_______ __ _______
| | |.---.-..----.| |--..-----..----. | | |.-----..--.--.--..-----.
| || _ || __|| < | -__|| _| | || -__|| | | ||__ --|
|___|___||___._||____||__|__||_____||__| |__|____||_____||________||_____|
on Gopher (inofficial)
URI Visit Hacker News on the Web
COMMENT PAGE FOR:
URI Apple users are being locked out of their Apple IDs with no explanation
blueprint wrote 3 hours 12 min ago:
this actually sounds like the sort of thing they might do if some
master key that they were storing for some subset of accounts was
internally breached, and they had to force a password reset on them.
drewg123 wrote 4 hours 24 min ago:
Apple support is useless. My partner lost her phone with AppleCare loss
& damage coverage. She hadn't synced to iCloud in quite a while, so
she delayed reporting it lost/stolen (as that flow wipes the phone).
After ~4 months she gave up on finding it, and reported it stolen.
This started a Kafkaesque process where the Apple site for reporting
your phone lost and initiating a claim with AIG failed to work because
the phone had been lost for more than 3 months. Support was useless,
they pointed the finger at AIG. AIG pointed the finger right back.
Several escalations further and 6 months later, we still have no
replacement phone.
I'll never, ever get Applecare again.
Aaronn wrote 4 hours 3 min ago:
Reporting the phone as lost does not wipe the phone. That is a
separate step.
drewg123 wrote 3 hours 23 min ago:
There is a big thing in the reporting your phone lost & asking for
a replacement that says it will wipe it...
infogulch wrote 6 hours 33 min ago:
The tech sector desperately needs due process. By regulation if not
voluntarily.
crossroadsguy wrote 6 hours 43 min ago:
Then I believe it's slightly better to use a non-iCloud.com emails as
iCloud accounts. At least one less reason in the scheme of single point
Apple ID failure.
throwaway918274 wrote 7 hours 11 min ago:
I got locked out my apple account the other day while trying to login
to webmail - thankfully I was able to just unlock it again by reseting
my password using my iphone. Kinda terrifying.
j45 wrote 7 hours 28 min ago:
This makes me want to minimize my touchpoints with any of any cloud
services of the hardware I purchase to ensure I can't be locked out of
my life for 18-24 hours.
|
Some people have to take care of critical dependants. I don't exist and
serve at the pleasure and convenience of any aspiring digital identity
provider. I actually never wanted any of them to be my digital
identity.
What's convenient may also be a bigger security gap and impact than
many ppl realize.
The recent threads about PalmOS phones seem timely in hindsight. With
Palm devices, you installed apps yourself with a sync cable to your
computer, and there was no convenient app store, no one could lock you
out of your smart phone and your life. Maybe that's an option that
should come back. iTunes used to backup and sync just fine.
If there's no real acknowledgement or detailed coming out about this,
it's very possible it's a cybersecurity incident of some kind that is
serious enough. And it's not just an Apple thing. This has or will
happen with every digital identity provider.
There's no one to really pick the phone or answer an email at google or
apple when it comes to your digital identity that they want to be
holders and providers of.. At least with the government there's a DMV
or registry to go to.
FZ_BA wrote 7 hours 44 min ago:
Former Beeper mini users?!
standardUser wrote 7 hours 57 min ago:
I understand why people enjoy Apple products, but I will never
understand why people defend the company when we all know, often
through direct personal experience or the experience of someone we
know, that the wealthiest company is the world has chosen to provide
insultingly miserable customer support as a business decision.
samatman wrote 4 hours 7 min ago:
Personally, the disconnect is all the excellent customer service I've
received from Apple in the 21 years I've been using their products.
This includes two repairs on nine computers, and one battery
replacement on an old phone. And the time that a major point release
of the OS got stuck moving around my homebrew directory and hung.
That, and the butterfly keyboard that needed replacing, were
annoying. But the customer service was first rate.
jjtheblunt wrote 6 hours 26 min ago:
Putting the Genius Bar into widely accessible Apple Stores is a
business decision meant to provide useful support, not insultingly
miserable.
That said, not everyone needing support has access to a Genius Bar,
and not every Genius Bar employee knows every possible answer to
every possible question.
But, to claim they chose to be insulting is just mistaken.
foobiekr wrote 7 hours 10 min ago:
My apple support experiences have been very good. I don't know that
at all.
MajimasEyepatch wrote 7 hours 33 min ago:
I think itâs because the vast, vast majority of Apple users never
need to deal with customer service, and those who do can usually go
to the Apple Store and have a pretty good experience.
(Please donât reply to this with your anecdotes about the time you
had a bad experience at the Apple Store. Iâm not saying theyâre
perfect. But these situations in the OP are rare.)
adamomada wrote 6 hours 10 min ago:
Just the fact that they operate in the real physical world is a
huge benefit for a LOT of people who are trying to use technology
they didnât grow up with.
zac23or wrote 7 hours 45 min ago:
Apple is like a religion. An Apple user told me âApple never makes
mistakesâ during the Antennagate. I never forgot that, and I try
not to have conversations with Apple fans after that.
trogdor wrote 7 hours 24 min ago:
>An Apple user told me âApple never makes mistakesâ during the
Antennagate. I never forgot that, and I try not to have
conversations with Apple fans after that.
Someone made an absurd statement to you about Apple, so you have
spent the last fourteen years trying to avoid conversations with
people who like Apple products?
int_19h wrote 1 hour 35 min ago:
This sort of thing is present in every fandom, but Apple's is
sort of legendary for how far it is willing to push it. This is
rather evident even if you're just skimming through topical
subreddits trying to find solution to some problem. It's very
common to find a post that asks the exact question you have,
followed by dozens of responses telling them that what they are
trying to do is either impossible or unnecessary.
ducttapecrown wrote 6 hours 0 min ago:
There are no rules in love and OS wars.
zac23or wrote 6 hours 40 min ago:
> Someone made ...
This example demonstrated to me that Apple is a religion, after
many other examples. Try reading Apple's blogs, it's crazy.
I recommend not trying to talk to extremists in any area. Your
life will be much better.
hu3 wrote 6 hours 52 min ago:
Absurd? Yes. And common.
It's not rare to read comments to the effect of:
"Why are you, a single person, doubting the decision a trillion
dollar company? Certainly they know best".
edit: Algolia for the win. Quick search [1] returned this pearl
from 7 days ago [2]:
> What would you have them do? Sacrifice a trillion dollar
business in token protest? Youâre just a keyboard warrior with
no point at all who would make the same choice and justify it the
same way you imagine I do if you were ever in the position they
are. [1]
URI [1]: https://hn.algolia.com/?dateRange=all&page=0&prefix=true...
URI [2]: https://news.ycombinator.com/item?id=40098425
Waterluvian wrote 8 hours 3 min ago:
I wish there was a crowdsourced site, similar to Down Detector, that
tried to estimate how common these issues are.
In particular, an attempt to normalize the data to stave off reporting
biases you get when reading the comments section in HN, Reddit, etc.
It feels like medical conditions⦠without statistics, thereâs just
too many of them to be fearful of. Not that this issue isnât worth
criticism and discussion. But I canât tell if I really ought to care
personally right now or not. Lifeâs just a wee bit too short to act
on every report.
someguydave wrote 7 hours 28 min ago:
you are basically asking for multiple companies to give up their
crown jewels for free
schnatterer wrote 8 hours 3 min ago:
Happened to me too with apple music in November 23.
They just deleted my account with my playlists and listening history.
Even support couldn't tell me why after countless calls and emails.
This implicitly canceled my yearly subscription and refunded only a
small part after I requested it.
I learned my lesson about Apple.
ineedaj0b wrote 7 hours 52 min ago:
I had Apple Music back in 2018. Unsubbed and never used the app till
March 2024 when I got a free trial. It had my complete playlists and
history from then.
Sounds like a lie everything disappeared after 3 months
schnatterer wrote 7 hours 34 min ago:
That's interesting! Before the disaster was also my second
subscription. Now that you say it, some data was left. Not the
playlists but some listening history. Might be that they only
delete the iTunes-related stuff.
Maybe if I subscribed again, there still would be something. But I
won't.
The support person on the phone also told me that everything gets
deleted once the subscription ends, even when it's by mistake.
Which seems to have been the case with me.
Retric wrote 7 hours 56 min ago:
Take it as a lesson about SaaS and closed ecosystems in general not
just Apple.
Any dependencies on 3rd parties can be broken at any time without
recourse be that Steam, Amazon, Google, Facebook, Apple, or less
obvious services on smart devices.
schnatterer wrote 7 hours 39 min ago:
True! If read before about similar cases with other SaaS, e.g. the
famous one about google drive: [1] Difficult to avoid though for
some cases like streaming.
Fortunately I had a backup of my playlists. Still annoying. I
wonder if those kinds of things happen with spotify as well.
Because once your subscription ends you're only relegated to a free
account, not deleted.
URI [1]: https://www.theguardian.com/technology/2022/aug/22/google-...
k8svet wrote 8 hours 25 min ago:
Lol and I got some pushback here for saying Apple ID was not a serious
product and that I wouldn't trust Apple to use Apple Pay even if they
let me as a lowly Android user.
I mean, ffs, the only 2fa option for an Apple ID is SMS auth. Just not
a serious company when it comes to actual services.
k8svet wrote 1 hour 15 min ago:
This comment being downmodded in a thread with dozens upon dozens of
comments explaining BAFFLING behavior including shit where people are
like "yeah I get random notifications all the time asking for my
password and I just enter it" is BONKERS, I'm actually softly
chuckling at the casual detachment some of yall have about it.
easeout wrote 8 hours 45 min ago:
I'm glad this is news, because it means I was probably affected by a
mistake and not a specific attack. Nonetheless you can't go spooking
your users like this.
jms703 wrote 7 hours 30 min ago:
What makes you think this isnât an attack?
easeout wrote 35 min ago:
I don't think thatâI think it's not an attack specifically
against my account.
grork wrote 8 hours 47 min ago:
Whatâs the overlap between people who had their password reset, and
people who used/signed up for Beeper iMessage verification?
js4ever wrote 8 hours 41 min ago:
none it seems, some users that just bought an iphone 2 days ago had
the issue today in this thread
archsurface wrote 9 hours 2 min ago:
One of the things that helped push me away from Apple was the crazy
circles the ID system would have me going around in. It's been too
long to remember the details but it was madness.
codedokode wrote 9 hours 4 min ago:
I hope Linux will never switch to cloud accounts.
indymike wrote 9 hours 7 min ago:
We need to get a legal advocacy group started for dealing with digital
rights (EFF isn't getting it done with consumer rights). A couple of
well-funded lawsuits on behalf of wronged users will fix this with all
of the vendors. This kind of thing should never happen.
epolanski wrote 9 hours 12 min ago:
Been locked for almost 3 months between November 2022 and January 2023.
Apple is crazy. My iPad with the authenticator broke, and even though I
filled endless forms, verified emails and phone number they just keep
sending me emails I was gonna be called by support at a date 3 weeks
away.
Got no call, restarted the procedure. Got called in January, and it was
an automatic voicemail or something..
I literally couldn't use my work machine (had a backup desktop to use).
Needless to say, except for the MBP I sadly need for work I'm not
giving apple a dime for my life.
sleight42 wrote 4 hours 2 min ago:
WTF? Apple used to have amazing support, just a few years ago!
My experience, on the phone and via Message, has been uniformly
garbage for years.
It used to be that you could go to the Apple Store and the "Geniuses"
or their management would make it right.
What the hell happened??
epolanski wrote 1 hour 8 min ago:
Original poster here and I share what you say.
I admit I had to interface twice in my life with apple support
(this was the second).
But the first my iPod stopped working, and they just mailed me a
new one without even asking a question or taking back the broken
one.
rtaylorgarlock wrote 6 hours 42 min ago:
Same sentiment here. Actively working to reduce dependence on
anything FAANG.
toomuchtodo wrote 9 hours 10 min ago:
Please file an FTC complaint.
