Tons of perfectly usable Macs bricked!

[Svetlin]

Recently i have starting looking into a potential issue about Apple's software design. I'm talking about iCloud's activation lock and how it affects Tons of usable machines!
A refurbisher (@RDKLInc on twitter) has been sharing stories of numerous locked T2 enabled Intel Macs, and now even M1 MacBooks. These more than usable computers are turned into bricks, that are only good for parts. The reason is that they are activation locked, despite not being stolen. Large companies, schools, universities and other often buy iPads, iPhones or Macs in bulk, register them to their company account and use them for a given period of time. That's normal, but when these devices are replaced eventually nobody bothers to erase the iCloud account out of them. They are being sold to recyclers, which can't do anything about that and end up scrapping the device, a recent example i saw of this premature death is a MacBook Air M1, which is activation locked, and get this it has only 4 cycles on the battery. Essentially a brand new computer.
I find it really sad that many devices which can be used suffer this premature death. Imagine all the waste that is created every year. For a company that always wants to appear Green and caring about the environment, I find it really hypocritical!
I'm not talking about stolen devices, I fully understand that a stolen MacBook or iPhone should be Locked unless returned to their rightful owner. This issue regards big companies, who are too lazy to bother removing their account. Apple is a position where they are not directly in fault, but surely they know about this and choose to ignore it. A decision which is not in line with their green policies.
What do you think about this? Is there a way in which Activation lock can be changed to still keep stolen devices locked but not poorly managed devices?

Link to the tweet i am taling about:

https://twitter.com/i/web/status/1617207188790837254

(the picture is from there)

 

[leman]

Why would one make Apple responsible for this problem? Isn't it the fault of the organisations that sells locked computers? Frankly, I don't understand how this is not considered a scam in the first place.

ALAS, there is no secure way to deal with it. If Apple loosens the policy and allows for Macs to be unlocked, these tools will inevitably be leaked to thieves. The most they can do is make it easier to check if a computer is locked so that the buyer can verify this quickly.

 

[Svetlin]

Why would one make Apple responsible for this problem? Isn't it the fault of the organisations that sells locked computers? Frankly, I don't understand how this is not considered a scam in the first place.

ALAS, there is no secure way to deal with it. If Apple loosens the policy and allows for Macs to be unlocked, these tools will inevitably be leaked to thieves. The most they can do is make it easier to check if a computer is locked so that the buyer can verify this quickly.

I suppose that a simple server change, let say a period of time in which the device remains locked. If your device gets stolen, you enable "Stolen mode" in "Find My", which works the same as Activation lock now. And if you don't enable it the device is freed after a month, or year. Some solution like that will be entirely server side and not threaten Apple's security.
It's a lot easier for one entity(Apple) to change their policies than to teach all iT support in the world how to handle this situation. Think about the impact a simple change can have.
Companies, Schools and other that leave their devices locked should be held accountable for their anti-environmental mishandling of the situation, but I am not seeing anyone interested of doing that!

 

[MacAttack5.1]

I suppose that a simple server change, let say a period of time in which the device remains locked. If your device gets stolen, you enable "Stolen mode" in "Find My", which works the same as Activation lock now. And if you don't enable it the device is freed after a month, or year. Some solution like that will be entirely server side and not threaten Apple's security.
It's a lot easier for one entity(Apple) to change their policies than to teach all iT support in the world how to handle this situation. Think about the impact a simple change can have.
Companies, Schools and other that leave their devices locked should be held accountable for their anti-environmental mishandling of the situation, but I am not seeing anyone interested of doing that!

Sorry it’s been 4 years since my 2015 MBP was stoned and I locked it remotely on find me. I’d love to and still eagerly look if it turned up. Having bought a perfectly good M1 iMac activation locked and apple said it was a company or orgs and they locked it but didn’t claim it stolen. Shows they want to teach a lesson to **** employees without claiming legally they stole, same with schools.

Apples privacy laws forbidding the exchange as I wanted to let the company or org whose computer I had was with me and I’d send it back had me call foul on Apple being green but then again, Apple would be demonized by the privacy folks for any data given and the greenies are always going to whine until their HR jobs die up and they need to work a trade.

 

[mcnallym]

I suppose that a simple server change, let say a period of time in which the device remains locked. If your device gets stolen, you enable "Stolen mode" in "Find My", which works the same as Activation lock now. And if you don't enable it the device is freed after a month, or year. Some solution like that will be entirely server side and not threaten Apple's security.
It's a lot easier for one entity(Apple) to change their policies than to teach all iT support in the world how to handle this situation. Think about the impact a simple change can have.
Companies, Schools and other that leave their devices locked should be held accountable for their anti-environmental mishandling of the situation, but I am not seeing anyone interested of doing that!

so the issue is in training the IT department that when they dispose of a Mac/device they need to clear the iCloud account from it.

personally I would expect that when disposing of it equipment that the it department would be resetting the device/Mac to be clean slate ready for new setup anyway to remove any possible data from it.
would expect them to be wiping windows devices/android phones as well. Same for servers/storage devices.

quite frankly if have to explain that to an it dept about clearing data before disposal then I would be getting a new it dept!

