Applecare and data privacy.

Tenashus1

macrumors 6502
Original poster
Jul 27, 2011
377
81
I Have to sign up with Applecare by July assuming that I decide to do it. This is a question that I've had for a long time. If a computer should have to go in for repair, how does one protect the privacy of their existing hard drive data when the computer is turned in to Apple? I know they always say to back up your data before a repair, but how is the data privacy protected when it's in for repair? To secure it with a password would mean that Apple would not have access to the OS during the repair which would not be good. So what do people do about privacy? Thanks.
 
  • Like
Reactions: PowerBook-G5

chscag

macrumors 68040
Feb 17, 2008
3,198
991
Fort Worth, Texas
I Have to sign up with Applecare by July assuming that I decide to do it. This is a question that I've had for a long time. If a computer should have to go in for repair, how does one protect the privacy of their existing hard drive data when the computer is turned in to Apple? I know they always say to back up your data before a repair, but how is the data privacy protected when it's in for repair? To secure it with a password would mean that Apple would not have access to the OS during the repair which would not be good. So what do people do about privacy? Thanks.
How do you know the folks at your local bank or your doctor's office are not messing with your private and personal information? It's called trust. :apple:
 
  • Like
Reactions: ABC5S

DeltaMac

macrumors G3
Jul 30, 2003
9,535
2,303
Delaware
I have read about folks needing service who erase their hard drive, leaving it blank, or just a basic system installed, with data backed up somewhere else, and under their control. Nothing wrong with that, but not really necessary, is it?

Personally, I have no concerns about the privacy of the data on my system when going in for service.
If you need service, then the system, as you use it, might also be important.
The service shops that I have been around don't have time to "look at all your stuff". They are in business to provide service for you, not routinely check your private "stuff"
 

Brad9893

macrumors 6502
Feb 8, 2010
493
1,442
Hiding Under the Genius Bar
I Have to sign up with Applecare by July assuming that I decide to do it. This is a question that I've had for a long time. If a computer should have to go in for repair, how does one protect the privacy of their existing hard drive data when the computer is turned in to Apple? I know they always say to back up your data before a repair, but how is the data privacy protected when it's in for repair? To secure it with a password would mean that Apple would not have access to the OS during the repair which would not be good. So what do people do about privacy? Thanks.
When my MBP succumbed to RadeonGate I took my machine to the Apple Store so that it could be sent out for repair. They asked me for my password in case they needed it and I asked them why. After all, my machine would not even boot, so if they repaired it and it booted, it was definitely fixed. They said that I didn't have to provide one unless FileVault was turned on. So, I didn't give it to them because I didn't feel comfortable with divulging it. So yes, you can definitely secure it with a password if you want.

I highly doubt the repair technicians would be snooping through your things. For one, they would fired if caught, I'd imagine. I'd also bet that they are extremely busy and don't have time to violate your privacy anyways.

Just relax.
 
I've never worried about data privacy with Apple, if there is anything that I might be concerned with, I take it off, outside of that I typically create a new user account without a password for them to use while they work on it. I do make a backup of my computer but I've never been inclined to format my drive before sending it in for repair. I'm sure that Apple employee's have seen more private than you have to offer by just troubleshooting the issue. I read a story some time ago about a woman sending in her laptop complaining about iPhoto, they went to troubleshoot it and most of the pictures were of her in her birthday suit both with and without her husband. They gave no names or images, but they respected her privacy. As a support tech myself, I've seen a lot of things, text documents labeled "bank passwords" sitting on the desktop (of a 70 year old person's computer), as a domain admin I've had to wipe pornography off computers of wives, girlfriends, and mistresses.

Whatever you have to hide, they've probably seen it before, and they care about seeing it as much as you care about seeing the stuff in the glove box of my car.
 

wct097

macrumors 6502
Nov 30, 2010
443
22
As a tech guy, I cringe when I read about the blind devotion and trust people put in a brand. You forget that Apple employs average people. People that are frequently part time college students. Not all people are good and I'm certainly not a fan of blindly trusting the college kid with the Apple shirt on asking for my password to my stuff. That's not to say I have any issue with college kids in general, but I'm more inclined to trust the seasoned professional than someone who could just as easily be a barista. So yeah, I doubt the Apple tech at the factory they send the machine to is going to snoop, but I'm not going to bank on it. Same with the part time Apple store guy who asked for my password.

A couple questions for those of you that blindly trust the Apple employees.
1. Do you use your laptop password for anything else? Banking? Facebook? Email? Work?
2. How many cached passwords does your browser have? To what sites? Bank? Facebook? Email? Work?
3. Have any risque pics of you or your SO on your computer? Think that sticking them in a nondescript folder will keep even the most amateur snooping eyes away?
4. Do you have a security policy at work? Did you just give the Apple guy your work password too? Does that violate the policy?
5. Have any tax returns saved on your computer or in your email?

Maybe most of you don't do much more than innocent web surfing on your computers. I've seen enough data "breaches" to know better than to start handing out my passwords. I feel the need to respect not only the security of my data, sensitive or not, but also the security of the data belonging to my employer or clients that I may have on my machine or access to from my machine.

Every time I've had my laptop worked on (and it's a lot, because lets face it, Apple's products are shoddy quality at best), I've either been looking over the tech's shoulder or I've completely wiped it and set the password to 'password' before I drop it off. I even went as far as to stick the machine in the freezer to keep the GPU from overheating long enough to get through the wipe/base system install process before it went back to the service center for the Nth time.
 

