Macbook's T2 Claims Another Victim, Apple Refuses To Honour Warranty

[That Franc]

Since all the security talk is taking place, I want to remind you all about this:

Spoiler

 

[Guest]

1 hour ago, That Franc said:

Since all the security talk is taking place, I want to remind you all about this:

  Hide contents

 

Savings in the bank are savings in the bank #hustle. 

 

On a more related note, is this just a one-off case? I haven't seen anything noteworthy of T2 chips breaking. 

[jagdtigger]

9 hours ago, NumLock21 said:

Optional or not, it's the same function when it comes to encrypting data and the prevention of data theft.

At least if the TPM dies the machine itself will be still functional. Its way too much of a gamble to trust the t2 chip knowing how bad apple's track record is....  Modern CPU's have HW acceleration for encryption algorithms so there is no point in using a dedicated chip.

[Yongtjunkit]

19 hours ago, iamdarkyoshi said:

While I totally agree that anyone without a backup (especially time machine since it actually works) is a moron, it doesn't address the fact that apple is locking out third party repair. Everyone should have a choice on where to bring their car for repairs, or repair it themselves. The same should apply to their computer.

Not only that, there should be an option for user to disable the T2 chip( encryption) if they decided that they don’t need it, and have their data easily recoverable 

 

also they should give a warning about the T2 chip and the consequences of not backing up to the user in case the hardware( motherboard) dies 

Long paragraph incoming 

 

Rant about Apple pricing of their Mac

 

I have an ASUS laptop that is 6 years old and it’s failing for some unknown reason (random hardware stop working while I was using it or when I wake the laptop up from sleep ), since it’s a windows laptop, I plan to just buy a windows laptop (Vivobook ultra ) for Rm 3K with ram upgrade + ssd installation included ( base model is RM2899 retail - 4GB of ram) which has 2 extra cores from a MacBook Air and it’s way cheaper than a MacBook Air base model( RM6K ), for the MacBook Air with the specs I want, it cost RM 10K( and it’s still have a dual core ) and the student discount is not helping at all not to mention that it’s out of reach for most people in Malaysia.

 

Also I would count that dead T2 chip as a defect from apple and refusing warranty claim is seriously unacceptable considering the price of their MacBook in Malaysia 
 

Rant/Issue with Apple service in Malaysia 

Malaysia only have AASP in Malaysia where they can set their own repair prices(this means that they can rip user off and some places is cheaper than the other ) also if you sent your phone to 3rd party repair shop, they will not even touch it at all( I heard that in the US, they were allowed to repair products that was serviced by 3rd party)

 

 

I may still buy their products but not their Mac especially with the T2 chip , iPhones maybe 1-2 gen behind from the latest( I brought an iPhone 7 when the iPhone X is out due to ridiculous pricing )  also I would definitely need to research for official Serviceability from Apple before buying )  

[realpetertdm]

I've now officially thrown all thoughts of buying an Apple device out the window. I don't want to support a company that fucks over customers this bad, and I also don't want to be fucked by Apple with my data.

 

On a side note the r/Apple thread is a goldmine.

[TechyBen]

On 8/3/2019 at 9:15 AM, Bcat00 said:

This is why I won’t buy MacBooks or iPads. They’re just not that great. I do own a iPhone though because I only want a phone that works and nothing more in terms of needs.

Yep. Even if I look at Samsungs or Sonys top end Android (or some other competitors Microsoft/Windows systems) tablets, It's impossible to match the quality, speed, spec and *price* of an iPad. You can get cheaper Androids, or more expensive full Windows (and GPU!  ) tablets, but iPads have this nice in the middle range of amazing spec and quality of build (minus the recent bending ones).

 

But I've never purchased one. Because with most Windows/Android systems, if I *need* to change something I can. Apple? They tell me to go fish... so I do.

[TechyBen]

10 hours ago, mr moose said:

He wasn't asking, he was outright insinuating that non removable batteries were to prevent repairs and nothing else.    Removable/replaceable batteries don't preclude remote wiping or GPS.

