My rights to MacOS?

Discussion in 'Mac Basics and Help' started by Texas_Toast, Sep 21, 2017.

  1. Texas_Toast macrumors 6502a

    Texas_Toast

    Joined:
    Feb 6, 2016
    Location:
    Texas
    #1
    Could someone please help me understand my "rights" when it comes to using/owning MacOS?

    Here are two scenarios I am curious about...

    Scenario #1:
    Right now I have a dying 2012 MBP with Mountain Lion on it, and a new 2015 MBP with Sierra (and dust!) on it. And I am thinking of buying a another 2015 MBP that is refurbished.

    Because I am security minded, I would never use a "used" computer that came with an OS/Apps already on it. (With my luck, Senor Putin put it out on the market to track me!!)


    Scenario #2:
    I would love to buy a 2nd MBP that is brand new, but I have a majoy issue with soldered in SSD!!!

    In another thread, @macs4nw mentioned one solution to my aversion to soldered in SSD's would be to use an external SSD with the OS and apps on that drive.


    In either scenario, what are my rights as far as using/getting MacOS??

    For instance, in Scenario #1 would I have the ability to take the refurbished MBP with removable SSD, and download a copy of Sierra or whatever comes after that?

    Or would I not be entitled since it is a used MBP?

    And in Scenario #2, if I bought an external SSD, would I be able to install Sierra or something newer on the blank external SSD and use that in lieu of the soldered in SSD on my new MBP?
     
  2. Audit13 macrumors 601

    Audit13

    Joined:
    Apr 19, 2017
    Location:
    Toronto, Ontario, Canada
    #2
    I don't know about rights but I'll tell you what I was able to do.

    Bought a used early 2011 13" MBP. I ran internet recovery, installed the original OS that came with the MBP. I logged into the app store using my apple ID, checked for updates, downloaded el capitan, created an el capitan installer, upgraded to el capitan, checked for updates, downloaded Sierra, created a Sierra installer, upgraded to Sierra, wiped the, installed Sierra from the installer I created.

    I did the same thing for a used 2011 15" MBP and used mid 2013 MBA.

    I would assume that, if I didn't have the necessary rights, the app store would not allow me to upgrade the os.
     
  3. Texas_Toast thread starter macrumors 6502a

    Texas_Toast

    Joined:
    Feb 6, 2016
    Location:
    Texas
    #3
    So the rights are tied to the physical machine?

    If I bought a refurbished MBP, and installed a new SSD, then would APple see the serial number off the refurbished MBP and go off that?

    Also, can't I just buy Sierra and skip all of the hassle you mention?
     
  4. Audit13 macrumors 601

    Audit13

    Joined:
    Apr 19, 2017
    Location:
    Toronto, Ontario, Canada
    #4
    If you replaced the original ssd and you don't have an installer, you would have to use internet recovery anyway to get the os onto the new ssd unless you use a backup from the original ssd.

    Yes, it should go off the serial #, not ssd.

    Upgrading the os also updates the boot rom.

    I suppose you could buy Sierra but, since High Sierra will be out soon, maybe wait to purchase an os?
     
  5. Cougarcat macrumors 604

    Joined:
    Sep 19, 2003
    #5
    I don't understand your aversion to using the soldered SSD. You can wipe the drive and you'll be set as far as "security" goes. You can use Secure Erase if you're extra paranoid.

    https://www.macworld.com/article/29...erase-your-macs-hard-drive-the-right-way.html

    You can't buy macOS anymore (besides disk versions of SL). OS updates are free, any Mac is entitled to the latest OS as long as it can run it.
     
  6. Audit13 macrumors 601

    Audit13

    Joined:
    Apr 19, 2017
    Location:
    Toronto, Ontario, Canada
    #6
    How do you secure erase data if the machine doesn't boot? The op is concerned about the security of corporate data.
     
  7. Cougarcat macrumors 604

    Joined:
    Sep 19, 2003
    #7
    Why wouldn't it boot? You can boot into recovery mode (Command-R) and erase.

    Looks like you cannot Secure Erase Apple SSDs anyway because it's not needed:
    https://support.apple.com/en-us/HT201949
     
  8. MacGizmo macrumors 65816

    MacGizmo

    Joined:
    Apr 27, 2003
    Location:
    Arizona
    #8
    You have the "rights" to install the OS on any Mac that will accept the installation at this point. In the past, the OS was tied to a specific Mac—legally and/or technically. I'm over-simplifying, but that's the gist of it.

