Scripting News - Latest Comments in What I learned about security, privacy and Apple (Scripting News)

Re: What I learned about security, privacy and Apple (Scripting News)

Sat, 10 May 2008 13:51:57 -0000

What does this have to do with today?

Re: What I learned about security, privacy and Apple (Scripting News)

Huaso — Fri, 04 Jan 2008 17:13:51 -0000

What about Apple installing "reacondicionated" drives on a new macbook? i hope they don't, but if they do so, they will make lots of money

Re: What I learned about security, privacy and Apple (Scripting News)

dave — Wed, 02 Jan 2008 19:14:59 -0000

I hope you're not really a former genius.

How does one become a former genius, btw?

I didn't say that Apple "thinks they own your content."

Must have a pretty weak case if you have to argue against things I didn't say and don't believe.

Also, just curious how you got here -- there's been a curious increase in the crappyness of the posts here in the last few hours.

Re: What I learned about security, privacy and Apple (Scripting News)

Former Genius — Wed, 02 Jan 2008 19:01:02 -0000

If your data was so important, Dave, why are you storing it on a portable computer that could be easily stolen from you? The odds of someone literally grabbing it from under your fingers as you type another ridiculous post claiming that Apple thinks they own your content are thousands of times greater than Apple or one of their suppliers violating the policy that prevents them from doing anything with your data.

Encrypt your data. Store it on a pocket hard drive and use the internal HD for non-sensitive data only. Or many other tactics you could have employed.

Depending on the state you live in, you could have bought a true "replacement" hard drive (for many times the $160). You chose not to, just as you chose not to ask questions and just as you chose initially for them to take your HD into the back.

Scream all you want, Dave, but there's some obligation on the consumer to certain things, too.

Re: What I learned about security, privacy and Apple (Scripting News)

Simson Garfinkel — Tue, 01 Jan 2008 12:31:56 -0000

This is why you should be using FileVault.

Re: What I learned about security, privacy and Apple (Scripting News)

Jake — Sun, 30 Dec 2007 12:10:32 -0000

Ah yes, Dave's at fault because he didn't encrypt the data. Yeah, that's it.

Jake
communityguy.com

Re: What I learned about security, privacy and Apple (Scripting News)

rich — Sun, 30 Dec 2007 11:28:59 -0000

Everyone who owns a computer.. especially if you are a man... men are are supposed to be somewhat adept at using tools... -a screw driver, a torx wrench- should be able to open their mac and add ram, or install a larger hard drive, or replace a defective hard drive. This is not rocket science,,, admitidly sometimes opening the mac -espcially some of the old ones I-mac and E-mac -with tubes instead of flat panels- can be hard to figure out-the first time through-... There is always online help and instructions available..

Adding RAM or Changing your hard drive does not void your warantee..

there are small circuits that one can purchased -30-50- dollars that can be plugged into any raw hard drive.. and connected to your mac via firewire or USB.... that will allow access to your hard drive eve if the that hard drive is not able to boot up your computer... you should be at ease doing this simple proceedure... you use this proceedure to clone your internal hard drive to the external raw drive as a bootable back up drive.

all you need to see, is it done one time...-a piece of cake- and then you to can do it...

Apple was fortunate that there was no contamination on your mother board.... replacing that would have cost them their profit on your computer... they may have had to give you a replacement computer...

When buying any Computer or perhipheral ALWAYS insist on a factory sealed carton..
If for somereason a new device has to be replace at the store from where you bought it... you want a FACTORY sealed carton as a replacement... so when you bring in your computer for service and it is less then 3months old.... pack it back up in orginal carton and packaging... demanding a FACTORY SEALED carton as a replacement.... never buy a computer wher the reseller has to open your box, and open your computer to add something, like more ram... do that your self later... do not buy a computer that has been opened..

I agree the hard drive replacement experience... was ruiniation of the apple experience....

next time you have to ut smart the Apple geniuses.... -in my experience, it's not so hard to do-

One last thing, many Mac users, -friends- use me as their guru, I have helped them through their service problems. I have seen -replacement computers that were worse than the one replaced-

yu should have a guru friend.... who is very familiar with the apple product line and the apple waranty repair process.... see them first....

