How would you provide this type of locking system without giving users access to their own private keys, then having a much worse problem where dozens of users lose their private keys and forever brick their device?
A system where users can recover their devices if they successfully hold onto their private keys is much better than a system where they can't recover their devices at all without Apple's reluctant help.
Maybe for power users, sure. But for regular people (Apple’s biggest market) it’s not an issue: they just register their devices and don’t have to worry about it.
Isn’t the issue in this case that the use didn’t enable “find my mac” in the first place, the thief was able to tie the device to their account and then brick it?
I assume he would’ve been able to recover it if he had “held on to his private key” (having the device be linked to his account being the current equivalent)?
I wouldn't. It's unethical and frankly evil. Physical access should always trump any remotely installed policies, otherwise you can never truly own something.
This, and remote attestation, are tools to enforce DRM. The anti theft stuff is just a marketing strategy you fell for.
>Physical access should always trump any remotely installed policies
so if you steal something and therefore have physical access to it, that should trump the original owner who no longer has it because you stole it even if they have the receipt with the serial number on it?
> It's unethical and frankly evil. Physical access should always trump any remotely installed policies,
Isn’t that what happened here? The thief and not the owner reported it as “stolen” and thus bricked. The thief could’ve as well just thrown an actual brick on it with similar effects
> The anti theft stuff is just a marketing strategy you fell for.
Also it works. Both for deincentivizing theft and allows you to recover the device had you actually enabled the feature (so not this case)
> Isn’t that what happened here? The thief and not the owner reported it as “stolen” and thus bricked. The thief could’ve as well just thrown an actual brick on it with similar effects
I see your point, but if it were me in OP’s shoes, I’d be annoyed by the fact that even though I chose not to enable the anti-theft stuff, Apple presumes that the laptop is “unowned” and can still be enrolled into the anti-theft service. I would much rather have the laptop ship with a physical copy of the private key that will unlock the device (paper with a QR code on it would be sufficient), that way I retain ownership of the device regardless of what the thief does. Everything else could stay the same.
Edit: also, reporting as stolen is not the same as a thief smashing the laptop with a brick — the crucial difference is that by reporting as stolen, the thief retains access to the device while locking out anyone else. The post even speculates that the shop involved used this technique to extort the person who brought the laptop to them.
> without giving users access to their own private keys
I wouldn't. If someone has a device that is unusable without keys they don't have, they don't actually own that device. Far be it from me to quote the crypto crowd but "not your keys...."
That doesn't make sense. First of all, "this type of locking system" is clearly a failure because it allowed an unauthorized random person to report a computer as "lost" when he didn't own it. So the answer to your first question is: You wouldn't.
Second, what does this even mean: "without giving users access to their own private keys, then having a much worse problem where dozens of users lose their private keys and forever brick their device?" What scenario exactly does that refer to?
By the thief/shop who linked it to their account? IIRC you can still wipe macs without having the password as long as all the theft protection stuff isn’t enabled.
Sell an HSM (free when you buy a Mac > $2000? discounted in conjunction with AppleCare?) that will remove activation lock on the Mac it's purchased with.