Sign in to follow this  
Followers 0
Harry_The_Bustard

Slap My Brick Up

3 posts in this topic

A friend of mine’s teenage daughter thinks she made the mistake of revealing her iCloud credentials to a boyfriend and that after that relationship came to an end he logged in and wiped both her iPhone and MacBook Pro via the “Erase” feature of Find My iThing rather than using the “Lost Mode” one. Oddly, perhaps, he didn’t change her iCloud password - which would probably have been the end of that - she changing it as soon as these events occurred and, rather belatedly, implementing two-factor authentication.

 

Her iPhone was set back to “factory” state by the hacker and she was able to restore it from a backup and return it to more or less where it was before the hack. However, she was less fortunate with her MacBook Pro in that it asked for a four digit passcode which it is assumed the hacker assigned (as one has to) during the "Erase" command. She’s had a few shots at it, without success, and the time needed between attempts has increased to an hour. Unfortunately - and this is a classic problem - her father bought it for her via eBay and with secondhand proofs of purchase not being accepted by Apple, and since the original is not available from the eBay seller, they won’t help.

 

Now as much as I would appreciate any help on overcoming this I’ve researched solutions and none of them work so won’t seek help here on this. (There is also the potential concern of contributors that I have stolen it and the above tale of woe is a cock and bull story.) The reason I’ve actually created this thread is to try to find out - as I’ve failed to do so far online - how long the delay between retry attempts for the passcode is at the start and when and by how much it increases. (I could try this on my Mac mini but am nervous about assigning a firmware password despite buying it new just a few months ago and so having the Apple option given that I have the receipt.) I am also keen to learn (and this is not stated in the relevant Apple support resource) whether the passcode is different to the firmware password that also exists on the MacBook Pro and which my friend was unaware of until this situation arose. (The eBay seller has not responded to a request for this.) For what it's worth I suspect they are.

For the record the passcode can’t be overcome by...
1. removing a memory module and resetting the PRAM or whatever it’s called in this model
2. putting a new hard drive in with a clean install of Snow Leopard (which it shipped with) or later - it behaving as though no drive is attached
3. booting from an external drive containing a clean install of Snow Leopard or even the installer et cetera - the firmware password (not the four-digit one) preventing such
...and given that the delay between entry of the four-digit passcode is now an hour a brute force attack with the likes of a Raspberry Pi or similar is hardly on the cards from what I understand of that process.
P.S. The MacBook no longer appears in Find My iThing - that presumably being a consequence of the "Erase" process.
Edited by Harry_The_Bustard
0

Share this post


Link to post
Share on other sites

Although no-one answered this I thought you all might like to know that the problem was resolved by Apple - who did not accept liability - after my friend took them to court. He even got his £60 back. I don't exactly know the case he made but it was along the lines that they were being unfair to those who didn't buy first-hand.

0

Share this post


Link to post
Share on other sites

what an evil feature. and how it was dealt with is particularly appalling. it's almost like Apple hates it's customers.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0