The last thing I want for my self is to have the apple "geniuses" having their hands inside of my computer..- only as last resort-...

so far, in all these years... since I bought my first "Mac-128" 1984, I have managed to keep the local " mac geniuses" out of my computers..

Any one who really knows computers and macs.. are not going to be making a living by servicing these computers... there is not enough money in it..

Make friends with someone who really knows what they are doing.... call them up for advice, sometimes they will see your computer for you, most of the time they will be able to orient you, into what is in your own best interests.... they will not charge you any money... and if they do something that takes more than 30 minuets for you, offer them something, don't ask How much do I owe you. Make them a friend -beyound just computer stuff-

In my life. I have at least a dozen friends who went MAC because of my conciling, and they use me, to solve mac issues... mostly all the time on the phone in 5 minutes.. sometimes I go to their house, or ask them to bring their mac here to my home.. -most rare-

I have saved them mony and time.. they are my friends...

Re: What I learned about security, privacy and Apple (Scripting News)

Sean — Sun, 30 Dec 2007 01:53:14 -0000

but if all the fails is the logic board, and not the drive itself, then that data is easily recovered.

Re: What I learned about security, privacy and Apple (Scripting News)

Tom Morris — Sat, 29 Dec 2007 11:30:42 -0000

On the plus side, the price you were quoted was cheap. My friend was quoted $408 by the local Mac store for the same job. I think CompUSA quoted $210 and the local independent Mac repair place $80/hr plus parts.

I had her buy a bigger drive at CompUSA for $100 (paying the brick & mortar retail premium) and used the instructions at iFixit to replace it. Not a trivial job, but not that hard either.
http://www.ifixit.com/Guide...

Sounds like there's more than enough blame to go around. The data should definitely have been encrypted, but a service oriented establishment would have given you the drive back for a surcharge. Of course everyone knows that Apple isn't service oriented, so you bought into that when you bought your laptop.

Re: What I learned about security, privacy and Apple (Scripting News)

loretta jacobs — Fri, 28 Dec 2007 18:16:02 -0000

You should send email directly to stevejobs@apple.com. You may be surprised. I was once stuck with a lemon iPod, and couldn't get anywhere with the apple folks on the phone. I sent an email like this, and while I didn't hear from Stevo himself, I did hear from some upper level dude, and the problem was resolved at once. Do it!

Re: What I learned about security, privacy and Apple (Scripting News)

Carlie J. Coats, Jr. — Fri, 28 Dec 2007 14:32:25 -0000

IANAL, but... "As far as I know they think they own the contents of the disk as well as the disk itself." Copyright law is *very* clear on this point: as soon as you hit the "save" button, you have created a copyright work (with narrowly-tailored exceptions for "work for hire."
Moreover (as SCO vs. Novell demonstrates), copyright title does *not*
transfer without a specific written conveyance -- I'll bet Apple's form does not describe your source code in detail, for example. If it gets out at all, you have them for copyright infringement. Arguably, you have a case for an _ex parte_ order, to go back to them with a Federal marshal and sieze the drive (following the precedent of the Scientologists and the BSA -- to implement that, you need the advice of a good copyright lawyer, though.

FWIW

Re: What I learned about security, privacy and Apple (Scripting News)

Bill Davidsen — Fri, 28 Dec 2007 10:02:23 -0000

You didn't tell us why the sensitive data wasn't encrypted...

While I agree that Apple has an unacceptable policy, in terms of security you failed before the disk did.

Re: What I learned about security, privacy and Apple (Scripting News)

Mike — Wed, 26 Dec 2007 02:05:58 -0000

"And always be aware that you could lose a laptop, or it could be stolen. So far it seems that this is not yet an identity theft concern, but you can't be sure, and it won't be long before it is."

Perhaps you are unfamiliar with the mess last year involving a Veterans' Administration programmer who took a file containing millions of veterans personal data home with his laptop to work on over a weekend.

Common burglary when he was away, laptop missing with 25 million names, addresses, SSN's, military and health information on people just like and including me. The Virginia local and state police, the FBI, and the Secret Service were on high-active search mode looking for this laptop, and it was recovered a couple of months later, drive un-wiped, being sold from a flea market. While there was no indication that the file was accessed by anyone, it put a huge scare in the VA and some top heads rolled over it Veteran's weren't exactly comfortable with the idea of our files exposed to the public either.