URI [1]: https://reportfraud.ftc.gov/
delduca wrote 9 hours 33 min ago:
It happened to me last night! At that moment, I froze, thinking that
somehow my password had leaked and someone was trying to brute-force my
MFA. At the time, I was at a restaurant celebrating my son's birthday
and couldn't change the password on my phone... So I just ignored it
and when I got home, I changed the password on my MacBook without any
trouble.
This morning, as a precaution, I changed all my important passwords.
Good to know it wasn't just me.
JattMannu wrote 10 hours 42 min ago:
Apple ID Outage: What to Do If You're Locked Out of Your Account
URI [1]: https://www.thebugger.us/apple-id-outage-what-to-do-if-youre-l...
chiefgeek wrote 11 hours 17 min ago:
Happened to me while on holiday in Costa Rica. Was able to reset PW
this morning, thank goodness.
TeMPOraL wrote 11 hours 20 min ago:
Tangential business idea: insurance against getting locked out of your
Google, Apple or Microsoft account.
accrual wrote 8 hours 23 min ago:
How could it work? It would seem the business would need to have some
agreement or side channel with Google/Apple/Microsoft to bypass the
issue. Something like "we will pay you $Amount/year to let us reset
any agreed upon account". Then collect a monthly fee from the users
to subsidize the expense.
amelius wrote 6 hours 28 min ago:
It could work like this. You pay a monthly fee. When you are locked
out, then the insurance will cover the legal expenses.
TeMPOraL wrote 7 hours 3 min ago:
Insurance, not fixing service. They'd collect enough data on
signing the policy to be able to independently verify your
ownership of the account, and in case the account gets locked in
the future, you'll get an insurance payout to help you cope with
the damage. Not that different from order kinds of property
insurance.
accrual wrote 5 hours 34 min ago:
Ah that makes sense, thanks for clarifying. It would be cool
though - subsidize for some dedicated account "unlock/fix/repair"
team at $CORP. They get paid a bunch to sit around and wait for
incoming tickets, then actually help out versus stonewalling the
user like Google does.
someonehere wrote 11 hours 48 min ago:
I feel like these random behind the scenes issues happen a month or two
before WWDC to give Apple the foundation they need to announce new
services.
I had read Apple is switching the name AppleID to be Apple Account or
something similar at WWDC. Me thinks they are quietly pushing code that
somehow is causing this for people.
Maybe itâs an age of account issue or some other commonality.
I signed up for an at me account twenty years ago and still use that as
my living and havenât had issues. Maybe icloud.com users?
sjackso wrote 9 hours 6 min ago:
As a datapoint, yesterday's lockout affected my Apple ID that is
based on a ~25-year-old mac.com address.
LeoPanthera wrote 7 hours 48 min ago:
As another datapoint, my account is equally old, also mac.com, and
I have not been affected.
wepple wrote 11 hours 51 min ago:
Additional datapoint: my account just got locked, was forced to change
password.
I use a gmail email as my login
amadeuspagel wrote 11 hours 57 min ago:
I'm guessing this is due to Apple's paranoia that someone might get an
Apple ID and use iMessage without buying an Apple device.
ThinkBeat wrote 12 hours 1 min ago:
I was thinking about something related yesterday.
It is amazing how big "Internet Silos"
Google, Facebook, etc provide close to no
customer support services and that we "users" have
accepted this.
Getting cut off from one of these places can have a
huge impact on people.
They happen without warning and often without explanation.
I think they ought to be forced to be more open around
the process and how to get help in general.
For Apple I have usually managed to get a hold of some support.
Often not helpful but at least somebody.
With Google and Facebook I have never been able to find anyone.
Sameting that is demonstrated on this site frequently
when someone will post a plea for someone who knows people
at Google who they can't contact on their behalf.
Since they can't get hold of anyone themselves.
(Yes I am sure its covered in the EULA several times that
there is close to no support)
(For Google Workplace it is usually possible to get a hold of someone.)
dariosalvi78 wrote 5 hours 31 min ago:
It's because we just assume that these services must be for free. Pay
for them and the music starts to change...
courseofaction wrote 6 hours 28 min ago:
These corporations are actively hostile to users and it's insane that
anyone trusts or interacts with them.
Recently when setting up GrapheneOS (android OS distro), my login to
google play services was delayed by 24 hours for 'security concerns',
after authenticating via youtube app. (Try to go OSS? Here's a 24
hour ban).
It's funny because the forced youtube app authentication itself is
not a security measure, it's a dark pattern to force the youtube app
to be installed and opened. Logging in by phone or email quietly
doesn't work anymore, the SSO messages never reach their destination.
I find it hard to believe that this is not representative of google's
perverse incentives.
Consistently disgusting, rapacious company.
lelanthran wrote 7 hours 19 min ago:
> I was thinking about something related yesterday. It is amazing how
big "Internet Silos" Google, Facebook, etc provide close to no
customer support services and that we "users" have accepted this.
That's because you aren't the "customer", you're the product. The
people paying the bills for Google and Facebook are the actual
customers.
With Apple it's supposed to work differently - the user is the
customer.
Freedom2 wrote 5 hours 10 min ago:
That doesn't really make sense as I pay for GCP and Google
Enterprise. They specifically refer to me as a customer and in a
roundabout way I pay for their bills. Your statement, while a neat
adage, doesn't reflect the complexity of it all.
rchaud wrote 10 hours 28 min ago:
> Google, Facebook, etc provide close to no customer support services
and that we "users" have accepted this.
This is why I've always rejected the concept of vendor "ecosystems"
and cloud-first SaaS solutions for my personal computing. I've also
designed my life so it's not dependent on having uninterrupted access
to Facebook or Gmail.
ThinkBeat wrote 12 hours 9 min ago:
I was thinking about something related yesterday.
It is amazing how "big social silos
"Google", "Facebook"
barlog wrote 12 hours 46 min ago:
Strangely, I don't see this in Japan?
Any Japanese users out there?
api wrote 12 hours 53 min ago:
Itâs happened with Google too. The use of these huge companies as ID
providers is not a great idea, especially given that they practically
have no tech support.
Apple will let you talk to a human I guess but you have to make an
appointment. Google I have no idea.
j16sdiz wrote 13 hours 4 min ago:
From the anti fraud pov, giving explaination is "tipping".
From user pov, this is frustrating.
I can't see how this can be solved.
user3939382 wrote 13 hours 47 min ago:
My phone was spontaneously logged out of iMessage yesterday which has
never happened before.
switch007 wrote 13 hours 47 min ago:
I'm so glad I recently made the decision to leave the Apple ecosystem.
I'm fed up paying a large premium for a lot of expensive marketing.
Apple HomeKit has completely busted for me. I've done hard resets of
all TVs + HomePods 4 times, tried 5GHz and 2.2GHz....no difference.
It's Apple's problem - clearly with either their latest OS versions
and/or their cloud. I just had to replace a TV remote that didn't even
last a year.
Anyone want to buy a MBP, iPhone 8, iPhone 12, iPad, 5 HomePods and an
Apple TV...? :)
heyoni wrote 12 hours 25 min ago:
Sometimes HomeKit will pick the lowest power device to be the hub
causing everything to stop working. The only fix is to find out which
device that is and power cycle it.
switch007 wrote 12 hours 11 min ago:
Yup, have read that useless advice a lot. Did you read that I did 4
hard resets of all HomeKit devices? Of course multiple reboots too
Even if that were the cause of many issues, it seems like a really
simple fix to adjust the selection algorithm. So why haven't Apple
done it?
dinckelman wrote 13 hours 57 min ago:
So i'm not the only one, huh. Got myself an iPhone, downloaded 2 apps,
went to bed, woke up to a complete lockout. They unblocked me through a
phone support request, after 18 hours, and then hit me with a fresh
ban, not even 24 hours later. Account got permabanned after like 5 more
calls, where they just started sending me a legal notice instead.
The fact that your device can become a complete brick, because of an
issue in their completely hands-off account management system, smells
like a class action suit
amelius wrote 6 hours 26 min ago:
You just paid $1000 for something you don't own now.
Sounds like you have been scammed. Maybe just try to get your money
back?
russellbeattie wrote 6 hours 34 min ago:
> ... a class action lawsuit
After filling out an online form you receive in a year or so, then
waiting another three, you'll get a check in the mail for $2.
Justice! Hooray!
The only people class action lawsuits benefit are the lawyers.
jjtheblunt wrote 7 hours 0 min ago:
What were the apps, and what did you (either explicitly or
inadvertently) allow them to access?
I am wondering if your account was collateral damage of an automated
system detecting misbehavior of the apps.
eyelidlessness wrote 7 hours 6 min ago:
Iâm curious, would you be willing to share the gist of the legal
notice(s)? Even just broad strokes categorization of what they claim,
perhapsâ¦
- unauthorized access related to the lockouts and support requests
you already described
- unauthorized activity related to something else you didnât
mention (even if unfounded)
- some other unrelated but specific violation of TOS or other cited
rules (even if unfounded)
- zero additional information, perhaps reiterating some previous
finding (even if unfounded)
Iâm giving you the benefit of the doubt, but I agree with another
commenter that it sounds like something is missing from your story.
Details like these might help us understand how your experience fits
the pattern of accounts in the article.
fsflover wrote 3 hours 40 min ago:
URI [1]: https://news.ycombinator.com/item?id=40179105
Teever wrote 7 hours 9 min ago:
Class actions just make lawyers rich.
A real way to hit these kinds of companies selling defective products
is to coordinate simultaneous small claims courts cases around the
world.
hx833001 wrote 7 hours 25 min ago:
You should email Tim Cook. Executive relations can often fix
problems.
Edit: amazing that someone downvoted advice. This site has some
problems.
j45 wrote 7 hours 33 min ago:
The cloud is someone else's computer, but I thought customers owned
their phones.
seanmcdirmid wrote 7 hours 43 min ago:
Something seems missing from your story. They banned you for
downloading two apps, or was something else involved? Or you still
have no idea why they banned you in the first place? Just curious.
lupusreal wrote 7 hours 27 min ago:
Of course there is much missing from his story, these tech corps
keep the victims of their incompetence in the dark so not even the
victims know the full story.
bobmcnamara wrote 7 hours 30 min ago:
Probably installed fortnite.
crossroadsguy wrote 7 hours 44 min ago:
> they just started sending me a legal notice instead
This is bizarre and fucked up even from Apple's standard. Did you get
to know anything about it - what happened? Did those legal notices
seem to be automated? Any inkling what could have triggered it (False
alarm? And Apple is known to hide its incompetence in this manners)?
beeboobaa3 wrote 8 hours 58 min ago:
wtf? They destroyed your property and then started threatening you
with legal notices?
crossroadsguy wrote 7 hours 30 min ago:
Have you checked their terms and condition? There might be a clause
that says - since you are using their devices you forfeit claim to
your own backyard ;-)
J/K. But since it's Apple, nothing is far off.
willis936 wrote 9 hours 15 min ago:
Stories like this is why I keep a used pixel 6 in my backpack.
fsflover wrote 3 hours 38 min ago:
Instead, you could choose a GNU/Linux phone as a backup and benefit
from lifetime updates.
TacticalCoder wrote 12 hours 0 min ago:
> The fact that your device can become a complete brick, because of
an issue in their completely hands-off account management system,
smells like a class action suit
This is HN frontpage. It's on a big "Mac" website. The damage is
done.
Many are going to write nonsense like: "Apple is still a $2 trillion
company, so this obviously works for them" to which I'll respond with
a simple question: Did it not work for Apple before these SNAFUs?
Does it work better for Apple now, after fuck ups like that?
It's not normal behavior and they are losing customers over this.
We had an Apple "moment" in the family: around the 2012'ish MacBook
Air era. Two at home and they worked fine, for about ten years. Then
the battery issues, the keyboard issues, the trackpad issues.
Eventually these MacBook Airs died a painful death.