Yeah! "Quick take the battery out so they cannot remote wipe it" or "quick put it in foil so they cannot remote wipe it"... like, the battery does not really prevent theft... and you can secure "cold" storage without a t2 chip. It's just it needs other systems. t2 chip gives Apple all the control, and gives them the "seamless" option for bulk, and lucrative, sales to over marked up marks in the public/private sectors.

[Thaldor]

7 hours ago, justpoet said:

It isn't about having a burner.  It's more about preventing folks who lose or have something stolen from suddenly having personal stuff show up online or their identity stolen.  Security and privacy aren't a joke, nor something to be taken lightly.  They're a right, and much like other rights, worth fighting for.

In almost every case of personal data popping up in the net that personal data has been taken from some forked cloud drive or just managed to get through social media accounts which have used the same password as some forked service. Third biggest place where that data comes from is... the person themselves because sending nudes or whatever data you wouldn't want to popup in the net to other people without thinking about them leaking that forward is stupid.

Identity thefts are usually done also either through password lists and users too stupid to use different passwords in different services or just taking public photos from the social media that the victim themselves have posted as public. But with highly succeeded identity thefts there's still the huge #1 reason: wallets. No need to hack it open, impossible to remote wipe, easy to find and get and usually include a lot more personal information than any computer.

 

For real, media likes to grow things out of their real scale and sell stories how hackers go through laptops for information like kids in toy store. In reality, no one gives a fuck about the information inside the stolen laptop if it takes more than pressing a power button to get into it and even then they probably laugh at your vacation photos and your music taste and few might be handy enough to try to get your passwords for Spotify and Netflix to get free subscriptions. In 99% of cases where laptop is stolen, it is just sold forward to get money for drugs, alcohol or whatever.

It's also stupid to think that you would be meaningful enough that someone would try to hack your stolen laptop to get your vacation photos and whatever other stuff there is. You are not worth it, you would need to be some celebrity for someone care enough or be in some company in such a place that the competitor would care enough (corporation espionage goes to the whole other level, they don't care to drop couple of millions to hack into competitors laptop if they know there's a jackpot, but in that case you would have to be in that kind of position that your laptop could have something like that and some normal coders or sysadmins laptop is never that important).

Someone to hack into your stolen laptop needs a reason to do it and almost always there just isn't one. Some random laptop from a bag left unattended at shopping mall might have something interesting in it, but more likely you spent the hours to crack the password and do all that social hacking and bruteforcing and so on and end up with 200 gigabytes of cat photos is more likely result and 100% not worth it.

 

Security and privacy aren't jokes, except when people make them out to be jokes without knowing to what extent they need them. And T2-chip scale hardware encryption is a joke in consumer product securitywise because the inconveniences are huge compared to the gained security and the use. It's like buying a armored car that uses thrice as much fuel, is uncomfortable to drive, is so huge you cannot really drive in cities and costs a lot and you are a unemployed performance artists living in a city which biggest crimewave ever has been one drunk who stole peanuts from two bars during one night and even the cops don't carry guns because that's how peaceful there is ("but they shoot people in the middle-east, I need armored car!" no, you don't).

[LAwLz]

13 hours ago, Ryan_Vickers said:

Perhaps I should clarify and reiterate my point: last I checked, there's encryption methods that don't rely on such a chip that would take even a super computer multiple heat deaths of the universe to brute force, thus making something like this unnecessary.  Are you saying this is not true and all modern encryption is basically pointless?

I don't think you understand the issue at all. 

This isn't about some "specific encryption method". The T2 does the same encryption method as let's say VeraCrypt (which doesn't require a TPM). 

The TPM and T2 are additional security functions which operates with key management rather than encryption. 

 

It's true that it could take thousands upon thousands of years to brute force AES 256. But it is equally true to say it could take 5 seconds to brute force it. The encryption is only as strong as the password in modern symmetrical encryption, so the more protection you got for it, the stronger it becomes. 