I use PC's and PGP encrypted folders and drives. I'll have to look into File Drive (saw it in another post here.) The rest of the posters had valuable information, even though I don't deal with Mac I have still had to send off PC formatted drives for warranty exchanges, and found that I received in return "refurbished" drives. I always do wipes and low-level formats before anyone else can get it. Recently though, since drive prices have fallen so fast, I just buy a new drive and destroy the bad one.

Re: What I learned about security, privacy and Apple (Scripting News)

cosmo — Tue, 25 Dec 2007 23:40:10 -0000

This is one of the reasons I don't by a mac. I build all of my own computers from from the parts I wan't not what they sell, its strickly custom.

Re: What I learned about security, privacy and Apple (Scripting News)

Ex-IBM — Tue, 25 Dec 2007 19:26:02 -0000

The procedure for IBM Thinkpads was similar.
HD breaks
-> customer sends it or the TP in and the HD is exchanged
-> the exchanged part is tested
---> if the part is bad it gets scrapped
---> if the part is found to be still ok it gets formatted and stocked to serve as replacement disk

Of course mistakes happen, therefore always keep the HD if there is sensitive unencrypted data on it. If you are big enough a customer you will ge away with dropping the HD on the floor a few times to make sure it can't be used as a replacement part. ;)

There were funny stories about replacement disks having data on them - pr0n on a replacement disk at a governmental body, e.g. Of course this was a rare exception, but you can never be 100% sure about what happens to your data...

Re: What I learned about security, privacy and Apple (Scripting News)

Donald Brown — Tue, 25 Dec 2007 12:16:54 -0000

This system has also been in place since the Apple II days, and makes sense for the custom parts that Apple uses...they don't want people making Frankenmacs, and they want to track where they are problems and see if certain suppliers are delivering bad equipment.

The problem is when it applies to off-the-shelf components, and particularly hard disks due to their sensitive data. And it's compounded when the customer doesn't realize what's going to happen. A few years ago, I had a hard disk go bad in an iMac. My experience was different because the guy at the genius bar explained what would happened, and pointed out if I bought a new hard disk from them and had it "upgraded" (at about the same price) it wouldn't be a repair and so I got to keep the old hard disk (which, in an external enclosure, I managed to tap and spin into briefly starting up so was able to recover some data).

With the MacBook, you can change the hard disk easily and do it completely yourself. But even if their people are working on the hardware, there's an alternative.

The system should handle hard drives differently.

Re: What I learned about security, privacy and Apple (Scripting News)

Fakeserious Nameserious — Tue, 25 Dec 2007 02:12:24 -0000

Last time I checked no computer maker has any plans to recover data for you... absolutely not their responsibility.

Re: What I learned about security, privacy and Apple (Scripting News)

Keith Irwin — Tue, 25 Dec 2007 00:31:50 -0000

If you're going to change passwords, you should serious consider using passwordmaker (www.passwordmaker.org). It's free and secure and carries a large number of benefits, not the least of which is allowing you to have all your passwords handy without having to store them on a hard drive. You give it a master password (which it -can- store on the hard drive, but I don't recommend it) and then it uses a cryptographic hash to combine that password with a URL or other identifying string and produce a new localized password. This will give you a different highly random password for each site such that the different passwords cannot be used to find each other or the master password (except through a dictionary attack on the master password) and you will still have all of your passwords available even if you're on a new machine as long as you remember the master password and use the same settings. It's a terrific application and should be used by most everyone.

Re: What I learned about security, privacy and Apple (Scripting News)

TomNY — Mon, 24 Dec 2007 20:44:01 -0000

The hard drive on my on's iMac failed 2 years ago and when we took it to the Apple store in Raleigh we got the same line about not getting the hard drive back. We escalated it out of the store to the home office and someone was pulled out of a meeting to tell us the same story. Considering that the drive had photos of his little girls as well as his personal information we took our business elsewheres. We had the drive replaced and were given the old drive. When it was proved to be unusable we destroyed it. Needless to say he has bought his subsequent Macs elsewheres.

Re: What I learned about security, privacy and Apple (Scripting News)

beg — Mon, 24 Dec 2007 17:00:07 -0000

Here you go:
http://manuals.info.apple.c...