I'm on Linux since the nineties (and, yup, I can get into my system
with Apple or Microsoft forcing an online ID down my throat) but the
Macs were convenient for the wife.
So we bought a MacBook Air M1. After 13 months or so the screen died
alone, overnight: was working fine before closing the lid, was dead
in the morning. There are threads with dozens of pages on that
subject.
That's when I switched the wife to Ubuntu. Ubuntu, Linux Mint: she
doesn't care. Heck, I probably could have her use Debian or Devuan
(Debian without systemd).
Apple is done for us. It's over. We'll never ever buy a Mac again and
I'll never ever recommend a Mac to anyone.
And I'm far from the only one thinking that way.
The damage is done.
Rationalize as much as you want, invoke AAPL's market cap as much as
you want, and enjoy being locked out of of your devices without any
recourse.
pmarreck wrote 6 hours 14 min ago:
Linux fan but hard pass on this. Apple's ecosystem integration
across their devices (I have Apple Watch, an M1, an iPhone 15 Pro
Max, a couple Apple TV's etc.) is unparalleled. And the iPhone
camera is excellent for documenting my rapidly-growing, almost 3
year old kid. Also, Livephotos kick ass. Every single Android phone
I've used is annoying AF and I hate having to fix issues with them
when I'm at my in-laws' house (her dad insists on them for... some
irrational reason).
Of course, I do sync my entire photo library with both Google
(preserves the Livephotos) and Amazon (does not preserve
livephotos), because I once lost an entire photo library due to a
fuckup combined with an Apple bug. And I use non-Apple services for
music and video.
Maybe just don't put all your eggs in one basket to the extent you
can.
talldayo wrote 5 hours 50 min ago:
Sounds like the same shtick I heard from Windows 8 apologists in
the past. "Yes, yes, Microsoft is a ghoulish company; but look at
how my laptop connects to my Xbox!"
Apple's whole premium marketing shtick feels gone. Not only has
the halo-effect worn off now that everyone owns an iPhone, but
they're portioning up their own operating system to endless
service integration and nonsense software offerings. Who the hell
is paying for Apple Arcade? What about Apple Music Voice? Does
anyone still pay for Apple Fitness+ without having forgot to
unsubscribe? The whole thing reeks of Microsoft trying to market
Groove Music and Onedrive to an audience of confused senior
citizens and barely-literate pre-teen gamers.
Their hardware revenue is threatened, their software revenue is
headed towards the toilet, and their latest product category is a
non-starter. If you aren't preparing to see the worst of what
Apple is capable of, I advise you get ready (and perhaps an
alternative smartphone you feel comfortable using).
pmarreck wrote 1 hour 54 min ago:
I canât hear you over the 140 photos of my son I am
airdropping to my sister at full resolution and way faster than
they would be made available to her in any other fashion
But again, I am a Linux fan (NixOS actually), despite it
sucking ass in the user department
jncfhnb wrote 7 hours 46 min ago:
The prose here insisting the damage is done comes off as clueless
when the apparent scale of the damage is trivially, if not
undetectably, small.
yoyopa wrote 6 hours 13 min ago:
you don't say... a guy saying "the wife" and talking about linux
isn't clued in?
EasyMark wrote 8 hours 7 min ago:
As a counterpoint, I have 4 macs notebooks, 1 dating back to 2011
and they all still work, well the 2011 has to stay plugged in
because the battery is basically useless at this point but it makes
a not too bad NAS with linux running on it.
blegr wrote 11 hours 50 min ago:
Everyone has a brand they're never buying again because of a few
problems they had in the past. For every new brand they _are_ still
buying, there are 10000 other people who are never buying _that_
one again because of a few problems they had in the past.
The only difference I've seen between Apple and my previous laptop
brands is that their support techs are useful.
sottol wrote 11 hours 39 min ago:
And unlike, say, Samsung Ultrabooks or even Microsoft Surfaces,
Macs last a really long time. My kids are using my 2011 MacBook
Air and 2009 iMac and they still work, even the battery still
kinda hangs in. They've had a few rough years 2016-2019 with the
butterfly keyboards but I don't know many current manufacturers
with products as solid long term.
jajko wrote 7 hours 20 min ago:
Dude Samsung can last a ton if you treat them normally, you are
just confirming what OP was saying. One random example - I saw
SGS II working 12 years with same battery, flawlessly. I am not
even going into phones comparison, enough folks around who are
not happy or migrating back to Androids for various reasons.
As for laptops I guess you are joking, I've yet to meet a
single big corporation in Europe where macbooks are even
allowed on premises, unless its some web app testing team or
similar.
Some folks live in great echo chambers, I agree this site is a
massive one for Apple. That's a simple fact, comments here
confirm this. Which is fine on its own, but its not balanced
truth you often find here.
gamblor956 wrote 7 hours 49 min ago:
My Surface Pro 3 still gets 90% battery life.
My HP hybrid tablet, now over 15 years old, still works (when
plugged in).
My dad's IBM Thinkpad, older than most people currently on this
website, still works.
Apple people like to claim that Apples last longer than their
competitors, but that simply isn't true. Most people, myself
included, can't tell you what Dell or HP support is like
because we've never had to use them. But every Apple user knows
what Apple support is like, because every Apple user has had to
use them.
stouset wrote 3 hours 47 min ago:
Iâve been an Apple user since the Core 2 Duo laptops. So
something like 20 years. Iâve owned countless laptops,
every other iPhone since launch, two iPads, two watches (a
first gen and last yearâs), two HomePods, a pair of AirPods
Pro and Max, a Time Capsule, two Apple TVs, and⦠lord knows
Iâm missing multiple somethings.
The only time Iâve had to use support is when Iâve broken
an iPhone screen to have it replaced.
YZF wrote 6 hours 16 min ago:
I'm writing this on a 2013 MBP. This specific machine is
slightly bent and endured being hit by a car. Those other
laptops that you mentioned, that aren't made out of aluminum
would be dead. I've also had a few Lenovo T410s (circa 2010).
I would say the quality and spec of those T410s isn't up to
par with MBPs of similar era. Their CPU fans fall apart. They
tend to overheat. The hinge breaks- plastic. The display and
audio quality is worse. Software support also sucks. At some
point newer versions of Windows just don't have good support,
the webcam from example doesn't work in modern Windows. On
the Macs though you can still run fairly modern OS and
everything works. I would totally take a 2010 MBP over a
Lenovo Thinkpad of any type. (EDIT: from the same era)
I've also used top of the line Dell laptops over the years
and a Lenovo Yoga.
Way way back I used to have a desktop color Macintosh of some
sort (I forget the model, a 68k, maybe IIci ?) and as PCs
were getting tossed in the landfill for years while the Mac
kept going and running most new software.
I just bought my daughter a laptop and decided to go with the
MacBook Air m2. Great value for money IMO. Not sure what's
even close in terms of performance, build quality, battery
life etc. This should easily last 10 years.
goosedragons wrote 4 hours 37 min ago:
No. Those other laptops WOULDN'T be dead. They WOULDN'T be
dented either. ThinkPads from that era had a maganisum
alloy frame. They are hella rigid but the plastic shell
gives enough bouce so they don't dent when dropped.
And macOS software support is awful. It's completely random
and up to the whims of Apple with some models getting only
6 or 7 years support if you bought at launch.
YZF wrote 2 hours 43 min ago:
I'm not talking about a dent. I'm talking about the
entire (closed) MBP bent by a car driving into it. There
is no way a ThinkPad plastics wouldn't have broken (and
its frame bent). But I guess we can't perform this
experiment. Plastic is just not as good a material -
sorry. Not just is it not as strong when new it also
doesn't have the same longevity.
See here for some random MBP drop tests: [1] The
ThinkPads are pretty good vs. most laptops in terms of
design and durability (going back to IBM). I still think
the MacBooks are an overall better design. I owned 3
T410s for many years and repaired them and kept them
going so I'm very familiar with their design (And all the
things that broke or failed over those years). The laptop
I'm using right now is a 2013 MBP (which has been my
daily driver for a long time with zero issues) and I have
a new 13" M3 MBP work laptop (a great laptop) and another
2012 MacBook right here with me.
I agree 6 year OS software support isn't good but the
2013 machine still got updates up to the end of last year
(though can't run the very latest OS). That said, as long
as applications run on the older OS it's not necessarily
such a huge problem unless some critical security issues
pops up.
URI [1]: https://youtu.be/8kLtQBF52m8?si=a42uejjR4rUWWg-F
gamblor956 wrote 5 hours 20 min ago:
To put things bluntly, literally every classmate in law
school using an Apple laptop had to get their laptop
replace at least once due to the failure of the device
caused by normal usage. My understanding from younger
relatives is the same.
That HP hybrid? That was my laptop in law school. It still
works, and it's great for drawing (though not as good as my
Surface).
Their CPU fans fall apart. They tend to overheat. The hinge
breaks- plastic. The display and audio quality is worse.
Apple laptops circa that era were notorious for heat
issues, weak plastic, and poor displays. Their sound
quality wasn't much better than a cheap PC laptop, unless
you shelled out for a top-of-the line MBP..and of course a
$2500+ laptop is going to be better than a $500 laptop.
Software support also sucks. At some point newer versions
of Windows just don't have good support, the webcam from
example doesn't work in modern Windows.
This is objectively false. I can still run software, and
use hardware, from the 80s on my Windows 11 desktop. You
can't even run 5-year old software on an Apple because
Apple broke compatibility.
while the Mac kept going and running most new software.
This is objectively false. Older Macs can't runner new
Apple OS software.
YZF wrote 4 hours 56 min ago:
My 2013 MBP is running Big Sur latest release September
11, 2023. But yes, you can't upgrade past that. All the
hardware and software works just fine.
My web cam on the T410 doesn't work under the Windows
version it's running and hasn't worked for many years
(and I've had a few of those, it's not just one bad
hardware).
EDIT: The variability of hardware on Windows laptops is
just so much larger. There's so many different
motherboards, so many different peripherals, so many
different GPUs. There's no way Microsoft is testing
against all permutations of laptops from more than 10
years ago with their native drivers. Lenovo doesn't have
modern drivers for the T410 either and I doubt other
laptop companies release new drivers for their old
laptops. I've owned and used for work many Windows
laptops from various vendors. I've had 3 T410s I
inherited and I spent a lot of time trying to keep them
going including cannibalizing some of them for parts.
gamblor956 wrote 4 hours 33 min ago:
My web cam on the T410 doesn't work under the Windows
version it's running and hasn't worked for many years
The T410 works in Windows 11, so if it's not working
for you, it's a simple driver update.
But on the note of Apple just working, there is an
entire frontpage thread about how Apple isn't "just
working" for thousands of people whose Apple IDs have
been locked out. And The Verge currently has a
front-page post about their Apple editor discovering
that Apple doesn't just work and in fact has quite
piss-poor speakers ( [1] ).
URI [1]: https://www.theverge.com/24139303/mac-mini-lap...
YZF wrote 4 hours 24 min ago:
I'm just about to retire my last of 3 T410s (its
hinge is broken and it tends to freeze from
overheating. I replaced the cpu fan on it 2 years
ago). I tried all sorts of drivers. Some just don't
work. Some work for like 10 minutes and stop working.
Windows 11. Maybe there is some magical driver
somewhere. Are you guessing or do you have a T410
with Windows 11 and you use the webcam regularly?
Yeah, I saw the Apple ID thread today. I thought
Apple ID was optional. (e.g. I don't have an Apple ID
for the MBP I'm using right now).
The article you linked to says: "My M2 Air had great
speakers." It's the Mac Mini (not a laptop) that has
poor speakers. Can't comment on that one.
EDIT: A by the way there is that I believe a T410 can
actually have different components, i.e. some might
have a camera from one vendor while others have a
camera from another.
talldayo wrote 6 hours 6 min ago:
It's all a matter of tradeoffs. Aluminum is nice but it
doesn't protect the internal glass panel from shock damage
and a $600 topcase replacement if you mess it up.