Instead you propose training it dept to follow a different process, when the issue you say is in training them in the first place to follow a process. Not sure how you think situation will differ in that why do you think it dept will follow a different process, if the problem is not following a process now.

by placing the activation lock on the machine then locking it to your icloud account, what trigger do you use to start the time period to unlock unless the device marked as stolen/lost.

this also requires people to perform actions if it is stolen to protect the data on the machine/device, when already not following proper procedures and this could lead to loss of company data.

with the current situation then if people do nothing the data/device is protected. With your scenario then the data/device is not protected and unlocks after a set period unless someone takes action.

if the issue with the current situation is failure to to take the proper actions in a situation then you cannot rely on people to take the proper action in your scenario which leaves the device unprotected.

may as well train it dept on proper disposal methods as if company doesn’t have them then I wouldn’t want to have any data about me with them.

 

[FreakinEurekan]

you enable "Stolen mode" in "Find My", which works the same as Activation lock now. And if you don't enable it the device is freed after a month, or year.

A month or a year from WHEN? How is Activation Lock supposed to know when it was stolen?

Many of these are devices assigned to employees, or students, and often they keep them for YEARS. Having the device just randomly unlock itself while in their possession, seems like an unworkable solution.

 

[maflynn]

Recently i have starting looking into a potential issue about Apple's software design. I'm talking about iCloud's activation lock and how it affects Tons of usable machines!

Its not an apple issue. The iCloud activiation is to protect Mac owners, and prevents someone from benefiting from stolen macs.

I don't see how this should be an Apple problem.

 

[BrianBaughn]

Some of this may be due to tax laws. If the computer still has value and is resold then the company cannot deduct the full amount of the purchase. If a computer with value is "given" to an employee it would be considered taxable income…another tax issue on top of dealing with losing the 100% expense deduction.

 

[Shouldibuy]

every company i know that gives used apple devices do a clean wipe before handing them out, seems like an excuse to defend stolen property or incompetent IT dept

 

[chrfr]

Recently i have starting looking into a potential issue about Apple's software design. I'm talking about iCloud's activation lock and how it affects Tons of usable machines!

It’s part of the terms of the Apple agreement to use their automatic enrollment tools that the user is to remove equipment from that system when they dispose of the computer. The issue here is with the previous owners, who aren’t doing what they agreed to do, not Apple.

 

[i486dx2-66]

The "value" lost is between the original owner and the recycler.

If it was a big deal financially to the recycler/reseller, they would contractually obligate their customers to remove the locks before transferring the machines. Or contractually establish two tiers of value - one for unlocked machines, and one for locked machines.

The fact that this is an issue simply confirms that the change in scrap value is not worth the original owners time to unlock (or individually process) them, and that the recyclers would rather "roll the dice" than risk losing a contract over adding extra conditions.

The environment is the only loser here - financially, both parties have already made their cost/benefit analysis and chosen that it isn't worth the time to verify unlock status.

 

[genexx]

I heard that if you have the Bill you can get Apple to Unlock the Device but.......

I recently had this issue with an iPhone my Wife got as a Gift from a friend but she did not remember the Apple ID that was on ( yep she changed that ) and had no Bill anymore, so premature death !!!!!!!!!!!!!!!!!!!!

This was the reason for me to never ever get a used Mac or iPhone anymore, good for Apple not ?
But yes it is a shame.

 

[jdb8167]

If it was a big deal financially to the recycler/reseller, they would contractually obligate their customers to remove the locks before transferring the machines. Or contractually establish two tiers of value - one for unlocked machines, and one for locked machines.

In this case, the original poster, John Bumstead owns a "recycling" business. He takes in laptops that are contractually obligated to be recycled and wipes and sells them as used. He can't do that with Apple laptops because when the business or school decommissions them, they require them to be recycled and Apple enforces that by not unlocking the laptops.

If the laptops could be unlocked, then it would expose the information stored on the machines. This would also be against the contract that the "recycler" agreed to.

He has a shady business that is being blocked by very sensible Apple policies and wants a free ride.

 

[Gudi]

Why would one make Apple responsible for this problem? Isn't it the fault of the organisations that sells locked computers? Frankly, I don't understand how this is not considered a scam in the first place.

I would lay blame with the recycler, who bought (?) or accepted Macs for recycling without demanding them to be iCloud unlocked. When I bought my second-hand 24" iMac, I payed attention too.

