do you trust apple repair with your data?

[ghanwani]

Do you trust Apple repair with your data/password or do you remove all personal data before sending it in and/or taking it to the Genius Bar?

They also ask for the machine password.

My machine has been in for service 3 times in < 4 months of ownership. The first and second times I took care to remove sensitive stuff, but this last time I was too fed up and just left everything on there, and now I'm a bit concerned.

 

[ZapNZs]

I do not trust anyone with my data. However, it is encrypted not just with FileVault or BitLocker, but the most important data is also encrypted using a variety of programs, such as 1Password and Veracrypt, so that the data is useless even to the technician(s) with access to the local drive. If the system goes for service, I will ensure all those files are backed up externally, encrypted on the local SSD, and then change the login password to something simple (or create a secondary User account)

 

[ZMacintosh]

depends on the machine, if its my main one, maybe erase the data....but generally keep it encrypted. They don't need a password if its hardware related. They can simply netboot or option boot into a tech macOS drive.
If its the drive itself thats gone bad, then they can simply swap out the disk and I can recover from a back-up.

 

[ghanwani]

I don't even have filevault encryption enabled (decided not to do it because I thought it might have performance impact), but even if I did, if I gave them my machine's password, then that by itself wouldn't help.

 

[tubeexperience]

I swap out the SSD with a different one before sending in the laptop.

 

[bopajuice]

Do you trust Apple repair with your data/password or do you remove all personal data before sending it in and/or taking it to the Genius Bar?

They also ask for the machine password.

My machine has been in for service 3 times in < 4 months of ownership. The first and second times I took care to remove sensitive stuff, but this last time I was too fed up and just left everything on there, and now I'm a bit concerned.

If they want to know my dads of my sisters phone number fine. Not too much on my phone to feel my privacy has been invaded. I'd worry more about sites like Facebook. Posted a few pics of my dog getting a bath, and now I see adds about mobile dog grooming...

 

[ghanwani]

^ I don't have a Facebook account. But I'm sure google knows more about me than I do about myself because I have an imperfect memory.

 

[Mefisto]

In the past I have. I'm still debating whether or not to switch on FileVault (no real reason as to why, just haven't gotten around to it), but I do make a backup every time I have to get the laptop serviced. Hasn't yet happened on the newest one, and here's hoping it takes a while until it does.

In the past I have known to be a bit more paranoid about stuff like this (erasing the hard disk when bringing the machine to be repaired), but nowadays I've grown not care that much. All the "confidential" information on the laptop is maybe stored inside encrypted disk images, and that's the lengths I'm willing to go to when it comes to repair personnel. If they want to look at my photos, they are free to. Just don't come crying to me when you see revolting stuff.

 

[killawat]

I trust Apple but I don't trust the repair process. If the device is lost in transit or stolen in the store...then what? Thieves actively target Apple retail.

I also trust that Apple doesn't have a FV2 backdoor. Even if they do, I trust that its use is far too "expensive" to be spent on low value assets such as mine.

I am concerned about the new 2016 MBP having the SSD built in but even if it fails, the data is still encrypted.

 

[maflynn]

I don't trust anyone with my data, I've not needed to send my Macs into repair very often but when I have. I wiped my computer so they get a bare system with only OS X installed. When I got it back, I restored my backup.

 

[leman]

You should not trust anybody with your data Thats what FileVault is there for

 

[jerryk]

I don't worry about it. But I use a password manager and never let browsers or apps memorize userid/passwords.

 

[Mlrollin91]

I've had enough repairs on my computers to trust Apple. I usually make a dummy password for them to use, but I have never had a problem. I do use Time Machine just incase the data is lost, but other than that, I don't try to conceal my information.

 

[SDColorado]

All the data I care about keeping private, such as client databases, I store on an encrypted external drive. There really isn't much for them to see on my laptop itself.

I have a friend who recently had his home broken into and his laptop stolen. He didn't have his data encrypted, file vault or anything like that. It is always a good idea to try to take some extra measures, even when not turning it in for repair.

 

[dyn]

Option 5: full wipe out of data and complete fresh install of macOS with a simple user account with no password. Any technician likes when you do that because it saves having to retype passwords and you actually give them full reign over the system without having to worry about data (although quite a lot of shops and companies will point out that only the user is responsible for the data, not them).

