[d0]

Moral of the story: don't deal with the Apple Store. The amount of people I know who have had their data trashed (after possibly being cloned) is quite high. The solution to most problems is wipe the machine. They usually come to me after telling them to fuck off. I haven't had to destroy a single machine yet.

We're talking trivial shit like an HP printer driver thrashing the CPU or corrupt mail folders.

Seriously, 11 people so far and I don't repair Macs for a living.

I wouldn't trust them with an etch-a-sketch.

Also treat your computer like a credit card. If it goes out of sight, you're fucked, encrypted or not. FileVault and BitLocker are faulty by design.

[shinratdr]

Contrasting anecdote: Had to deal with them many times for a variety of issues as have friends and family. Never had an issue that wasn't solved on the spot or with a quick repair turnaround.

The Apple Store service in your area depends on your area. The real moral is to not hand someone a wallet with $8500 in cash inside of it for no reason. Whether or not it's a physical or digital wallet is irrelevant. This is incredibly irresponsible on the part of OP.

[golubevpavel]

Hm. What's wrong with FileVault?

I knew that there could be some issues with my laptop after service it Apple, they informed me about it. But I thought to myself, come on, it's just a minor cooler issue, they won't even need to login to fix it. How could they possible break anything.

[d0]

FileValult problems: http://mjtsai.com/blog/2012/08/07/filevault-2s-apple-id-back...

AFAIK they don't login to fix hardware issues -- they netboot diagnostics software but on multiple occasions I was informed by people that Apple had "made a backup of their system" before a reinstall. What that entails and what the retention policy is, I do not know but I suspect unless they're doing a three-pass erase on their temporary storage devices afterwards (which is unlikely) then your data is easy pickings...

My MBP, which is incidentally knackered, is still FileVault encrypted. It will stop a casual theif getting in but not much more

[tptacek]

So if I understand what you're saying here, you think that a thief working at the Apple store might have either themselves had access to your Apple ID, or was colluding with someone inside of Apple at Cupertino to get access to your Apple ID, so that they could steal $8500 from you?

Am I missing something about the story here or is that an accurate summary?

[aroch]

So turn off letting your Apple ID unlock your FV volumes. A FV drive, that's locked cannot be unlocked just by having local access.

You authorize Apple to make a backup of your drive if yu're having work done that may cause data loss.

[d0]

There is an issue with user switching and firewire/DMA that allows remote access as well as cold boot attacks but these are out of reach of most people.

[acdha]

firewire / thunderbolt DMA access was fixed many years ago: if you enabled a firmware password, those buses have DMA disabled.

[toomuchtodo]

Are you saying that if I have a firmware password on my MBA that my internal SSD is inaccessible via Thunderbolt externally (until I've entered my password)?

[rdl]

They generally do ask for a login on your system when you give them the machine for service. You don't need to provide it.

[cpayne]

Also treat your computer like a credit card

That's the best comment in this thread.

[xauronx]

Eh, in that case, what OP did was perfectly reasonable. I would hand my credit card to Apple much quickly than I would hand it to a friend of a friend that knows how to fix computers (which is what it sounds like d0 does, fix computers for people). And I certainly don't think you would sit there and watch someone while they work on your computer for a hours. I would just do it myself if I was going to waste that time.

The real moral of the story should be "treat your bitcoin wallet like a wallet.... because it is one".

[kaonashi]

Moral of the story: don't have more money tied up in BTC than you can afford to lose.