Especially on the older Macs, that chassis adds to the
weight and leaves them pretty fragile considering their
tank-like exterior.
Speaking for myself, I'd rather have the plastic Thinkpad.
Lenovo commits well to the OS I use (Linux) and I don't
want to baby around a laptop that threatens to bankrupt me
if I drop it on the Starbucks tile. In terms of longevity,
I can do a hell of a lot more with a 10 year old Thinkpad
than I can with a 10 year old Mac.
> Not sure what's even close in terms of performance,
build quality, battery life etc. This should easily last 10
years.
Recently picked up a Lenovo Thinkbook with a Ryzen 5800u in
it. Basically a Steam Deck in sheep's clothing, with a nice
HDR 1440p display. I gave it to my brother, and I expect it
to last just as long (if not further with community driver
support).
YZF wrote 5 hours 5 min ago:
The M2 is faster and more power efficient than the 5800u.
The display is 2560 x 1664. I think the Air display is
better and brighter. The speakers on the Apple laptops
also tend to be better.
Not sure about drop resistance or cost of repairs. I've
dropped MBPs and they were fine (anecdotal) and the MBP
I'm using was literally hit by a car and was slightly
bent as a result and still works.
The battery life of the air is supposedly 18 hours and
having no fan is also nice. No laptop I previously used
compares with my work MBP m3 for battery life or
performance. The air weighs 2.7 lb. I don't know which
specific Lenovo you got at but the Thinkbook 14 weighs
3.3lb.
That said, I did pick a 13" Lenovo Intel i7 about 5 years
ago when I was looking for a laptop for my other
daughter. That laptop is still going strong. It did die
about a year after I bought it but was repaired under
warranty (still a quality question though). But I think
today Apple has pulled ahead and the prices on the m2
these days are good.
I've never had a good experience with Linux on laptops.
The hardware support always seemed iffy. Power management
also iffy. But I have to admit I haven't tried in a long
while.
rrrix1 wrote 6 hours 24 min ago:
I am a satisfied Apple user, and have been for over 30 years.
I have never contacted Apple support. Not once. Yes, really.
Unfounded claims are unfounded.
Sometimes devices break, sometimes they last for 20 years and
keep on humming.
Also for the record, I'm also a Linux, Windows, and FreeBSD
user running on HP, Dell, Lenovo, SuperMicro, Framework,
System76 and DIY machines.
My experience indicates premium components usually (but not
always) last longer than more economical alternatives.
That said, if I never had to use a Microsoft product again,
I'd be fine with that.
adamomada wrote 6 hours 34 min ago:
I hope you can see that what you wrote canât possibly be
true.
Surface people, HP people, or Thinkpad people have all had to
contact support at times as well. Is it more or is it less
than Apple, is the question (and isnât answered)
kyriakos wrote 7 hours 34 min ago:
The comparison people tend to compare from their experiences
are usually much cheaper models. This is the main reason they
feel apple lasts longer.
prmoustache wrote 10 hours 20 min ago:
In my experience laptops from the competition are as durable
when you pick up the professionnal line instead of the general
consumers one. That will be Lenovo thinkpads, Dell latitude, HP
elitebook, etc.
fl0ki wrote 4 hours 0 min ago:
Agreed. There are countless old models you can buy off eBay,
drop in a new SSD and battery, install your distro of choice
and keep using for several more years. Almost all models of
that kind have a lot of serviceable parts, for example
replacing the thermal paste is usually easy and makes the
cooling better than it was brand new.
I haven't bought one myself simply because I have my own
units that still work 10-15 years later. The screens mean
they're dreadful as actual hands-on laptop experiences, but
they're perfectly fine for home servers with built-in battery
backup and management console.
ornornor wrote 4 hours 53 min ago:
Lenovo has been tarnishing the think pad brand for several
years now, pushing plastic junk that also has the thinkpad
branding. Itâs not enough to stick to thinkpad anymore,
which thinkpad matters.
Ditto HP. Their machines are⦠not great to operate on (from
a maintenance perspective), their hardware maintenance
manuals are much lower quality than they used to beâ¦
Only dell latitude hasnât disappointed me yet, and I fix
laptops as a hobby so Iâve worked on quite a few 2014-2019
machines.
blegr wrote 9 hours 35 min ago:
I'll admit the support for my Dell was pretty good. They sent
someone on-site to fix a known defect in their product line.
anecdotendum wrote 12 hours 20 min ago:
Bought a brand new MacBook last year and set up a fresh iCloud
account to go with it. Problem was for the First and Last Name I
entered some variant of Unknown User / Unknown Account (for
privacy..) and chose a username
âuser.mailbox.unknown@icloud.comâ. Everything was fine but 24
hours later, I could no longer sign into the account. It was saying
my password was incorrect! I was 100% sure this password was right so
wtf? In a panic, try to remove the account from my brand new device
and canât! You have to sign in normally to remove an account in
settings. Obviously I called Apple support and a high quality
American sounding woman took my call. She said my account appeared
like it had been deleted, like when a user deletes their own account.
She placed me on hold and found out whatâs going on. Apparently
âengineeringâ had my account DELETED. My only guess is they
didnât like my user name / mailbox name and suspected I was a fake
person. Anyways the lady was able to get my account temporarily
reinstated right there on the spot and I was able to login and delete
that toxic account off my Mac. I made a new account and
everythingâs working fine. Needless to say I was very impressed
with how they handled my situation, within 20 mins no less.
idle_zealot wrote 9 hours 18 min ago:
You were impressed with how they automatically deleted your
legitimate account and forced you to make a new one?
anecdotendum wrote 1 hour 6 min ago:
No I wasnât impressed by that part Lol it actually terrified me
badly because the Mac is still the single most important tech
item I own, imagine if it was a $1600 Googlebook and locked on a
brand new Google account. Who do you call? Anyways I accept
partial fault for registering a sketchy mailbox name and using a
name such as Unknown Name. But then again, perhaps itâs
possible for a legal person to have that name so theoretically it
could be legitimate. Not sure if any jurisdiction would allow a
person to make their name that.
nrml_amnt wrote 8 hours 20 min ago:
They were impressed by the high quality American woman.
anecdotendum wrote 1 hour 8 min ago:
Wrong. That description was meant to provide context to the
story. Vs the alternative: getting some foreign oversees call
center agent who doesnât speak English as a first language
and doesnât truly care about my account, as many companies
use. When I said quality, I meant professional and helpful at
the same time as an employee. Her being female was of no
consequence and thatâs your own projection.
I was impressed simply by the timely resolution of their
engineering issue.
johndunne wrote 12 hours 28 min ago:
This happened to me yesterday although I was able to quickly unlock
my account on my MacBook pro. I spent a while making sure it wasn't
an attempt by a backdoor to access my password. Felt very suspicious!
javajosh wrote 12 hours 29 min ago:
>smells like a class action suit
You (and others like you) need to meticulously record and assess the
financial damage the lockout does to you.
everforward wrote 12 hours 24 min ago:
Do I bill them for my time hourly, or as a cost plus project?
rtaylorgarlock wrote 6 hours 43 min ago:
Can't be that hard to justify in some way for a filing. The
industrials and big commercial guys do this all. the. time. I
even bet there's bunches of SLA templates out there with the
right litigious lingo to ease the filing.
uh_uh wrote 12 hours 58 min ago:
Same applies to Apple terminating legitimate developer accounts and
thus destroying livelihoods.
chrisjj wrote 13 hours 19 min ago:
Return for refund?
Handprint4469 wrote 13 hours 43 min ago:
I bought an iPhone a couple of days ago, and was planning on using
the weekend to finally migrate from my old Android phone. Luckily, I
haven't even opened the box so I should be able to return it for a
full refund. No way I'm spending over $1000 for this kind of
experience.
yannis wrote 12 hours 59 min ago:
Black swan events can happen to you. Recently I traveled to a
European country from my base (Middle East). I normally take my
phone and laptop with me and they are synced. I forgot the laptop
charger and could not get one locally not at least for about a week
and then dropped my phone and it got damaged. I bought another
phone (Adroid) and tried to log in to by google accounts. It
recognized the email and the pswd but then wanted verification from
the original device! Despite having the original sim in the new
phone.
On my return everything went smoothly through my laptop. Scary
though.
My conclusion - have two physical phones + laptop all synced, plus
hardcopy of important pswds etc.
Data is easier to protect by offline and online back-ups, but your
online identity is hard.
ssl-3 wrote 3 hours 58 min ago:
Or, keep a set of single-use backup codes for 2FA. Google offers
this[1], though I don't know if Apple does or not.
Storing them seems problematic, but it really isn't: They're
just random-looking 8-digit numbers and nobody but you needs to
know that they belong to your Google account.
Or, KISS. If you're happy with the idea that the SIM card
controls the key to the castle, as it seems that you are, then:
Put a backup code in a contact in your SIM card. (It is kind of a
lost art these days, but SIM cards are still data storage devices
here in 2024.)
[1]
URI [1]: https://support.google.com/accounts/answer/1187538?hl=en...
BiteCode_dev wrote 8 hours 10 min ago:
A google account is not required to use an Android device.
So if you don't tie all your contacts, sync and backup to your
google account, you can have a phone that they won't lock you out
of.
treflop wrote 9 hours 7 min ago:
1. Use two-factor auth.
2. Save those backup codes.
3. Be able to get those backup codes in some worst case scenario.
I have had to start from scratch before but never have been
locked out.
marcosdumay wrote 8 hours 10 min ago:
4 - Discover that those backup codes are useless because the
service provider will refuse to acknowledge them when you
travel.
The fact that we are stuck with a pair of global apathetic
undemocratic identity providers is absurd. And one of the
reasons why that "shattered dream of passkeys" is on the front
page. At least that dream got shattered, it would be worse if
it went through.
r00fus wrote 7 hours 41 min ago:
I need to hear more about this scenario.
hedora wrote 10 hours 41 min ago:
I had a similar experience with google a while back.
My conclusion: Eliminate what little remaining usages of their
services I have.
Doing that with iCloud and Google would be a colossal pain. This
event has me thinking more seriously about self-hosting a few
more things.
genevra wrote 7 hours 41 min ago:
Exactly. I recently had the same experience of being locked out
when I lost my old device and had no recourse. My conclusion
was the same and I've stopped relying on all Google services
except Gmail.
pmarreck wrote 6 hours 8 min ago:
> when I lost my old device and had no recourse
Well, if you used Google 2FA, the Authy app exists, and
allows you to securely store 2FA in the cloud (as long as you
remember your Authy credentials).
If you don't, then yes, your physical phone essentially
becomes a dongle and if you lose it, you're screwed. Perhaps
they don't educate users enough about this, but that's the
fact
HenryBemis wrote 8 hours 11 min ago:
> My conclusion: Eliminate what little remaining usages of
their services I have.
This. I never used the Apple's Cloud offerings to backup things
- and I stopped using any Apple devices since the BatteryGate.
I semi-degooglify my Android(s), and never use the "Google-*"
(contacts, calendar, etc.). I block them with NoRoot Firewall
and disable them, and use other apps for those services. I sync
with my Oulook (2013) and my backup is with Carbonite. I do
have to jump through a couple of hoops, but considering that I
don't live under the threat of 'death' by Apple or Google to
hold me hostage with my data/etc, the little effort is well
worth it.
rufus_foreman wrote 7 hours 37 min ago:
>> I never used the Apple's Cloud offerings to backup things
I try not to, but every year I log in and check and there is
data stored in their cloud that I specifically tried not to
have stored there.
fauigerzigerk wrote 10 hours 58 min ago:
>My conclusion - have two physical phones + laptop all synced,
plus hardcopy of important pswds etc.