 

For example the iPhone has fantastic security despite most people only protecting it with a 4 digit pin. Brute forcing that offline would take like a second if not even less. But because of the additional layers of security provided by the secure enclave, a 4 digit pin is all you need to thrawt even the FBI (outside of some vulnerability in the implementation like what Celebrit might have discovered). 

 

 

13 hours ago, Ryan_Vickers said:

Especifically in regard to these machines, it's worse than a controller failing because even if that isn't dead, if there's some other issue with the machine that makes it inoperable, which seem to happen fairly often, you're still basically out of luck because the drive is soldered in and fed through that chip, so your data has to go through the machine.

You're getting cause and effect mixed up in thwt case. The problem here isn't the T2 chip and it deserves none of the blame at all. The T2 is a fantastic feature. The problem here is that Apple has made the logic board in such a way that if one component breaks, all of it has to be replaced. This would not be an issue if you could replace most individual components without changing the other ones. 

 

 

You're blaming the wrong thing completely. 

[LAwLz]

8 hours ago, mr moose said:

His point is if it can't be repaired it becomes a burner laptop.  Similar security can be obtained other ways,  so turning a $1000 laptop into a single use consumable is the joke.

No, similar security can not be obtained in any other way. 

Nor is the MacBook a "single use consumable". I mean come the fuck on. I dislike Apple too but people in this thread clearly don't know the first thing about security, how the T2 works and what it prevents. 

[LAwLz]

2 hours ago, Yongtjunkit said:

Not only that, there should be an option for user to disable the T2 chip( encryption) if they decided that they don’t need it, and have their data easily recoverable 

There is an option to disable it...

 

I should also add that there is a recovery key available, just like for Bitlocker.

 

This entire thread is full of misinformation from people who aren't qualified to discuss security and who doesn't fully understand what is going on. 

[Guest]

5 minutes ago, LAwLz said:

This entire thread is full of misinformation from people who aren't qualified to discuss security and who doesn't fully understand what is going on

WOW! Just "WOW"!! O_o

[Drak3]

5 minutes ago, Cora_Lie said:

WOW! Just "WOW"!! O_o

Lawlz isn't wrong here.

[Guest]

5 minutes ago, Drak3 said:

Lawlz isn't wrong here.

1. This is a generalist forum, tech oriented, certes, but a public generalist forum.

      1a. Hence not all users want to go into details about what they know and how they know it for different reasons, which are their own.

2. The main topic here was/is the tendency of Apple to misuse advanced tech in order to "trap" their lambda customer and not INFORMING them. So, back to the main topic: Is it not true? I already gave my opinion.

3. Some very good points have been made and explained, but once again "generalist board" so for sure, I would NEVER enter into a too in-depth discussion here. That's also why I stopped discussing last night with another board member when he started saying "I know because I do this and that!", when someone starts dropping the balls on the table and implying that "He/She" has the final word "because..." then there is no more any discussion possible.

Do I need to say it again? "Generalist open board!" So... IMNSHO spending more time in this kind of "exchange" is just not worth the energy spent. But, of course, that is just me...

4. What he/she did is basically say "You're all full of crap! What you say is crap! You're not "specialists"! I am! So shut up and listen unless you are at my level!" and slamming the door in the face of everyone.

My "problem", which is not really one AFAIC, with that way of doing is that basically it means only "specialists" have the right to talk and everybody else has to listen. And then, again, "generalist forum" with people of lots of different backgrounds, from different coountries, with different policies and philosophies (and so on..) who come here to exchange, share, have some fun, chill out and learn. And sometimes, listening/reading opinions from others can give you a new idea or another point of view on a subject which can make yours evolve differently, maybe, possibly, eventually...

A "specialist" is by definition "specialized" in 1 domain, maybe 2. Unless, in some rare cases, your speciality is to study, assemble, concatenate, analyze and then provide "new" stuff from that.

