Microsoft accounts are a thing. I try to justify buying anything but apple for every purchase. Unfortunately, everyone else insists on making their products worse at a faster rate than apple.
We are talking about computer hardware, Microsoft or the OS vendor is irrelevant. For the record you can install Linux on many Surface devices unimpeded.
The hardware and the software go hand in hand. Both hardware and software from non-apple products is inferior. I wish it were not the case, but here we are. I run Linux on my server & Windows on my desktop. The windows desktop has destroyed itself multiple times on forced updates. All my Android phones fall apart or have major features stop working around the 20 month mark. All my apple devices have lasted, never crashed, and never suddenly make me think about something other than what I picked up the device for. Installing Linux is trivial. It has it's own problems. Ultimately, that is why I've landed where I've landed. Sadly, Apple is the least terrible experience of all those options.
> An attacker could “prank” someone by wiping their MacBook, activating it with their own Apple ID, and then reporting it as lost. The victim then has no way to recover it.
When you lose physical control of a device, there's an even bigger denial-of-service vulnerability: https://media.istockphoto.com/photos/breaking-a-laptop-compu...
There is really no solving denial-of-service problems associated with losing a device. The priority in that case should be preventing unwanted disclosure of data, which is exactly what Apple did here.