Re: What I learned about security, privacy and Apple (Scripting News)

doug Petrosky — Mon, 24 Dec 2007 15:20:35 -0000

sfx2000 is right on target here. This is policy and procedure and if you understand it, it is much more understandable.

Apple authorized companies to fix mac hardware. If that company uses an APPLE PART. Apple wants to track that part. This can be to determine more wide spread failures, keep track of valuable components or just to make sure the service centers are doing what they say before billing time back to apple. As such apple has two prices on "APPLE PARTS", and exchange price and a stock price. The exchange price is a reasonable price based on the cost of the component when the computer was created. Thus a year and a half or two years ago when you purchased your macbook $160 for 80GB laptop drive was about what they went for. The stock price is much higher to ensure that replacement parts make it back to apple.

This all makes sense for logic boards, power supplies, cases etc. But not so much for memory and hard drives. If he really wanted the drive back, I guess he could have paid the higher stock price or just go to an apple service center that supports third party parts.

Someone should have given you better options, but they did what they had to do.

Re: What I learned about security, privacy and Apple (Scripting News)

futurepastnow — Mon, 24 Dec 2007 14:58:35 -0000

Great, how abou t some instructions on how to do this?
I would most assuredly replace the disk myself if I knew
what screws to remove and get the macbook apart .

Re: What I learned about security, privacy and Apple (Scripting News)

SamiSam — Mon, 24 Dec 2007 14:54:02 -0000

Besides the fact that Apple is already collecting some type of a fee for exchanging the harddrive and to add to the facts of sfx2000, apple is already making a double digit profit and on the service that it claims should be prorated at whatever final cost minus the proclaimed hdd price. The replaced hdd's are usually covered by some type of a warranty, and in some cases, many large corporations such as apple, dell etc.. have unusual and uncommon warranty based agreements that will honor the defective part. look at it as a large extended warranty coverage that you can pick up with a new laptop/pc upon purchase.. It's all about higher marginal profits as opposed to good quality like service.

This - I think - what the traits will be of major corporation in the new millinium. Less q/c, higher production rates, accessable technology (by the public), and a loss of good will ethics in the inner circles of these corporations. (which drives the final policy -first point of support/interaction with the consumer to lose all trust in the product itself and many more proclaimed to be whatever they maybe).

Just remmeber the days of the 80's and 90's when buying a product with a well-known logo, definitely meant the solidness and shelf-life you'd come to take for granted and get your money's worth.

Re: What I learned about security, privacy and Apple (Scripting News)

tannerellen — Mon, 24 Dec 2007 14:09:03 -0000

There are 3rd party apple authorized repair centers you know, like the ones that everyone had to go to before there was even an apple store in existence. There are 3 that I know of off the top of my head where I live in the seattle area. I have never experienced apple voiding the warranty of a computer because of someone installing a hard drive anyway. I have worked for an apple authorized repair center for the last 10 years and it has not happened once. If a 3rd party drive fails they won't fix that under warranty but if the problem is unrelated you should have no problems. The new macbooks even have a user accessable hard drive. Why would they do that if replacing the drive voids the warranty. If you are buying a hard drive or ram do not buy it from the manufacture of the computer, it is very simple. This will not void your warranty, so quit spreading FUD.

Re: What I learned about security, privacy and Apple (Scripting News)

sfx2000 — Mon, 24 Dec 2007 11:43:50 -0000

If it is a Apple Service Part, these are managed by Apple under the Service Exchange Program.

In a typical repair like yours, the dealer has the drive in inventory (managed by Apple), and if the failed part is not returned to Apple, the dealer is charged again for the drive.

There is a chain of custody with Apple Service Parts, your dead drive will go to a facility for failure analysis, typically by Apple, sometimes by the OEM, and then, most like recycled (not refurbed for drives typically).

Major components, such as mainboards, are refurbished, and placed back into the parts program.

If the machine is out of warranty, replacing items such as hard disks, it's usually more sensible to replace the part with a non-Apple logo'ed part. It's cheaper, and yes, then you can keep your old drive.

Now... if the drive the Genius is not an Apple part, then you should be able to get the drive back, as it would not qualify under the Service Exchange Program. It's a one in, one out process...