 

[ghanwani]

I don't trust anyone with my data, I've not needed to send my Macs into repair very often but when I have. I wiped my computer so they get a bare system with only OS X installed. When I got it back, I restored my backup.

Option 5: full wipe out of data and complete fresh install of macOS with a simple user account with no password. Any technician likes when you do that because it saves having to retype passwords and you actually give them full reign over the system without having to worry about data...

This quickly becomes a pain if the machine has to be sent in often.

(although quite a lot of shops and companies will point out that only the user is responsible for the data, not them).

We are required to sign off on that when dropping the machine off with Apple. They do ask if the data has been backed up.
[doublepost=1494531746][/doublepost]

I usually make a dummy password for them to use, but I have never had a problem.

This sounds like a good idea. I should have done this instead of typing my actual password into their service iPad.
[doublepost=1494531784][/doublepost]

You should not trust anybody with your data Thats what FileVault is there for

If you give your password, then Filevault does nothing.
[doublepost=1494531996][/doublepost]

I'm still debating whether or not to switch on FileVault (no real reason as to why, just haven't gotten around to it)

Are there any issues with performance when using Filevault? The little research I have done so far indicates that there is some performance degradation when enabling Filevault. Also, when I was doing a clean install at the store the last time, the Genius I was working with recommended skipping it unless I really thought I needed it.

 

[dyn]

This quickly becomes a pain if the machine has to be sent in often.

Sending in a machine that often already is a pain. Having to reset many passwords is also a pain. Having to change all sorts of other stuff is a pain too. Not to mention the shame and law suits when your data (or someone else's data that happens to be on your notebook too) falls into the wrong hands (and there lots of "wrong" hands out there...many people would throw some of it on their social media accounts and they don't always mean to do harm by doing so).

When you are a company it can even be a breach of law when you don't do this. In a lot of cases you have to report data leaks and breaches to the authorities (if you don't you will be fined), you cannot keep it a secret. That means there will be public naming and shaming. And the authorities might also launch an investigation. If you have certifications you may lose them and that can cause customers to walk (because you no longer meet the requirements that are in the contract).

In other words the pain of wiping and reinstalling is nothing compared to the pain when data leaks. The wipe and reinstall is also a very simple and rather quick procedure. Simply delete the partitions, repartition and start the macOS installer; you only need to do a basic install, nothing fancy. Doing it this way makes it very difficult to retrieve data.

Are there any issues with performance when using Filevault?

With modern hardware there aren't any.

 

[ghanwani]

In other words the pain of wiping and reinstalling is nothing compared to the pain when data leaks. The wipe and reinstall is also a very simple and rather quick procedure. Simply delete the partitions, repartition and start the macOS installer; you only need to do a basic install, nothing fancy. Doing it this way makes it very difficult to retrieve data.

Thanks for pointing this out. This is my personal machine, so no issues with work-related data, but it does have all my personal info like tax returns, not to mention passwords to a number of sites and access to my personal email.

That said, one of the failures I experienced was a DRAM failure and when that happened, I could not even install updates from the app store, so I'm not sure if wiping the drive would have even worked. The machine would just keep crashing/rebooting.

 

[leman]

If you give your password, then Filevault does nothing.

I never give my password to anyone. They can use an external USB key if they want to diagnose the machine. Or, if they really need to, they can erase my disk and reinstall. Restoring the data is user's responsibility.

Are there any issues with performance when using Filevault? The little research I have done so far indicates that there is some performance degradation when enabling Filevault. Also, when I was doing a clean install at the store the last time, the Genius I was working with recommended skipping it unless I really thought I needed it.

Any performance impact is basically negligible. IMO, one should always use disk encryption. Of course, one might run into issues when traveling to countries such as USA or China, but why would one do that these days

 

[JamesMay82]

I swap out the SSD with a different one before sending in the laptop.

Yes I would do that or the last time I just backed up and did a fresh install with a diff password with no data etc.

Obviously these big companies have to be pro privacy but they can't be certain of all their employees.. I wouldn't like idea of peeps reading personal emails or looking at photos of my family.