do you trust apple repair with your data?

Discussion in 'MacBook Pro' started by ghanwani, May 10, 2017.

?

Do you trust Apple repair with your data?

  1. Yes, I leave everything on there

    7 vote(s)
    31.8%
  2. No, I remove ALL personal data and DO NOT give out my password

    12 vote(s)
    54.5%
  3. No, I leave my data but DO NOT give out my password

    0 vote(s)
    0.0%
  4. No, I remove my data, but DO give out my password

    3 vote(s)
    13.6%
  1. ghanwani macrumors 6502a

    Joined:
    Dec 8, 2008
    #1
    Do you trust Apple repair with your data/password or do you remove all personal data before sending it in and/or taking it to the Genius Bar?

    They also ask for the machine password.

    My machine has been in for service 3 times in < 4 months of ownership. The first and second times I took care to remove sensitive stuff, but this last time I was too fed up and just left everything on there, and now I'm a bit concerned.
     
  2. ZapNZs macrumors 68000

    ZapNZs

    Joined:
    Jan 23, 2017
    #2
    I do not trust anyone with my data. However, it is encrypted not just with FileVault or BitLocker, but the most important data is also encrypted using a variety of programs, such as 1Password and Veracrypt, so that the data is useless even to the technician(s) with access to the local drive. If the system goes for service, I will ensure all those files are backed up externally, encrypted on the local SSD, and then change the login password to something simple (or create a secondary User account)
     
  3. ZMacintosh, May 10, 2017
    Last edited: May 10, 2017

    ZMacintosh macrumors 65816

    ZMacintosh

    Joined:
    Nov 13, 2008
    #3
    depends on the machine, if its my main one, maybe erase the data....but generally keep it encrypted. They don't need a password if its hardware related. They can simply netboot or option boot into a tech macOS drive.
    If its the drive itself thats gone bad, then they can simply swap out the disk and I can recover from a back-up.
     
  4. ghanwani thread starter macrumors 6502a

    Joined:
    Dec 8, 2008
    #4
    I don't even have filevault encryption enabled (decided not to do it because I thought it might have performance impact), but even if I did, if I gave them my machine's password, then that by itself wouldn't help.
     
  5. tubeexperience macrumors 68030

    Joined:
    Feb 17, 2016
    #5
    I swap out the SSD with a different one before sending in the laptop.
     
  6. bopajuice macrumors 6502a

    bopajuice

    Joined:
    Mar 22, 2016
    #6
    If they want to know my dads of my sisters phone number fine. Not too much on my phone to feel my privacy has been invaded. I'd worry more about sites like Facebook. Posted a few pics of my dog getting a bath, and now I see adds about mobile dog grooming...
     
  7. ghanwani thread starter macrumors 6502a

    Joined:
    Dec 8, 2008
    #7
    ^ I don't have a Facebook account. But I'm sure google knows more about me than I do about myself because I have an imperfect memory. :)
     
  8. Mefisto macrumors 6502

    Mefisto

    Joined:
    Mar 9, 2015
    Location:
    Finland
    #8
    In the past I have. I'm still debating whether or not to switch on FileVault (no real reason as to why, just haven't gotten around to it), but I do make a backup every time I have to get the laptop serviced. Hasn't yet happened on the newest one, and here's hoping it takes a while until it does.

    In the past I have known to be a bit more paranoid about stuff like this (erasing the hard disk when bringing the machine to be repaired), but nowadays I've grown not care that much. All the "confidential" information on the laptop is maybe stored inside encrypted disk images, and that's the lengths I'm willing to go to when it comes to repair personnel. If they want to look at my photos, they are free to. Just don't come crying to me when you see revolting stuff.
     
  9. killawat macrumors 65816

    Joined:
    Sep 11, 2014
    #9
    I trust Apple but I don't trust the repair process. If the device is lost in transit or stolen in the store...then what? Thieves actively target Apple retail.

    I also trust that Apple doesn't have a FV2 backdoor. Even if they do, I trust that its use is far too "expensive" to be spent on low value assets such as mine.

    I am concerned about the new 2016 MBP having the SSD built in but even if it fails, the data is still encrypted.
     
  10. maflynn Moderator

    maflynn

    Staff Member

    Joined:
    May 3, 2009
    Location:
    Boston
    #10
    I don't trust anyone with my data, I've not needed to send my Macs into repair very often but when I have. I wiped my computer so they get a bare system with only OS X installed. When I got it back, I restored my backup.
     