    Overwriting the current install is as simple as booting into Recovery mode and erasing the HD and re-installing the OS. The only downside to this method is that A) It's slow. B) This method installs the version of the OS that Apple has determined is the appropriate version for that particular machine... which isn't necessarily the latest OS version (though it usually is). You MAY have to run an updater or two after the full install. Not really a big deal, can be a pain.
     
  9. chrfr macrumors 604

    Joined:
    Jul 11, 2009
    #9
    If a user is concerned about data, the computer should have Filevault enabled before anything is copied to the disk. That way, sensitive data never exists on the disk in an unencrypted state.
     
  10. Audit13 macrumors 601

    Audit13

    Joined:
    Apr 19, 2017
    Location:
    Toronto, Ontario, Canada
    #10
    I'm not the person concerned about secure erasing, I'm trying to answer the OP's question. I don't use a Macbook for work.
     
  11. theluggage macrumors 68040

    Joined:
    Jul 29, 2011
    #11
    If you want to know your rights, take a copy of the Mac OS license agreement to a lawyer and tell them what you want it to mean. As far as I know, though, the de-facto situation is that Mac OS is licensed for use on an "Apple-branded computer" - although by doing so you're probably granting Tim Cook the right to name your first born child and graze wildebeest on your lawn, but all software licenses are like that (either stop worrying or switch to Linux/BSD).

    I remember one bit of software I had years ago - a C compiler for which the boilerplate license prohibited the user from incorporating any of the software in programs "written or used by you" - which in the case of a compiler with runtime libraries, include files etc. meant that nobody could use it.

    Meanwhile, back on planet reality, the chances of Apple giving a wet slap about any individual user running any version of Mac OS on any genuine Mac are pretty much zero. Sure, if you start selling PCs with MacOS installed, or modified Mac OS installation discs, Apple will sue you into the stone age, but going after individual users is just bad publicity.

    Bear in mind that there are many, many people running Hackintoshes (which definitely do break the license agreement) which quite happily connect to the App Store and download upgrades while broadcasting a totally fake serial number. So far, Apple haven't even shut down the "how to make a Hackintosh" sites.

    Start worrying only if Apple are bought out by some other corporate monster who's business model involves litigating against their own customers.
     
  12. Texas_Toast, Sep 22, 2017
    Last edited: Sep 22, 2017

    Texas_Toast thread starter macrumors 6502a

    Texas_Toast

    Joined:
    Feb 6, 2016
    Location:
    Texas
    #12
    @Cougarcat,

    Read through this entire thread and then you'll understand...

    https://security.stackexchange.com/questions/12503/can-wiped-ssd-data-be-recovered


    But if I bought a refurbished MBP that came with Mountain Lion (for instance), would I have to do one upgrade at a time until I got to Sierra? Or could I just go from the OS the Mac shipped with to the latest OS?
    --- Post Merged, Sep 22, 2017 ---
    @theluggage,

    You missed the essence of my OP...

    If I buy a refurbished MBP, I won't use it unless I install the OS and corresponding apps!!

    (Otherwise there could be a "Root Kit" on the MBP I buy...)

    So, I was wanting to know if I buy a refurbished MBP, what I would have to do to get at least Sierra on the machine.

    It sounds like I could wipe the drive clean and then use Internet Recovery to install the OS it came with - probably not Sierra - and then upgrade to Sierra, right?

    I would prefer being able to straight up install Sierra on the SSD, and was also wondering if I could just buy Sierra and install it on the refurbished MBP, and be done with it?

    I've never bought a refurb before, so this is new to me, and I wanted to be sure I had "rights" to install a fresh copy of the OS onto the machine I buy, AND that I wouldn't forever be stuck with an old OS that I couldn't update.

    Make sense?
     
  13. chrfr macrumors 604

    Joined:
    Jul 11, 2009
    #13
    If you're buying a refurbished Mac from Apple, it's as if it's a new computer. Certainly, you can reinstall the operating system if you wish, but Apple resets the entire computer back to factory original condition before shipping it.
    You can of course update the operating system for free using the App Store, just as if you bought a new computer. Apple doesn't charge a separate fee for macOS. This would also be true even if you bought a used computer, as long as it met the system requirements.
     