Why do you need more than a single phone plus a hardcopy of your
Google recovery codes (assuming you know your Google account
password)?
gwerbret wrote 10 hours 49 min ago:
> Why do you need more than a single phone plus a hardcopy of
your Google recovery codes
Because, as I can tell from a similar experience to GP's, they
also won't save you if the authentication infrastructure
decides you're not who you say you are.
fauigerzigerk wrote 10 hours 34 min ago:
If I lost my phone, I would still have access to three
different recovery methods:
- I have my recovery codes
- I have access to my recovery email address
- I have access to a TOTP token
I would hope this is sufficient to persuade Google's
authentication infrastructure to let me in.
shanemhansen wrote 8 hours 53 min ago:
As I learned in Google SRE: "hope is not a strategy"
fauigerzigerk wrote 7 hours 2 min ago:
Hope is part of every strategy that doesn't have infinite
cost.
CatWChainsaw wrote 10 hours 51 min ago:
In case one phone doesn't work or is lost or stolen or broken,
I guess. Plus buying a second phone is great for the economy!
Society was collectively sold this deal where if you entrust
everything to a trillion-dollar company, you'll be treated well
and this sort of thing wouldn't happen. Yet it appears to be
happening, and the trillion-dollar company that has the
resources to deal with this so far isn't being very helpful,
and it's falling to the consumer to take insane amounts of
proactive measures to not have their digital lives fucked up
when the exact deal was that you wouldn't have to, but of
course now the party line will be "well you were obviously
stupid to believe the trillion-dollar company's trillion-dollar
marketing, then."
And I'm annoyed as one of the people who did not buy into it.
rchaud wrote 10 hours 36 min ago:
Even more damaging is the lie that modern tech continues to
sell people: that they're too stupid to use computing
technology, and all the restrictions of the platform
(relative to real computers) are actually for their benefit
and not the corporation's.
CatWChainsaw wrote 7 hours 20 min ago:
And, almost everything is a "computer" nowadays, from your
phone to your car to your refrigerator, but only the OG
computer is even remotely "fixable" to the average
consumer. All the others, you're hamstrung and forced to
go through official channels for subpar, marked-up service
because if you try to do anything yourself they'll brick
your device and maybe sue you for good measure.
adamomada wrote 6 hours 21 min ago:
I think the modern definition of computer is something
with a screen and keyboard. While youâre right that
almost everything has a chip in it, calling your fridge a
computer is disingenuous.
CatWChainsaw wrote 6 hours 9 min ago:
Ah, but a smart fridge has a screen and a keyboard now
too, and so do car consoles :)
adamomada wrote 6 hours 8 min ago:
Touché
SkyPuncher wrote 10 hours 58 min ago:
This is actually great. You basically look like a stolen device
with a sim swap.
05 wrote 8 hours 5 min ago:
How would the thieves know the password? Even unlocked iPhones
donât show saved passwords without Face ID prompt..
SkyPuncher wrote 7 hours 4 min ago:
A reused password that was breached somewhere else.
gruez wrote 12 hours 2 min ago:
> It recognized the email and the pswd but then wanted
verification from the original device!
Did you have 2fa enabled by any chance? I have 2fa via TOTP on my
accounts and while they offer using a signed in phone as a
verification option, using TOTP was always an option, and I was
never locked out of my account.
>Despite having the original sim in the new phone.
That would only help if google had some way of tying the
installed sim to your account. Given the privacy implications and
the technical difficulties, I wouldn't be outraged at the fact it
didn't take your sim into consideration.
yannis wrote 11 hours 49 min ago:
Yes I had 2fa + OTP, however being a new phone they still ask
you to tap on the old phone.
gruez wrote 9 hours 49 min ago:
Are you talking about a prompt like this[1]? If so, there
should be a poorly named "more options" or "don't have your
phone?" link that gives you the option to enter your TOTP
code instead.
URI [1]: https://blogger.googleusercontent.com/img/b/R29vZ2xl...
layer8 wrote 12 hours 32 min ago:
Don't bind your online identity to Apple or Google or Microsoft,
in particular not the email addresses you use for accounts. That
at least limits the damage they can do.
notyourwork wrote 8 hours 11 min ago:
There really isnât a good solution for this for the masses,
is there?
adamomada wrote 6 hours 29 min ago:
You can use your own domain with Google at least, and Iâm
guessing Microsoft as well. It could be a good middle ground
where you control your email and just let google,etc use it
for the time being. It looks just like gmail but you can
always get out if you have to.
layer8 wrote 6 hours 51 min ago:
Buying a domain is not difficult, nor is configuring it with
a mail service like Fastmail. Yes, itâs slightly more
involved than signing up at GMail, but itâs less
complicated than doing your taxes (YMMV). The more people do
it, the more helpful resources and service would appear for
it. The problem is most people donât care until they get
unlucky and their account gets cancelled for inscrutable
reasons. It would be better to have regulation that protects
users.
notyourwork wrote 3 hours 31 min ago:
Although I can and have managed domains and mail services,
I donât agree that what you described is for the
majority. Do you really think thatâs true?
layer8 wrote 3 hours 11 min ago:
In the current state, the majority will need some help,
similar to how they need some help when something goes
wrong with their laptop. But as I said, if this would
become a more widespread practice, more services would
become available that make it easy and that help in case
of trouble.
The biggest impediment is probably that most people
arenât willing to pay (say) $10 per month for a domain
and email hosting like they do for streaming services,
because theyâre used to email being free. So they
remain at the mercy of the big providers.
But I can at least encourage the HN crowd here to move to
independent services and to use their own domain.
stouset wrote 3 hours 38 min ago:
The risk of an average person forgetting to update their
credit card details and irrecoverably losing a personal
domain is almost certainly thousands of times higher than
them being accidentally and permanently locked out of a
Google or iCloud account.
layer8 wrote 3 hours 20 min ago:
Where I live, the most common payment method for such
services is direct debit from your bank account, where
the details never change unless you switch banks; and in
the rare event that you switch, you can make use of a
service that banks are legally required to provide for
transferring debit mandates to the new account. I bought
my first domain about twenty years ago and never had to
change anything regarding payment.
stouset wrote 3 hours 12 min ago:
A lot of people live paycheck to paycheck. Iâd wager
even more people on average would lose their domains
with this approach either by forgetting to or being
unable to put the necessary funds in their account, and
having the payment declined.
Losing your entire online identity because you didnât
pay on time is an absolute show stopper for an enormous
number of people.
Most people are not tech people. They do not know or
car, or even care to know, about the details and
importance of maintaining and protecting an online
identity. They wonât remember to update payment
details until things start failing. They wonât check
their email frequently enough to notice before this
happens. They will ignore text messages, either
assuming theyâre scams, spam, or unimportant.
layer8 wrote 3 hours 3 min ago:
Youâre in the US, presumably? Is it really that
common there for people to overdraw their account to
the extent that direct debit in the $10 range would
fail? That would be a very rare occurrence here. And
you wouldnât immediately lose your domain just
because the payment failed once. It would be a much
longer process.
People also have a mobile phone number with a plan
they have to pay for. I donât see why a domain
should be any different, and it isnât actually that
different in my country.
lazyasciiart wrote 1 hour 50 min ago:
5% of American households have no bank account at
all - either because fees are too high or because
they have cashed bad checks or failed to pay bank
fees in the past and are now refused an account.
Another 25% had their bank balance go below zero in
the past year. And that number is worse than it
sounds, because it doesn't include people who have
selected to have transactions fail instead of put
their balance below zero.
URI [1]: https://www.consumerfinance.gov/data-resea...
CydeWeys wrote 8 hours 25 min ago:
Fundamentally it's going to be be bound to someone though. If
you run your own domain to host your main email address, you're
now bound to the registrar's login to manage that domain name,
and also the cloud provider you're using to host the mail
services (unless you run that off a machine you have physical
access to).
kelnos wrote 5 hours 39 min ago:
Sure, but I'd much rather be bound to a domain registrar,
where I'm paying them for a small, well-defined,
self-contained service, where I have recourse if they do
someone shady to me.
For Google/Apple/etc., I'm either not paying them at all (in
which case they have very little incentive to help me off
someone goes wrong), or I am, but for a basket of services.
The identity portion of those services is probably not what
that company is focusing on providing, and any weirdness with
any other service in that basket could cause me to lose my
access to the identity bits, often without recourse.
layer8 wrote 7 hours 45 min ago:
Yes, but you can choose a medium-sized, established registrar
with a functioning human support desk, where you are the
customer instead of the product driving hyperscale ad
revenue. The hosting provider is not an issue, because you
can switch very quickly to a different one if needed, and
only have to change your DNS entry at the registrar, or
whatever you use as your nameservers. Depending on your
countryâs jurisdiction, you also may have some legal rights
to the domains you acquire under the country TLD and are not
exclusively at the mercy of the registrar.
EasyMark wrote 8 hours 12 min ago:
If you use your own domain, open source software, and backup
often they can't lock you up forever like
Google/Microsoft/Apple tho
CydeWeys wrote 7 hours 52 min ago:
You're missing my point that you're still beholden to the
domain name registrar that manages your domain name on your
behalf. That account getting permanently locked out will
have all the same bad consequences for your online life as
your Google account getting locked out.
And keep in mind that being a domain name registrar is a
low margin business (typically they're only grossing a few
bucks per domain per year, before accounting for any other
expenses like staffing and systems), so you're not gonna
get great support.
wwweston wrote 6 hours 20 min ago:
At some level, every business has incentives to minimize
what they provide you vs what you provide them. But even
low margin businesses where youâre the customer are
more likely to have incentives and structures built
around paying attention to you than low margin per user
businesses where users arenât the customer but part of
the product.
the8472 wrote 6 hours 25 min ago:
My understandingis is that legally you own the domain and
the registrar is only managing it on your behalf and they
are required to transfer it to another registrar if they
terminate you as a customer. As recently happened for
russian users on namecheap for example.
Animats wrote 6 hours 40 min ago:
The backup for that is a registered trademark on the
domain. Recovery via ICANN procedures is slow, though.
imwillofficial wrote 6 hours 56 min ago:
I donât think anyone is arguing that they can get away
from the chain of trust required to operate in the modern
world.
I believe they are advocating for minimizing risk by not
deeply integrating with capricious cloud providers.
rchaud wrote 10 hours 43 min ago:
iTunes didn't even allow you to add your own album art. To do
so you had to be signed in with Apple ID, so Apple could look
up the album details on the iTunes store and set the image that
way.
This was in 2008, so the software ecosystem lock-in strategy
was already well-established back then.
imwillofficial wrote 6 hours 55 min ago:
I was adding my own album art to ripped CDs since well before
2008.
lapcat wrote 8 hours 26 min ago:
This is utterly false: [1] You could always edit artwork in
iTunes. Indeed, you could import albums from your own CDs and
not even use the iTunes Music Store at all.
URI [1]: https://www.youtube.com/watch?v=bnBsIAiZfFc
rchaud wrote 7 hours 2 min ago:
The video you linked is from 2015, almost a decade after
the time period I referenced in my comment.
lapcat wrote 6 hours 43 min ago:
You're seriously doubling down on your ignorance instead
of just admitting that you were wrong?
Google Search tends to favor more recent links, but
here's one I found from 2010, which is closer to your
2008. [1] I've now provided two points of evidence. Now
show us yours.
[EDIT:]
iTunes 4: What's New
June 23, 2004
"View song artwork for songs purchased from the iTunes
Store, or add your own artwork to the songs in your
library." [2] From 2008: [3] Editing Info
Each audio or video file in iTunes has several settings
and tags that can be easily modified. These options can
be accessed by selecting any file in the iTunes browser
windows and selecting "Get Info" from the File menu. You
can add song lyrics, artwork and set special playback
options. The "Info" tab lets you edit information about
the file including artist and album info
URI [1]: https://www.macworld.com/article/206005/itunesar...
URI [2]: https://web.archive.org/web/20120606153823/http:...
URI [3]: https://web.archive.org/web/20080213232351/http:...
generalizations wrote 6 hours 6 min ago:
> You're seriously doubling down on your ignorance
instead of just admitting that you were wrong?
From the guidelines:
> Be kind. Don't be snarky. Converse curiously; don't
cross-examine. Edit out swipes.