 

[addamas]

Nobody with working brain would buy Apple device without making sure iCloud lock is disabled.

I don’t see a problem here, really.
What is more I am happy Apple played it this way because theft of iPhones drastically over the years because of such lock policy.

 

[Fishrrman]

Like it or not, most of Apple's products (including the upper-end line of Macs) are becoming, in essence, "throw-away" devices...

 

[MikeG17901]

The problem with these recyclers is that they are not recyclers; rather, they are used laptop retailers. Many of these companies purchase laptops en masse, resell as-is, and do not want to put any effort into the process. All they have to do is check the devices before accepting them to ensure the owner has removed any activation locks. If you or I tried to resell our locked Mac / iphone / etc on eBay, and it had an activation lock, the buyer would prevail in any return disputes (unless it was advertised as having an activation lock).

 

[chrono1081]

This is literally exactly how it's supposed to work. This isn't a problem at all. This is a data/device protection feature and is the sole responsibility of the original owner that put the lock on to remove it. It also has nothing to do with "right to repair".

You can contact Apple with proof of sale/ownership for them to remove it, our IT department had to do it when they fired the person who controlled the lock.

 

[Mom's Computer]

Our shop works with Seniors and Adult Learners, not a recycler. However we come across this and it's always sad that we can't help. Sometimes even if you identify the icloud account, the recovery emails/#'s are gone. I completely understand and appreciate Apple's policy. If my Mac somehow ended up out there, I'd want this outcome. It remains tough for many retirees to afford a new Mac, when (besides the lock) they or we can provide a very workable Mac. I have an M2 here donated from a deceased gentlemens son. He had no clue about his father's emails, logins and had shut down his dad's cell. When I asked if we could have access to his dad's email he said yes, and recovering the old email has been a loop! To make the story more macabre, the son passed 2 months later. I feel like I have been entrusted with something holy that secrets shall forever remain locked!

 

[Iwavvns]

Why would one make Apple responsible for this problem? Isn't it the fault of the organisations that sells locked computers? Frankly, I don't understand how this is not considered a scam in the first place.

Agreed, this is neither Apple’s problem nor responsibility. This is the fault of the people who purchase these devices and then get rid of them too quickly. These companies should be fined up to half of the cost of each device they get rid of, this will deter them from continuing this practice. Too often people act with complete disregard to their own accountability, and to the consequences, and then pin the blame on someone else to avoid the feeling that they failed.

Stop blaming Apple for something that is clearly not Apple‘s fault.​

 

[AZhappyjack]

Agreed, this is neither Apple’s problem nor responsibility. This is the fault of the people who purchase these devices and then get rid of them too quickly. These companies should be fined up to half of the cost of each device they get rid of, this will deter them from continuing this practice. Too often people act with complete disregard to their own accountability, and to the consequences, and then pin the blame on someone else to avoid the feeling that they failed.

Stop blaming Apple for something that is clearly not Apple‘s fault.​

I blame the recyclers for this dilemma - for not requiring the iCloud accounts to be removed before purchasing these devices from companies, school systems, etc. It makes you wonder why a recycler would bother with paying decent/good money for devices that are bricked because the company is too lazy to reset them... and the companies are laughing all the way to the bank.

 

[AlmightyKang]

I blame the recyclers here. They are paid to dispose of the machines. I work on contract for an evil megacorporation with a very high data security requirement. We pay the recyclers to completely destroy the machines as part of our security policy (I’ll get into that later). What really happens is they sign a bit of paper and tell everyone they were destroyed and then auction them off by the pallet to the likes of the person whining about this. They get paid twice: once for taking it away and once for selling it on. And the person whining about this is expecting to add value and then make money out of it. His market was at risk and is now dead. Sorry but it was a crappy business model.

Anyway this is exactly what the hell we hope is going to happen if the recyclers can’t be trusted to dispose of them: they retain security integrity.

Now the security policy is where this goes wrong and the security policy is roughly based around the fact that we have 200 computers at a time to get rid of. Our options are:

• Pay a guy to erase them properly, reinstall macOS and then sell on. That costs us at least $150 a device in time and energy. Total = $30,000
• Assume the secure enclave works properly, pay a recycler to take them away and shred them. That costs us $25 a device. Total = $5000

And that’s why this happens.

The STUPID thing that happens though is perhaps out of the 200 machines, 10-15 are completely unused and they are shredded as well. Although the old Intel ones have a habit of turning into bricks that can never be powered up again if you leave them in a cupboard for a couple of years as well (we had several dead 2019 MBPs which wouldn’t power up after only a year in storage!)

I’d like another outcome but no one is going to foot the bill for cleaning up ex corporate machines. And after 2-3 years you should see the state of some of them. They need to be buried the poor things.