  14. Fishrrman macrumors P6

    Fishrrman

    Joined:
    Feb 20, 2009
    #14
    OP wrote:
    "Also, can't I just buy Sierra and skip all of the hassle you mention?"

    You can't "buy" Sierra.

    You have three choices:
    Choice #1:
    Download it via Apple's site
    Choice #2
    Download it from somewhere else.
    Choice #3
    Buy a USB flashdrive from an ebay seller with the Sierra installer already on it.

    I've been reading your posts for sometime now, and I must say that some of the questions you ask here are the oddest I've seen in this forum.

    You either buy and use a Mac, or you don't.
    If all this quibbling about "security" and soldered-in drives is too worrisome for you, get another brand of computer.

    Macs ain't for you.

    If I was that concerned about securely erasing an internal drive, I'd try this:
    - download the PartedMagic disk image (I believe this is UNIX or Linux)
    - burn it to CD
    - boot the Mac from the PartedMagic CD
    - use the drive utility to issue the "secure erase" command
    See if that works.
    If it doesn't, there really isn't any other way (except for some proprietary software that Apple may use).
     
  15. Cougarcat macrumors 604

    Joined:
    Sep 19, 2003
    #15
    Recovery mode installs the latest version of MacOS the computer will accept. If you buy a refurb from Apple, it will have the latest OS.

    You have the “right” to reinstall MacOS as many times as you wish and upgrade it as many times as you wish as long as the Mac meets the system requirements. Again, you can no longer buy the OS. Every update is free.

    Apple’s stance is that Secure Erase is not needed on their SSDs which is why you can only do a normal erase. You may disagree, so you could try @Fishrrman’s solution, but it seems unnecessary. There’s not going to be a “root kit” on a wiped machine anyway!
     
  16. Texas_Toast thread starter macrumors 6502a

    Texas_Toast

    Joined:
    Feb 6, 2016
    Location:
    Texas
    #16
    So if I buy a refurb and want to reinstall MacOS myself, then there won't be any limitations since I am not the original owner of the Mac, right?


    Why is being concerned about protecting my business's data odd?

    Maybe all of you need to catch up with the times...

    (Some of you remind me of Farmer Bob... "I'm not worried about privacy - the Government already knows all there is to know about me!")


    Or don't be a pansy and find a workaround....


    I'll look into that.
    --- Post Merged, Sep 22, 2017 ---
    @Cougarcat,

    I'm not buying a refurb from Apple, so I don't have the same confidence as I do with Apple.

    Yes, if I bought a refurb from Apple, I wouldn't question the integrity of the OS.

    Buying from a smaller company, I'm not as confident.

    ----------
    As far as security goes, I'd encourage you to read the link I posted above to understand why "wiping" an SSD doesn't work the same way that it did on a platter drive.

    As technology advances it also becomes harder to secure.

    And when people make fun of me for being security minded it just shows how out of the times people are.

    Privacy and security impact all of us every day, whether or not people choose to believe it. (Not too dissimilar from Climate Change)

    If others on here don't own anything of value, then I'm sorry for you. But my ideas are priceless to me, and so I work hard to protect them....
     
  17. Cougarcat macrumors 604

    Joined:
    Sep 19, 2003
    #17
    Yes, that’s right. The Mac would have no way to know you’re not the real owner anyway. All internet recovery does when it phones Apple is it receives the latest OS for the machine.
    There is no owner information in the firmware!

    I read the link. I still think you’re being paranoid. Apple had a secure erase option, which they deemed no longer necessary for their SSDs. I’d trust Apple’s own engineers over a Stack Exchange post, but that’s just me.

    Not sure what any of this has to do with the government.

    If you’re that concerned with your business data then you should use FileVault, BTW. And use more than one kind of backup. Ideally, offsite, clone, and Time Machine. These are all much more important that wondering about the impossible possibility of a root kit on a wiped drive.
     
  18. Mr_Brightside_@ macrumors 68030

    Mr_Brightside_@

    Joined:
    Sep 23, 2005
    Location:
    Toronto
    #18
    1) Download Sierra onto your 2012, but don't install it
    2) Get 8GB flash drive
    3) Create Sierra installer w/ https://support.apple.com/en-us/HT201372 or http://diskmakerx.com
    4) Boot off it
    5) Securely erase HD/SSD
    6) Install Sierra

    As far as your rights go, Apple offers a support doc for creating the installer, and offer their recent OSes for free. As long as you're not reselling the flash drive, it's yours to use as much as you want.
     