> When disagreeing, please reply to the argument
instead of calling names. "That is idiotic; 1 + 1 is 2,
not 3" can be shortened to "1 + 1 is 2, not 3."
> Please don't fulminate. Please don't sneer,
including at the rest of the community.
URI [1]: https://news.ycombinator.com/newsguidelines.ht...
kelnos wrote 5 hours 36 min ago:
Perhaps something to add to the guidelines: "don't
try to weaponize the guidelines when someone calls
you out for misrepresenting the facts".
lazyasciiart wrote 1 hour 48 min ago:
And "before using the word 'you', go back and check
the usernames of each comment you are reacting to"
generalizations wrote 5 hours 4 min ago:
I don't really care one way or the other if iTunes
let people set custom album covers back in the day.
That first comment by OP just stuck out like a sore
thumb. The guidelines are there because they make
HN nicer to participate in.
CatWChainsaw wrote 12 hours 6 min ago:
Which is why they make it so hard to avoid doing this.
layer8 wrote 10 hours 30 min ago:
Using your own email account doesnât generally make things
more difficult.
CatWChainsaw wrote 10 hours 24 min ago:
I'm thinking of Microsoft Accounts on PCs and how you need
to know how to jump through hoops to avoid them at OOBE.
And about how this is about AppleIDs and losing them - it's
my understanding that Apple is less aggressive about
AppleIDs than Microsoft is about Microsoft accounts, but
also, TFA. Google has similar levels of fuckery especially
if you're on Chromebooks but Google's sin is nonexistent
customer support. I wouldn't want my most important email
address to be tied to any of these three, although I speak
as a gmail-using hypocrite who plans to change that soon.
toast0 wrote 8 hours 36 min ago:
The thing that really bugs me about Google is you can
make an account tied to an unrelated domain, but then
they don't let you use that for a lot of things, so
you're forced into a gmail account.
TeMPOraL wrote 12 hours 38 min ago:
> My conclusion - have two physical phones + laptop all synced,
plus hardcopy of important pswds etc.
And then say, Meta decides to ask for login verification on your
other device, and you lose that account because you always logged
to it through a browswer in private mode, so no device actually
has an active session. Happened to my wife the other day.
IT "Security" is reaching new heights of being bullshit. You
can't win, and asking people to buy multiple devices and keep
them continuously in sync is a bit much, and not even a guarantee
of safety anyway, as next week Google or Amazon will hit you with
some next weird trap to keep you "sekhure".
zadokshi wrote 9 hours 1 min ago:
I can easily imagine an AI algorithm noticing a user has two
phones, and deciding that is out of the ordinary and
suspicious, and locking you out of both.
gruez wrote 12 hours 0 min ago:
>IT "Security" is reaching new heights of being bullshit. You
can't win, and asking people to buy multiple devices and keep
them continuously in sync is a bit much
You likely don't need to buy multiple devices. I log in from
random countries/VPNs all the time and never have issues, but I
do have 2fa enabled. If your account only has a password and
there was a suspicious sign in attempt, it's reasonable for
them to ask for additional verification somehow because you
could be a victim of a credential stuffing attack. It's hard
for companies to win here. Either people complain about their
accounts getting randomly locked because they were on vacation
in Romania and tried signing in on a new device, or the
companies get grilled by the media for "failing to proactively
protect their users' data" or whatever.
TeMPOraL wrote 11 hours 48 min ago:
I would agree with you if there actually was anything
different in a suspicious way about those logins. There
weren't. Same devices, same ISP, same browsers, not even an
OS update in between. Just one day, few days ago, out of the
blue, Facebook decided to pop up a conformation request,
offering no alternative to confirming from "another device",
and that's with them knowing (or at least having that
information available) that there are no live sessions of
that account (the whole browser in private mode thing).
Maybe the companies can't win, but they also have themselves
to blame. They shouldn't have convinced people to entrust
their only copies of data with them. Your vacation photos
should not depend on someone's cloud platform. Half of your
entire offline life shouldn't depend on Google not randomly
locking you out of GMail. But here we are, and I'll keep
calling those "security updates" bullshit because they don't
care about long tail, and they don't care about hazards they
create for most of their users.
GoblinSlayer wrote 9 hours 39 min ago:
That's the reason to setup 2fa, because otherwise
monopolies can legally kick you. Well, they can kick you
anyway, because they are monopolies.
TeMPOraL wrote 6 hours 40 min ago:
2FA makes it easier, not harder, to lose access to your
account though.
figglestar wrote 9 hours 42 min ago:
My experience with Meta is it is just a PII fishing
expedition masquerading as a security check.
I abandoned my facebook account when they asked for my
driver's license scan, a few weeks later suddenly they
didn't need it after all. My BIL recently wanted me to
check sout omething he had setup on facebook and I found I
could "login" by clicking one of the "what are people
doing" spam emails they send. I've never used it on this PC
before and have no idea what the password even is anymore.
Super secure.
GoblinSlayer wrote 9 hours 20 min ago:
What would happen if you send them a realistic, but fake
generated scan?
zadokshi wrote 8 hours 59 min ago:
How many laws would that break?
GoblinSlayer wrote 8 hours 39 min ago:
It breaks a law when you are legally required to
authenticate. But when a random dude on the internet
asks you, you're not required to do anything.
dns_snek wrote 9 hours 51 min ago:
> and that's with them knowing (or at least having that
information available) that there are no live sessions of
that account (the whole browser in private mode thing).
Unless you explicitly logged out, they likely to see the
opposite picture, i.e. numerous "valid" sessions (as
opposed to active) that haven't been used for varying
lengths of time because you logged in, but from their
perspective, you never logged out. You just cleared your
cookies which means the session is still "valid", even if
it's inaccessible to you because the session cookies have
been cleared from your device.
I don't know if they take any of this into account but as
you've pointed out, assuming that the rightful owner of the
account must have access to a different session is a huge
assumption to make.
andersa wrote 12 hours 45 min ago:
This is standard Google behavior. Logging into Google on any new
device always asks me to confirm it on one of the other devices
that are logged in (i.e. phones, tablets). Suppose it's some kind
of 2FA.
yannis wrote 12 hours 36 min ago:
I understand the security concept of it. Luckily my trip was
short. As I also use wechat to communicate with some Chinese
friends, my experience was different. First it send me an OTP
on the new phone, then asked for two friends to send a number
to the phone. Luckily I had the phone number of one and I
managed to restore and to be honest having humans in the
pipeline was a plus. Negative this had to be done over 5
minutes otherwise you back to square one.
jjallen wrote 13 hours 7 min ago:
What are the odds of having this experience? Shouldnât they
affect your behavior?
recursive wrote 7 hours 59 min ago:
What's your recommendation? Try it 1000 times to get statistics?
Likelihood should affect your behavior in the same way it affects
whether it actually happens and it did.
"Fool me once..."
1123581321 wrote 7 hours 18 min ago:
One in a thousand wouldn't yield anything. Because it's such an
unusual experience (just a few of these happening around the
same time would create a news cycle), one in ten million is
probably closer since there are around a billion active Apple
accounts.
That's similar to the odds of dying in a non-Boeing plane ride.
Even if the odds were one in a million, that's about the odds
of being struck by lightning over a lifetime.
I'd think someone returning a phone over this was regretting
the switch for other reasons. It's fine to keep using Android.
recursive wrote 5 hours 23 min ago:
This is a reasonable point of view I guess. But there's not
really a reliable way for the consumer to get the real
probability. If it happened to me, it's likely enough to
consider. Maybe there's a hidden variable about my usage
pattern that makes it more likely. Since it's totally opaque,
there's no way to know.
1123581321 wrote 3 hours 14 min ago:
Sure, if actually happens to someone, they're rightfully
not risking it again. If for no other reason, it'd be
likely that a fresh account would be detected and
associated with the old one. Plus, whatever unusual
situation of yours triggered the ban, such as border
crossing or how you route your Internet traffic, would
probably still apply. (I'm not saying someone is doing the
wrong thing if those things are the case for them.)
cddotdotslash wrote 13 hours 15 min ago:
Google has done the exact same thing in the past, deleting Google
accounts without warning (which is arguably worse because not only
can you not access your phone backups but your email, calendar,
drive, etc. is gone too).
bdw5204 wrote 12 hours 47 min ago:
Companies that wrongfully ban or delete email or phone accounts
need to be civilly liable and this civil liability needs to
supersede any arbitration agreement or terms of service
agreement.
An Apple or Google account is far too important to people's lives
to let them hide behind the "we're a private company and can do
whatever we want" canard. They do need to have the right to ban
spammers or people using YouTube or Drive to infringe copyrights
but just randomly shutting off somebody's email or somebody's
ability to make video calls should be against the law. The same
would also apply to a text chat company like Slack or Discord
banning somebody's work account for no reason. Certain tech
companies have government-like levels of power over people's
lives so they need to be restricted in how they can treat users
like the government is restricted in how it can treat citizens.
oops wrote 12 hours 56 min ago:
> which is arguably worse because not only can you not access
your phone backups but your email, calendar, drive, etc. is gone
too
Some people use iCloud for email, calendar and storage so for
them I imagine losing access to Apple ID would be just as bad.
TeMPOraL wrote 11 hours 45 min ago:
Yeah, and to stress the point: this is not "can't send vacation
pictures to my grandma" bad, this is "might lose my company/my
job and my house" bad, as everything else in life treats one's
email (and increasingly, app 2FA) as infallible backup.
cal85 wrote 13 hours 15 min ago:
Apple lets you return anything, opened and used, within 14 days.
PedroBatista wrote 11 hours 14 min ago:
Apple doesnât really âletâ, the law demands.
cal85 wrote 1 hour 0 min ago:
Interesting, is that in the US? Iâve never heard of that
being required by law in the UK. I think itâs just an Apple
thing here. I mean we obviously have laws about refunds etc but
I donât think we have any law saying you can open any product
and start using it and then return it even if you have no
complaint with it.
adamomada wrote 6 hours 18 min ago:
They do eat the restocking fee that others would charge, taking
the haircut on refurb sales
Nextgrid wrote 13 hours 45 min ago:
What did the legal notice say?
dinckelman wrote 11 hours 48 min ago:
Nothing. Itâs just a link to the generic legal notice on
apple.com
luckylettuce wrote 13 hours 52 min ago:
This is scaryâ¦
dijit wrote 15 hours 22 min ago:
could be somewhat related, last week I had a successful login for my
Apple ID from a location I didn't recognise (somewhere in central
asia).
I noticed because I got a prompt on my phone, which requested I allow
(or disallow) the access.
Since I'm pretty good about password hygiene and security, I of course
changed my password immediately and force-signed out all my devices.
That being said: if someone has a password list and is using a bot to
scan them all; Apple will of course lock-out sign-in attempts.
Not to say what they're doing is right, there's better ways to handle
it. But if I were to apply very recent anecdotal data to this even then
this is a meaningful conclusion I could draw.
chrisjj wrote 13 hours 4 min ago:
> if someone has a password list and is using a bot to scan them all;
Apple will of course lock-out sign-in attempts.
Of course?? That would be insane. Password-guessing bots are all over
the place. Apple should not allow them to cause lockouts.
heyoni wrote 12 hours 21 min ago:
I wonder if thereâs a new leak out there with actually recent
passwords we just havenât heard of yet. If Apple got their hands
on it and confirmed a significant number of passwords were active
then taking drastic measures is their only option.
chrisjj wrote 11 hours 40 min ago:
I can't think of any source for suck a leak but Apple.
> taking drastic measures is their only option.
Less drastic would be to come clean and say the lockouts are by
Apple themselves.
heyoni wrote 10 hours 36 min ago:
I've seen a few posts by users claiming to use randomly
generated unique passwords. If that's true then it could be a
leak from apple. On the other hand it could also be that it's
not and the security response team is catching users not on
that leaked list due to unrefined heuristics.
On the third hand it is an apple leak, they've been given a
sample list by whoever is ransoming them so they've enacted
overly strict heuristics that apply to everyone.