 

And all this was basically summed up in my

46 minutes ago, Cora_Lie said:

WOW! Just "WOW"!! O_o

 

I don't know him/her (as basically I'm not stoopid enough to think that because the member ticked a box, it really means that IRL) but I appreciate the quality of most of the said member's posts/comments, etc.

But it is also my "right" to think and express the opinion that the member, maybe, went a little overboard here, by writing that not once, but twice...

 

Just my opinion, and it doesn't mean that I won't respect this member anymore or disqualify anything he/she expresses in the future, just because I disagree with one thing that has been written once twice.

[Donut417]

On 8/3/2019 at 1:43 AM, mr moose said:

Plenty of more than adequate alternatives out there.

Yeah but then you have to deal with Microsoft and a whole different type of shenanigans. Like a 50-50 chance that a creators update will fuck you machine up. 

[Bitter]

6 minutes ago, Donut417 said:

Yeah but then you have to deal with Microsoft and a whole different type of shenanigans. Like a 50-50 chance that a creators update will fuck you machine up. 

Linux? Linux.

[Donut417]

2 minutes ago, Bitter said:

Linux? Linux.

In some way yes. But I had one hell of a time getting Plex and my NAS to work with Linux. I mean shit, I didnt know that Plex from the Ubutnu package manager would not read my NAS, and I had to download it directly from the Plex Website. Things like that make people not want to use Linux. Most people want to plug what ever it is in to the computer and have it just work. Not always the case with Linux. 

[TempestCatto]

On 8/3/2019 at 1:43 AM, mr moose said:

Irretrievable data and being at the mercy of apple for all repairs is just another reason never to buy such a computer.    Plenty of more than adequate alternatives out there.

 

 

In addition to this, I certainly don't trust my data to the "cloud" and wouldn't recommend others do so either. This really is just a double edged sword.

[jagdtigger]

9 minutes ago, Donut417 said:

In some way yes. But I had one hell of a time getting Plex and my NAS to work with Linux. I mean shit, I didnt know that Plex from the Ubutnu package manager would not read my NAS, and I had to download it directly from the Plex Website. Things like that make people not want to use Linux. Most people want to plug what ever it is in to the computer and have it just work. Not always the case with Linux. 

Maybe so, but win10 aint getting better either. Quite the contrary IMO, its getting worse with every iteration. Linux on the other hand keeps on getting better and better. There are some issues but so far it always gone back to HW manufacturers using weirdo configurations/solutions.... (like sdio wifi, never heard about it up until now)

Edited August 4, 2019 by jagdtigger

[Monkey Dust]

13 hours ago, That Franc said:

Since all the security talk is taking place, I want to remind you all about this:

  Hide contents

 

To be fair that approach wouldn't work if the suspect was dead, such as in some terrorist/extremist investigations.

 

And if the subject is alive and convicted, they can be imprisoned until they unlock the data. Such as this nonce https://www.theguardian.com/technology/2017/mar/23/francis-rawls-philadelphia-police-child-abuse-encryption  no wrench required.

 

I'm assuming 99% of the people here would have nothing the intelligence services would be interested in on any of their devices, so Apples approach seems over the top. Cynical hat on they are just shortening the service life of their laptops, knowing many customers will come back to Apple. It goes way beyond the security you need to keep your data safe if your laptop is stolen.

[Thaldor]

7 hours ago, LAwLz said:

There is an option to disable it...

 

I should also add that there is a recovery key available, just like for Bitlocker.

Actually there isn't a way to disable T2-encryption, however there is option to add FileVault encryption on top of T2-encryption.

 

Apple does have utility to recover data from macs with T2-chips (earlier ones even had a port in the MB for that), but that requires that the mac can power on. If the mac dies completely, it's basicly bye bye for the data and because Apple is Apple it's bye bye for the data anyway because even in the pass Apple repair has been useless enough to wipe the SSDs because taking it out and trying some diagnostic SSD instead is too much work for them. Not to mention in this part that thanks to T2-chip: if your webcam dies, it's a dead mac, if your touchbar dies, it's a dead mac, if your microphone dies, it's a dead mac and in quite many cases it's a dead mac just because T2-chip is triggered by almost everything and tied to almost everything.

