But resetting the device fixes it? I thought it let you lock it completely to make it not worth stealing?
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Hackers Using iCloud's Find My iPhone Feature to Remotely Lock Macs and Demand Ransom Payments
- Thread starter MacRumors
- Start date
- Sort by reaction score
IIRC when this happens, you have to bring the mac and a POP to an AASP instead of the ARS according to an internal article to get the FMIP thing disabled on the mac. ARS would work too i guess but you need POP for the mac as well to prove owenership
Exactly. External drive plus offsite cloud backup. Make sure your covered from all angles.
I wouldn’t not use 2FA because of this. I would simply update my password to something MEGA complex, that isn’t used with another service you use or have access to. While I doubt mine was part of any leak, I took the precaution to update my Password when I saw this article.
Then..
Wait for Apple to produce a fix for this (quite bad) loophole.
Hopefully they will enable people to shut off the web portal, especially for those of us with multiple trusted devices.
Then..
Wait for Apple to produce a fix for this (quite bad) loophole.
Hopefully they will enable people to shut off the web portal, especially for those of us with multiple trusted devices.
2FA is not longer secure. Do not use your phone number as 2FA, use something else, like a 2 Step Authentication service like Google's Authenticator or LastPass, etc.
I love how I realized I haven't changed my iCloud password in years, so I go to do it and the iCloud website keeps throwing an error. That's comforting.
Some evil people out there. Always vary your passwords.
Updated already complex password with a new one. Too much personal information iCloud to let hackers get access to.
Probably from Texas, where my son & his family live. Used a lot there, even in urbane Houston and Austin. Don't make fun.
Thankfully, for now, Macs don't use Activation Lock. However, for an iOS device if the hacker *also* changed your iCloud password then you won't be able to remove Activation Lock even if you wipe the device. You'd be required to unlock it with your iCloud password during setup.
Apple should allow you to log into iCloud and reverse the device lock.
From the article:
As far as I know the passcode that Find My Mac sets is a Firmware Password. This is in addition to any Firmware Password you've explicitly set on the Mac (as in, if you've set one, Find My Mac can still set its own temporary one). Firmware Passwords cannot be removed without knowing them, except by using special hardware that Apple Support has, so by going to a Genius. They will ask you for proof of purchase. Erasing a Mac, and restoring from a backup, will not remove the Firmware Password. This is in the very nature of the kind of security Firmware Passwords are meant to be. Older Macs, I think 2011 and below, could get the Firmware Password wiped by doing a NVRAM reset, or SMC reset, or something. But all newer Macs require the special hardware to remove the Firmware Password.
The problem I've seen is that changing the iCloud password causes so many problems, it's painful to do it.
Question; I don't use Find My Mac, but I assume it locks the Mac with a firmware password, which would require a reset from Apple. How would erasing the machine or restoring from backup fix the situation? That would just wipe the hard drive. You could replace a hard drive, but that wouldn't get you past the firmware password screen.
Last edited:
That's as may be, but it has absolutely nothing to do with this story. 2FA was not... a factor... in these incidents.