Ylpertnodi wrote 14 hours 18 min ago:
>But if I were to apply very recent anecdotal data to this even then
this is a meaningful conclusion I could draw.
That being.....?
dijit wrote 14 hours 14 min ago:
that an account database is being brute force checked with various
leaked passwords, and accounts that are being brute forced are
being locked.
Its a common problem that can cause denial of service to users, but
failure to do anything can lead to account compromise.
chrisjj wrote 13 hours 2 min ago:
Can cause? Will cause, surely.
> failure to do anything can lead to account compromise.
Only on negligently managed accounts, right?
coldtea wrote 15 hours 44 min ago:
Remember when you didn't need any fucking online account to use your
computer?
Pepperidge farm remembers.
whoitwas wrote 12 hours 57 min ago:
I use both Mac and Windows with no Apple account or Microsoft
account. I lose some features, but gain privacy. Once I lost access
to a Windows machine.
cynicalsecurity wrote 5 hours 49 min ago:
There is zero privacy both on Windows or Mac.
chrisjj wrote 13 hours 14 min ago:
That ceased when your computer became their computer.
VelesDude wrote 13 hours 30 min ago:
Come join us in the free world of Linux (and related systems)... even
if the wheel do pop off for like no reason some times.
k8svet wrote 8 hours 15 min ago:
Nooo, then what will HN do with the multiple-times-a-week and
hundreds of comments a month complaints about proprietary systems
run by mega tech corps? Seriously I think there were FOUR different
"fix"-win11 tools on the frontpage in the last 6 days.
VelesDude wrote 3 hours 53 min ago:
I will take the wheels popping off occasionally over whatever
that 8-dimentional abyss of hell that is Windows 11.
Aeolun wrote 13 hours 12 min ago:
Itâs so nice when you can leave your computer alone for half a
year, come back. And find that nothing has changed.
endgame wrote 13 hours 34 min ago:
Linux is still here.
tkiolp4 wrote 13 hours 3 min ago:
Problem is hardware. I donât like macos nor Apple, but their
laptops are the best hardware out there.
randunel wrote 12 hours 48 min ago:
I see this repeated over and over, but there's no proof that
"apple hardware" is better than any combination of every possible
hardware out there, it's just fanboyism.
Anecdotes of bad hardware are everywhere, given that the majority
of hardware are cheaper thus more prevalent. But a comparison of
all possible hardware with the same price points? Not feasible,
so it's all just feels.
int_19h wrote 1 hour 23 min ago:
I've been using Thinkpads since 2006, including fancy high-end
ones such as X1 Carbon. I'm typing this on a newly purchased
MacBook Air, and I do have to say: it really is very good in
terms of hardware. And I don't mean specs, but ergonomics.
Trackpad is truly as awesome as they say, keyboard is
surprisingly good (kinda expected to hate it and amazed at how
fast I can type on it), and overall it is just very
comfortable. The battery life is unbelievable coming from
Intel.
The software, now, that's a very different story. I really wish
I could run Linux on this thing.
verandaguy wrote 12 hours 14 min ago:
I'll preface this by saying that this is not a defence of
Apple's SSO issues as outlined in this article; but I think I
can bring some quantifiable points to this discussion.
Anecdotally, after over a decade of professional computer use:
- No laptop as light as an MBP that I've been exposed to comes
close to the weight-to-stiffness ratio of that case
- No laptop out there has a trackpad that feels anywhere close
to the MBP, that I've seen. It's a combination of palm
rejection, latency, fineness of controls, and correct handling
of multi-fingered gestures, with the actual glass of the
trackpad being nice too.
- Most other laptops out there don't ship with as good a
display. Granted, the MBP displays aren't P3 calibrated or
anything, but the colour reproduction is great, and the HiDPI
clarity is excellent. Font rendering in particular is
outstanding.
That's just to name a few headline features. Is it possible to
buy/build a laptop with those similar qualities? Hard to say.
Trackpad drivers in particular tend to be tricky, and Windows
precision drivers are the closest I've seen to Apple's trackpad
feel, but those will typically fall apart on material feel.
I doubt that you'd be able to make or buy a daily driver that
feels as good while spending a reasonable amount of money, and
you'd likely spend a good amount of time sourcing parts.
I've had the opportunity to use three other laptop types during
my career: two reasonably recent (at the time I had them)
Lenovo Thinkpads, a Framework (briefly), and a recentish Dell
Latitude.
The Thinkpads stand out, but fall short on the display and
trackpad points; otherwise they had a reasonably rigid keyboard
compared to the MBP. The Framework was fine, honestly. The
modularity is excellent, but the deck flex on the first-gen
model was way more than I'm used to, and the display colours
were deeply meh. The Latitude was bulky, but I mitigated that
and other issues by just running it closed-lid and plugging it
into a display, mouse, and keyboard.
hgyjnbdet wrote 15 hours 59 min ago:
I can only imagine the uproar if this was happening to the users of any
other company. But it's pretty muted here with a lot of consideration
given for apple rather hostility. Nice to see.
CodesInChaos wrote 15 hours 44 min ago:
Other big identity providers suck too. For example, google attempts
to extort a phone number by randomly locking me out of one of my
accounts.
kmlx wrote 15 hours 38 min ago:
i switched to passkeys on google and now i no longer need to input
codes or passwords.
there are caveats to passkeys thou.
cpa wrote 16 hours 27 min ago:
Not exactly what's outlined in the article, but earlier this week I
encountered an issue where I couldn't log into my laptop despite
entering the correct password (it kept showing 'wrong password'
errors). I managed to reset the password using the recovery feature
through my Apple ID, but it was still unsettling.
notemaker wrote 16 hours 33 min ago:
With risk of being spammy, this is probably the most relevant
discussion I've seen so far on HN w.r.t my experience of being locked
out from my Apple ID.
I hope legislation will force Apple to step up and be more transparent
/ helpful.
URI [1]: https://skogsbrus.xyz/dont-put-all-your-apples-in-one-basket/
borgbean wrote 8 hours 17 min ago:
This is why I don't sign in or enable 'find my' on any of my devices.
Apple even has a backdoor which bypasses the encryption, allowing
them to wipe a device in store.
Logging in takes control of your device out of your hands.
thefifthsetpin wrote 8 hours 2 min ago:
Why would you need to bypass encryption to wipe the device?
borgbean wrote 7 hours 24 min ago:
Because that is the way apple designed it. Try wiping a locked
apple device without the password or recovery key.
initplus wrote 10 hours 58 min ago:
Donât want to sound like Iâm victim blaming the author. But I can
tell you exactly the issue with their account: registering with an
email on a self hosted .xyz domain. Using sketchy tldâs is just
asking for this kind of trouble.
URI [1]: https://news.ycombinator.com/item?id=28554400
yau8edq12i wrote 7 hours 58 min ago:
"Sketchy tld"? Even google's parent company uses it for its
corporate website.
jabroni_salad wrote 6 hours 50 min ago:
I babysit a few corporate mailfilters and have more spam from
.xyz than from all other TLDs combined. I dont block on that
(most get disappeared due to 'new domain') but that's the cohort
all .xyz pages are sharing.
xyz has been accomodating to scammers ever since its inception.
After a decade I think we can say that it is on purpose.
Zambyte wrote 8 hours 31 min ago:
I would say that SMS and invasive email services are sketchier than
using .xyz.
initplus wrote 8 hours 4 min ago:
You end up fighting an uphill battle against every third party
that blacklists .xyz, Itâs not worth the fight just to use a
cute tld and save a few dollars on registration cost.
beeboobaa3 wrote 8 hours 54 min ago:
Nothing sketchy about self hosting your email. Sure, that is what
the big tech cartel wants you to think so you're forced to let them
handle your correspondence "for your own safety". Don't believe
their lies.
initplus wrote 8 hours 7 min ago:
Issue isnât self hosting email, itâs self hosting it at .xyz.
They had one of the cheapest registration costs. And so ended up
with a high concentration of spammers compared to older
established tldâs like dot com. Using the tld for legitimate
purposes is really challenging due to the high number of systems
that flat out blacklist it.
beeboobaa3 wrote 8 hours 3 min ago:
Making assumptions on someone's right to communicate based on
their choice of email domain is discrimination, and only serves
to drive people to their walled gardens.
thomaslkjeldsen wrote 13 hours 21 min ago:
From the timeline:
> got my Macbook Pro from work and signed in to my Apple ID on it.
Wouldn't this result in unintentional data sharing from the work
device to your personal devices? (and vice versa)
orloffm wrote 4 hours 1 min ago:
It's enabled in some corpos. Allows one to make AirPods auto-jump
between one's iPhone and work laptop etc.
HumblyTossed wrote 7 hours 11 min ago:
Yeah, I would never do this. My work iPhone is on a whole separate
Apple Id than my personal phone.
Never mix work and personal. It isn't worth it.
notemaker wrote 12 hours 1 min ago:
In hindsight, yes that was a bad move (especially considering that
my work laptop is still locked to my banned IDâ¦)
As an Apple noob at the time, I assumed that if my MDM-managed
device prompted me to log in with my Apple ID, that it of course
would be an allowed action.
With regards to data being shared, the only thing I noticed was
wifi passwords and peripherals pairing (apple keyboard).
nerdponx wrote 13 hours 9 min ago:
Yes, do not do this.
phantomathkg wrote 14 hours 22 min ago:
I would expand to cover not only Apple, but Google and Microsoft.
1970-01-01 wrote 12 hours 32 min ago:
You don't have a requirement to have an email account to login to
Windows. MS is pushing it hard, (deceptive trend in big software)
but the user can still push back.
antiframe wrote 6 hours 34 min ago:
I don't know if its still true today, but last time I setup a
macOS machine (2020), it didn't require, but pushed, an Apple ID.
My Pixel phone I setup this February also didn't require, but
pushed, a Google account. I think iOS did require an AppleID,
though.
int_19h wrote 1 hour 40 min ago:
macOS doesn't require Apple ID, although you wouldn't be able
to use the app store without it (but pretty much everything
worth installing is available as direct downloads anyway). This
is similar to the current state of affairs with Win11, except
that the latter very aggressively pushes you to use your online
email/password as Windows login, whereas macOS insists on
having a local account even if you do also set up Apple ID.
1oooqooq wrote 14 hours 40 min ago:
"I'm daily afraid something bad will happen with a thing I'm paying
monthly and which i could replace with something slightly less
convenient but safer, yet i will just pray to a government i have
never participated in any way or form"
quitit wrote 16 hours 36 min ago:
As a tip: use your AppleID to generate a secondary email that you use
for your day to day email, while keeping the login email secret.
The problem stems from nefarious groups getting a hold of email
addresses and running distributed dictionary attacks.
Appleâs response is to prevent all logins (including valid ones) from
accounts that are under attack.
Unlocking the account involves calling Apple, theyâre not going to
tell you why the account was locked.
felsokning wrote 2 hours 56 min ago:
> The problem stems from nefarious groups getting a hold of email
addresses and running distributed dictionary attacks.
I use [REDACTED] as a provider and I create an email address/account
(if possible) per company/domain I interact with (e.g.:
personal_github@domain.tld or amazon_personal@domain.tld). This
produces two results:
1. No shared credentials across any space.
2. Any junk emails to these addresses immediately tells me who's sold
it (or been hacked) and I delete the account[s] and relevant email
aliases and get on with my day.
Some services, like Firefox, are starting to offer a form of "hide my
email address" but this doesn't solve the problem of using as the
same login id across a lot of services. If that was dumped somewhere,
it is probably a strong bet someone has used that as their login,
elsewhere.
I don't know if there's another viable solution - but this reduction
of possible login ids to one unique id per site is the only way I
know how to (possibly) prevent myself from being an easy dictionary
attack target.
Edit: formatting
exitb wrote 7 hours 30 min ago:
My AppleID login is my primary GMail account, but with a +postfix. I
guess it achieves the same purpose, but with less mailboxes.
everybodyknows wrote 8 hours 3 min ago:
> The problem stems from nefarious groups getting a hold of email
addresses and running distributed dictionary attacks.