  11. leman macrumors 604

    Joined:
    Oct 14, 2008
    #11
    You should not trust anybody with your data :) Thats what FileVault is there for
     
  12. jerryk macrumors 68020

    Joined:
    Nov 3, 2011
    Location:
    SF Bay Area
    #12
    I don't worry about it. But I use a password manager and never let browsers or apps memorize userid/passwords.
     
  13. Mlrollin91 macrumors G4

    Mlrollin91

    Joined:
    Nov 20, 2008
    Location:
    Ventura County
    #13
    I've had enough repairs on my computers to trust Apple. I usually make a dummy password for them to use, but I have never had a problem. I do use Time Machine just incase the data is lost, but other than that, I don't try to conceal my information.
     
  14. SDColorado macrumors 65816

    SDColorado

    Joined:
    Nov 6, 2011
    Location:
    Highlands Ranch, CO
    #14
    All the data I care about keeping private, such as client databases, I store on an encrypted external drive. There really isn't much for them to see on my laptop itself.

    I have a friend who recently had his home broken into and his laptop stolen. He didn't have his data encrypted, file vault or anything like that. It is always a good idea to try to take some extra measures, even when not turning it in for repair.
     
  15. dyn macrumors 68030

    Joined:
    Aug 8, 2009
    Location:
    .nl
    #15
    Option 5: full wipe out of data and complete fresh install of macOS with a simple user account with no password. Any technician likes when you do that because it saves having to retype passwords and you actually give them full reign over the system without having to worry about data (although quite a lot of shops and companies will point out that only the user is responsible for the data, not them).
     
  16. ghanwani, May 11, 2017
    Last edited: May 11, 2017

    ghanwani thread starter macrumors 6502a

    Joined:
    Dec 8, 2008
    #16
    This quickly becomes a pain if the machine has to be sent in often.

    We are required to sign off on that when dropping the machine off with Apple. They do ask if the data has been backed up.
    --- Post Merged, May 11, 2017 ---
    This sounds like a good idea. I should have done this instead of typing my actual password into their service iPad.
    --- Post Merged, May 11, 2017 ---
    If you give your password, then Filevault does nothing.
    --- Post Merged, May 11, 2017 ---
    Are there any issues with performance when using Filevault? The little research I have done so far indicates that there is some performance degradation when enabling Filevault. Also, when I was doing a clean install at the store the last time, the Genius I was working with recommended skipping it unless I really thought I needed it.
     
  17. dyn macrumors 68030

    Joined:
    Aug 8, 2009
    Location:
    .nl
    #17
    Sending in a machine that often already is a pain. Having to reset many passwords is also a pain. Having to change all sorts of other stuff is a pain too. Not to mention the shame and law suits when your data (or someone else's data that happens to be on your notebook too) falls into the wrong hands (and there lots of "wrong" hands out there...many people would throw some of it on their social media accounts and they don't always mean to do harm by doing so).

    When you are a company it can even be a breach of law when you don't do this. In a lot of cases you have to report data leaks and breaches to the authorities (if you don't you will be fined), you cannot keep it a secret. That means there will be public naming and shaming. And the authorities might also launch an investigation. If you have certifications you may lose them and that can cause customers to walk (because you no longer meet the requirements that are in the contract).

    In other words the pain of wiping and reinstalling is nothing compared to the pain when data leaks. The wipe and reinstall is also a very simple and rather quick procedure. Simply delete the partitions, repartition and start the macOS installer; you only need to do a basic install, nothing fancy. Doing it this way makes it very difficult to retrieve data.

    With modern hardware there aren't any.
     
  18. ghanwani thread starter macrumors 6502a

    Joined:
    Dec 8, 2008
    #18
    Thanks for pointing this out. This is my personal machine, so no issues with work-related data, but it does have all my personal info like tax returns, not to mention passwords to a number of sites and access to my personal email.

    That said, one of the failures I experienced was a DRAM failure and when that happened, I could not even install updates from the app store, so I'm not sure if wiping the drive would have even worked. The machine would just keep crashing/rebooting.
     
  19. leman macrumors 604

    Joined:
    Oct 14, 2008
    #19
    I never give my password to anyone. They can use an external USB key if they want to diagnose the machine. Or, if they really need to, they can erase my disk and reinstall. Restoring the data is user's responsibility.

    Any performance impact is basically negligible. IMO, one should always use disk encryption. Of course, one might run into issues when traveling to countries such as USA or China, but why would one do that these days o_O
     
  20. entropyfl macrumors regular

    Joined:
    Oct 12, 2009
    #20
    Yes I would do that or the last time I just backed up and did a fresh install with a diff password with no data etc.

    Obviously these big companies have to be pro privacy but they can't be certain of all their employees.. I wouldn't like idea of peeps reading personal emails or looking at photos of my family.
     

Share This Page