Weaselboy

Moderator
Staff member
Jan 23, 2005
29,174
8,822
California
So what do people do about privacy?
If you are concerned about this, just clone off your drive then wipe the internal disk and do a clean install and setup a temp admin account for Apple to use for testing. Then clone back when you get the computer back.

That is what I would do. There is no way I would trust some random Apple employee with my personal information.
 
Last edited:

maflynn

Moderator
Staff member
May 3, 2009
63,853
30,369
Boston
I've sent my Mac in for repair in the past, and what I did was wipe the drive, setup a generic admin account and gave the computer to apple. On return, I restored the drive.

How do you know the folks at your local bank or your doctor's office
I can't speak for banks but where I work if anyone accesses any medical records, the read action on the file is recorded and upon internal audits it will be determined if that access was warranted. With HIPAA, patient's information is protected and there are harsh consequences for someone accessing the data if they have no right to it.


It's called trust
There should be little trust given to people or organizations when it comes to people's confidential data, i.e., social securty number, bank accounts, personal emails, etc. While I don't expect anything to occur, I do think its prudent to not present that data to Apple. Clearly there are situations where the computer failed and the customer may not be able to prep the computer as I have, but if possible, its a good move imo.
 
  • Like
Reactions: Weaselboy

dsmedic10

macrumors member
Feb 16, 2015
77
22
When I had t send my laptop to Apple for Apple Care work, I just enabled the guest login. The technicians used that login to access what they needed on the machine and I didn't have to give out my normal account password. They were ok with that solution.
 

rigormortis

macrumors 68000
Jun 11, 2009
1,813
229
apple now recommends you leave the guest account on and leave the disk encrypted with filevault 2
( in addition to always backing up your computer before sending it in of course )

https://support.apple.com/mac-notebooks/repair/service

if you think about it, repairing anything or replacing anything in the computer does not require them to access your user account.or even an admin account
 
Last edited:

Weaselboy

Moderator
Staff member
Jan 23, 2005
29,174
8,822
California
apple now recommends you leave the guest account on and leave the disk encrypted with filevault 2
( in addition to always backing up your computer before sending it in of course )

https://support.apple.com/mac-notebooks/repair/service

if you think about it, repairing anything or replacing anything in the computer does not require them to access your user account.or even an admin account
I'm not seeing anything about a guest account at that link. Or am I missing it?
 

rigormortis

macrumors 68000
Jun 11, 2009
1,813
229
I'm not seeing anything about a guest account at that link. Or am I missing it?
i might of added that. or heard it from somewhere.

anything in the guest account's home directory is trashed when the guest logs out.

so its a good thing to enable as a favor

filevault prevents the service department or others from using resetpassword and clearing your keychain and accessing your home folder
 

Wowereit

macrumors 6502a
Feb 1, 2016
893
1,339
Germany
I'm always zero-ing my drives before handing anything over to other people.
Why should I encrypt everything at home, using encrypted smartphones etc. to just give my password to other people?
 

rigormortis

macrumors 68000
Jun 11, 2009
1,813
229
I'm always zero-ing my drives before handing anything over to other people.
Why should I encrypt everything at home, using encrypted smartphones etc. to just give my password to other people?


they don't need your password to service it
because zeroing does not work on SSDs and flash drives. :)

this is precisely why the iPhone does not 'zero' the flash memory when you erase it.'
it does not do this. it just simply forgets the decryption key in a way that apple believes cannot be retrieved.
 

zoneee

macrumors regular
Sep 17, 2014
114
17
How do you know the folks at your local bank or your doctor's office are not messing with your private and personal information? It's called trust. :apple:
this made my day.

now, lets go back to being serious, set up a password, set up filevault, and you are all set.
if they request access, give them a non admin account.
done.
 

rigormortis

macrumors 68000
Jun 11, 2009
1,813
229
this made my day.

now, lets go back to being serious, set up a password, set up filevault, and you are all set.
if they request access, give them a non admin account.
done.

i found a dentist office with free wifi with open network shares once.

a popular prank is to go to the library or places with any kind of public wifi and browse macs. find the ' dropbox' folder, and copy pictures and videos to it, wondering if that person will ever see them
 

Wowereit

macrumors 6502a
Feb 1, 2016
893
1,339
Germany
they don't need your password to service it
because zeroing does not work on SSDs and flash drives. :)

this is precisely why the iPhone does not 'zero' the flash memory when you erase it.'
it does not do this. it just simply forgets the decryption key in a way that apple believes cannot be retrieved.
Of course zero-ing flash drives works.
You are overwriting any bits outside the MBR with zeroes, works perfectly fine.

If your device is encrypted it's enough to dump the encryption key, that's true.
The thing is if I'm handing over the password for another user account, you have at least a partly decrypted drive.
 

maflynn

Moderator
Staff member
May 3, 2009
63,853
30,369
Boston
because zeroing does not work on SSDs and flash drives
Why not?

I've read that multiple passes of zeroing your drive is not good for the SSD, as it needlessly adds write cycles, but I never heard that it does not work. Why doesn't it work?
 

snaky69

macrumors 603
Mar 14, 2008
5,903
480
I Have to sign up with Applecare by July assuming that I decide to do it. This is a question that I've had for a long time. If a computer should have to go in for repair, how does one protect the privacy of their existing hard drive data when the computer is turned in to Apple? I know they always say to back up your data before a repair, but how is the data privacy protected when it's in for repair? To secure it with a password would mean that Apple would not have access to the OS during the repair which would not be good. So what do people do about privacy? Thanks.
No offense, but chances are you're neither interesting nor important enough for anyone to bother snooping through your data. Especially with the usual backlog of repairs techs have to do in a day. They'll get you up and running as quickly as humanly possible and that's that.