  19. Cougarcat macrumors 604

    Joined:
    Sep 19, 2003
    #19
    That’s a lot of work for what is the same end result as using Internet Recovery. You can’t secure erase a SSD with disk utility either way. Only do this if you want a flash installer to have around.

    BTW, if the OP is worried about a root kit persisting on a HD after a wipe, they should also be aware that a firmware rootkit, while still remote, is far more likely: https://www.computerworld.com/artic...-malware-that-remains-after-reformatting.html

    No new hard drive or external drive will protect you from that. So best buy from Apple. Of course, Apple’s machines are built in China...

    My point is, yes, be concerned about security, but there’s a point at which it is no longer reasonable. You could wear a hazmat suit everywhere you go, yet (I assume) you don’t!
     
  20. chrfr macrumors 604

    Joined:
    Jul 11, 2009
    #20
  21. theluggage macrumors 68040

    Joined:
    Jul 29, 2011
    #21
    Short answer: yes.

    You have a 2015 MBP with Sierria (and dust) on it: use it to google "create sierra bootable usb" and download and create a USB installer. Then boot the refurb machine straight from that and perform a clean install. If Mr Putin's putative nastyware survives that then I suggest you just five up and raise a glass of vodka to your new Russian overlords.


    More accurately, you can't Secure Erase an SSD using the multiple-overwrite technique designed for HDs because it just won't work (you can't overwrite data on a SSD the way you can on a HD) and even if it did doing it regularly might even reduce the life of the SSD (SSDs have a limited number of write/erase cycles - the longevity depends on the fact that you don't often re-write the "whole" disc, and the wear can be spread around).

    In reality, a SSD is a separate little computer sitting inside your computer, running a software simulation of an old-fangled spinning rust hard drive with tracks and sectors, carefully optimising how the data is actually stored in the Flash memory which is quite different to how it is arranged on the "virtual" disk.

    As the Apple note says - its harder to extract "deleted" data from an SSD than it is from a hard drive, but if you're worried about the Men In Black getting hold of your old drive then you need to enable whole-disk encryption. At least then they'll stop waterboarding you once you've given them the password instead of expecting you to prove that there isn't one.
     
  22. Cougarcat macrumors 604

    Joined:
    Sep 19, 2003
    #22
    Good to know, but the sentiment remains. What’s more likely: a rootkit persisting on a hard drive after it is erased, or a firmware rootkit due to a previously undisclosed vulnerability?
     
  23. Texas_Toast thread starter macrumors 6502a

    Texas_Toast

    Joined:
    Feb 6, 2016
    Location:
    Texas
    #23
    Good to know.


    I'm not so confident...


    My attempt at sarcasm... (I have met lots of country folk that say things like that. They couldn't give a rat's *ss about privacy or security until something happens to them. They are also of the mindset that we live in a police-state where there is no privacy so they surrender.)



    I have used FileVault 2 since day one, but that doesn't address the issue of not being able to wipe my data off of a machine I decommission. When I can destroy the HDD, then I have no worries. But when I have to trust that a computer program works as advertised in erasing things I cannot see, then I indeed do become paranoid!

    There is also the issue, as I understand it, that once you turn on FileVault 2, you cannot do anything with that drive as far as reformatting it. (I'm pretty sure I tried this before and I couldn't do it - at least not with Disk Utilities.) So I do believe FV2 keeps my data safe, but if it would prevent a school from installing a new OS on top of it, then I might as well crush the laptop, because it would be useless to whoever I donate it to.

    As far as other types of backups, I clone weekly, and I keep my data on a couple FV2 drives, co-location, including a safe deposit box out of state.

    I think I'm covered except for the zombie apocalypse and WWIII - which should last me until maybe March 2018! :rolleyes:
     
  24. chrfr macrumors 604

    Joined:
    Jul 11, 2009
    #24
    As I mentioned in your other thread, this is not true. Formatting is not a problem.
     
  25. hughm123 macrumors newbie

    Joined:
    Dec 3, 2014
    #25
    The point with disk encryption is supposed to be that you erase the decryption key, at which point even if someone can read some of the encrypted SSD blocks it won't help them. I would personally be more worried that some of the basic OS files are not encrypted by FileVault 2, since the OS needs to be able to boot before you unlock FileVault, so there might be risk of residual data under /var or /etc.
     

Share This Page

28 September 21, 2017