 

There also isn't a way to export the T2-chips encryption keys. So, if that thing dies or purges it's keys (if that is possible), it's total data loss, no matter what you try.

 

These are some nice features for some business laptops (at least ThinkPads for businesses have had option for same level of security in the past, had couple of those in the past as junk because dead HDDs and with a new HDDs they refused to even get to the BIOS and same thing with the original dead ones) but enabling them on default and forced in consumer products is overkill because majority of consumers are... well consumers, they do stupid stuff and don't listen advises well enough.

[vanished]

8 hours ago, LAwLz said:

I don't think you understand the issue at all. 

This isn't about some "specific encryption method". The T2 does the same encryption method as let's say VeraCrypt (which doesn't require a TPM). 

The TPM and T2 are additional security functions which operates with key management rather than encryption. 

 

It's true that it could take thousands upon thousands of years to brute force AES 256. But it is equally true to say it could take 5 seconds to brute force it. The encryption is only as strong as the password in modern symmetrical encryption, so the more protection you got for it, the stronger it becomes. 

 

For example the iPhone has fantastic security despite most people only protecting it with a 4 digit pin. Brute forcing that offline would take like a second if not even less. But because of the additional layers of security provided by the secure enclave, a 4 digit pin is all you need to thrawt even the FBI (outside of some vulnerability in the implementation like what Celebrit might have discovered). 

Ok, that makes more sense, and I'll accept that that's in theory the most secure way to do it.  I don't think that was really in question, it was more an issue of practicality: how many people benefit from trading off being able to recover their data in case of a machine failure for not being able to get hacked by someone capable of and interested in breaking their encrypted drive?  How many people capable of breaking the encrypted drive don't also probably have the resources to find issues with the extra security T2 provides and bypass it, thus rendering the benefit considerably less significant?

Quote

You're getting cause and effect mixed up in thwt case. The problem here isn't the T2 chip and it deserves none of the blame at all. The T2 is a fantastic feature. The problem here is that Apple has made the logic board in such a way that if one component breaks, all of it has to be replaced. This would not be an issue if you could replace most individual components without changing the other ones. 

I've focused on that chip above because the topic of data and recovery specifically were brought up but sure, any way they can fix this is good with me.  To clarify, the specifics of how we get into this situation are not really important to me.  I'm just "blaming" the fact it's not repairable, and the fact that a machine which is likely to have issues which render data inaccessible when this was not previously the case is set to behave that way by default, which I would say is not the right option for most people, and just more generally, the fact that because of its design, regardless of the specifics of why, the machine is likely to cause people to lose data - more likely than it would need to be.  I think those are, at a high level, the main issues.

Edit: well, and (to get back to the main story here) the fact that Apple's straight up declined to honour the warranty on a relatively new machine for seemingly no reason

Edited August 4, 2019 by Ryan_Vickers

[mr moose]

9 hours ago, LAwLz said:

No, similar security can not be obtained in any other way. 

Nor is the MacBook a "single use consumable". I mean come the fuck on. I dislike Apple too but people in this thread clearly don't know the first thing about security, how the T2 works and what it prevents. 

 

So when the motherboard or T2 dies your data is fried and it's 50/50 if apple will do anything about it.  Sounds like a consumable device to me.  Not too mention plenty of options for security of your data without the T2 chip (especially for 99% of end users). 

[DrMacintosh]

I'm really glad I didn't get into this. It's 5 pages long already! 

[Drak3]

22 minutes ago, mr moose said:

 

So when the motherboard or T2 dies your data is fried and it's 50/50 if apple will do anything about it.  Sounds like a consumable device to me.  Not too mention plenty of options for security of your data without the T2 chip (especially for 99% of end users). 

So, my desktop is a consumable item as if my PSU goes belly up, it'll also likely kill my drives and mainboard?