Are Google accounts similarly vulnerable to such attacks?
beeboobaa3 wrote 8 hours 47 min ago:
"As a tip: Do something completely unintuitive, annoying and also you
had to have started doing this years ago, and maybe apple won't lock
you out. Fingers crossed!"
quitit wrote 4 hours 35 min ago:
No need for snark, you can change your Apple ID at any time.
chrisjj wrote 13 hours 13 min ago:
> The problem stems from nefarious groups getting a hold of email
addresses and running distributed dictionary attacks.
Citation requested.
rovr138 wrote 12 hours 15 min ago:
Wife got locked out yesterday.
Got a message on her phone (settings notification). She had to
change her password through the settings app.
Called Apple just to check and they said they werenât seeing any
weird activity. That they did see the password was changed, but no
weird login or attempted logins.
So, in my sample of 1, that wasnât the case.
chrisjj wrote 11 hours 44 min ago:
> they said they werenât seeing any weird activity
Yet did not give a cause for the lockout?
malka wrote 14 hours 47 min ago:
What a shitty idea to use public information as a login.
ChrisMarshallNY wrote 13 hours 51 min ago:
That depends.
In the app we have released, we use an email (we donât care which
one, as long as it can receive email) as the login ID.
The main reason is to limit the data we require be stored on the
server.
We only have one required PID item: the login ID. The user also
enters a display name, but that can be anything, and does not need
to be unique.
Since we need the email anyway, we would need to have it stored
separately, so this means only one PID item is stored. We also
afford Sign in with Apple, which allows the user to obfuscate their
email.
Not having the information is the best way to ensure it doesnât
leak.
antiframe wrote 52 min ago:
Would it not be better to allow arbitrary login IDs? Then you
don't even have to store email addresses?
kmlx wrote 15 hours 42 min ago:
i also did this: created an email address that i use exclusively on
apple. it actually wasnât hard at all.
zero issues since.
> The problem stems from nefarious groups getting a hold of email
addresses and running distributed dictionary attacks.
years back my email was leaked by a website that i never visited.
apparently someone signed up using my email address and the website
never verified the email.
in the meantime more and more people used the same email address [0]
to signup everywhere (itâs not the same person, i checked).
[0] gmail ignores dots in usernames: [1] .
at this point my emails should be random hashes@random hash domain
URI [1]: https://support.google.com/mail/answer/7436150?hl=en#:~:text...
everybodyknows wrote 7 hours 56 min ago:
> gmail ignores dots in usernames
Does account sign-in also ignore dots? If not, if sign-in is
sensitive, there's a path to somewhat better safety: Start
incrementally moving all daily email to variants containing added
dot characters.
quitit wrote 12 hours 42 min ago:
Another tip is to run a custom domain for email that just serves to
redirect mail to your real email address. It's is a handy way of
keeping track of how and who has leaked your information.
For example I give custom email addresses to every service I sign
up for, then I can see who they on-sold that information to, or if
the email address turns up in database hack.
The only thing to be mindful about with this approach is to choose
a service that gives you a fair bit of control over how to manage
that incoming email. Such as being able to bounce or block specific
email addresses including the use of wildcards, because I notice
some hacking groups will try permutations based on the original
email address.
blackeyeblitzar wrote 16 hours 59 min ago:
One frustrating thing about Apple is that if you try to get help, there
isnât really any way to do it. There isnât any way to open a real
support ticket that will be seen by an engineering team there. The
store staff can only do basic things. And if you go to their forums,
you will get bot-like responses telling you to follow some useless
generic steps that do nothing for your specific problem, or weird
replies justifying some obviously incorrect thing with an Apple product
like asking why you would even want to do whatever youâre trying to
do. I am not even sure who those people are that troll those Apple
forums and serve as Apple apologists - like if they are employees of
Apple or random users - but they are completely useless and basically
deter anyone from seeking help in the first place.
It is staggering that a company this big has nonexistent support and I
think given the decline in their quality over the years, this will
become a bigger and bigger problem. Unfortunately for most people the
alternative is Windows, where Microsoft is abusing their monopolistic
market power to shove ads and their services everyhwere.
We really need new antitrust laws to break up these companies and
support fair competition, and we also need regulations to reign in the
biggest technology companies.
vineyardmike wrote 15 hours 38 min ago:
Not trying to excuse their behavior, but my best friend and roommate
was a part time phone support in college so I learned a few tricksâ¦
1. They get a lot of dumb questions. If you want a âtalk to an
engineerâ bug report, you really need to prove competency to the
support staff. Obviously be nice because theyâre not the source of
your problems theyâre just trying to do their job.
2. Chat staff arenât able to do much, phone staff have more power
and insight. Chat staff canât see your account, canât issue pity
refunds, canât make choices outside of the generic script. You
should call during US business hours if youâre trying to call the
US support. Best case scenario is finding a college student.
3. Theyâre required to have you follow the generic published help
scripts first. If you pull up the webpage and directly tell staff you
followed each step - then read them the steps for proof you know them
- theyâll often be able to just to the âcustom helpâ portion.
4. If you make any reference to the TOS/Laws/etc they will mark your
account as troubled and you will never get service again. You get
legal canned responses only. They seem you not a valuable customer
anymore. Donât reference warranty law, definitely donât threaten
to sue, etc.
5. They can see how many apple products you have registered, how much
you spend, etc and the customer service agent can decide how generous
to be. If you only own a 5yo iPhone, and youâre contacting support
claiming the screen magically broke in your sleep they wonât help.
If youâve upgraded every iPhone in your house every year for a
decade, they might be nice when it âmagically breaks on its ownâ.
6. They have minimal training outside of the above mentioned docs.
Again, the phone staff has better training. They have common devices
in front of them, and if you can get someone sympathetic on the
phone, they might try to reproduce it live. Thatâs the golden
ticket to a bug report.
LocalH wrote 10 hours 11 min ago:
>4. If you make any reference to the TOS/Laws/etc they will mark
your account as troubled and you will never get service again. You
get legal canned responses only. They seem you not a valuable
customer anymore. Donât reference warranty law, definitely
donât threaten to sue, etc.
This is problematic. They'll be happy to parrot out whatever TOS
section you violated if you get banned under TOS, but completely
stonewall you if you bring it up?
In situations like these, I draw analogy to a hypothetical legal
system that does the same thing. Imagine that you are defending
yourself in a court of law, and you bring up a specific legal code
in your defense. The court then brickwalls you and assumes you are
a bad actor, and you get thrown in jail. I know the analogy isn't
perfect, but none are.
vineyardmike wrote 6 hours 7 min ago:
I assume the intent (right or wrong) is that they donât want to
deputize phone staff to deal with âlegalâ issues. Theyâre
not lawyers, so if you make it a law issue, theyâll move you to
a law support. But a big company wonât actually have a lawyer
argue over the phone - lawyers like âcourts or quietâ
policies.
chuckadams wrote 8 hours 27 min ago:
The main problem is all the kooks who will dispute an overdue
payment by citing the Constitution, the Flag Code, and the Magna
Carta. You canât have support staff engaging with these
people.
1oooqooq wrote 2 hours 9 min ago:
if you you don't pay or instruct staff enough to understand the
difference, something's really bad at a company with that
excuse.
int_19h wrote 16 hours 41 min ago:
For a non-business user, the situation with support (or rather lack
thereof) is pretty much the same across Microsoft/Google/Apple. It's
amazing that this is even legal, especially when it comes to account
suspension/recovery.
throwaway290 wrote 16 hours 47 min ago:
Can't you go to an Apple Store? Every time I see some customers seem
to have a problem around Apple ID and such and staff helping. The
opposite of Google, Microsoft etc. And there is a recovery process
for Apple ID if you don't use a recovery key (and I guess if you have
some government ID or such).
SSLy wrote 16 hours 33 min ago:
Nearest is 600 km away.
throwaway290 wrote 15 hours 38 min ago:
A couple of times in the last years I called them and they were
helpful, but my issues were hardware so can't speak for Apple ID
related stuff. When you schedule a call in the gui there are
options for software troubles I recall though.
amelius wrote 15 hours 39 min ago:
You can't call them?
FireBeyond wrote 9 hours 6 min ago:
Hah. You expect that calling a store - after you get through
the phone tree that gets you to the actual store, that someone
at the store is going to sit down and start providing you
customer support? No, they're going to tell you to make a
Genius appointment, or go to the web, or their support number.
They're not going to take time off of the floor, and if they do
transfer you to the Genius bar, you've got 3-5 minutes, if
that, to get an answer, before they too, do the same thing.
The idea that a sales person in an Apple store is taking 20
minutes or more off the floor to provide some random caller
tech support when they don't have any of the tooling around it,
can't see your account, very little if any access to support
databases, let alone account manipulation, is laughable. Apple
does a lot of things. This isn't one of them.
CatWChainsaw wrote 11 hours 37 min ago:
On... the phone?
I really doubt that calls are disabled since it's "just"
appleids, but the irony is still amusing. Landlines still have
some uses after all!
holoduke wrote 16 hours 59 min ago:
In the future you have people living in excile because the conputer
says no. Nobody understands why. Nobody knows how to fix it. The
computer says no. Nobody gives a damn.
You have no access to a bank account. No access to find a job. No
access to get health care etc
chrisjj wrote 12 hours 52 min ago:
The only protection is to subvert the system by using a false ID in
the first place.
Ultimate irony.
robocat wrote 13 hours 17 min ago:
Computers don't make mistakes:
URI [1]: https://www.youtube.com/watch?v=wzFmPFLIH5s
TheRoque wrote 15 hours 55 min ago:
I suggest people to watch "I, Daniel Blake" who talks about
malfunctioning administrative systems, and nobody caring about it.
I'm aware it's not related to credential issues, but I see it as the
same: you have an issue that's related to an edge case, and nobody
gives a damn about it, nobody takes the responsibility to look and
see what's wrong about it
initplus wrote 16 hours 23 min ago:
In the future? This is almost certainly already the case.
goodburb wrote 17 hours 8 min ago:
Couldn't see older photos/videos in the Photo app.
Reminder for any iOS user that needs instant iCloud Photos backups
(instead of manual monthly), get a Mac Mini, enable the Photos app,
disable optimize for storage and keep it on to keep your memories safe.
Always check the recently deleted folder on the Mac every month since
iCloud by design is a two-way sync and not a backup, unlike most clouds
that are one-way upload (doesn't touch your local files).
Cold storage backup every month using the photos on the Mac should be
easier as well.
radicality wrote 8 hours 51 min ago:
Thatâs part of the reason I always opt for the highest possible
storage on my main MacBook whenever upgrading - to set Optimize=off
for Photos and iCloud. Last upgrade was the 8TB M1. And then I
connect that to a local NAS Time Machine backup every few days.
cjk2 wrote 14 hours 50 min ago:
Yeah this. I keep a weekly time machine and quarterly "copy
everything to an SSD without time machine" backup in place.
sambazi wrote 15 hours 9 min ago:
an old linux laptop with a ubus-rule to rsync DCIM-folder upon
device-uid connection would also work and not be dependent on apple
products
mmcnl wrote 16 hours 34 min ago:
Or use iCloud Photos Downloader once in a while:
URI [1]: https://github.com/icloud-photos-downloader/icloud_photos_do...
FBISurveillance wrote 16 hours 52 min ago:
Adding to that, also suggest having a self-hosted Immich on a home
server.
newrotik wrote 17 hours 16 min ago:
Only tangentially related, but I have been trying to enroll for Apple's
developer program for almost 3 months now.
Understanding what the problem is is essentially impossible. Going to a
physical store doesn't help, calling their customer service has them
telling you to go to www.apple.com/support (???), and writing for
support has them rotate you through 4 different, and decreasingly
useful, representatives.
The last response I got I was told the issue had to be handled by yet a
different representative and it would take an "indefinite amount of
time". Which may be a nice way of them saying it's never going to
happen.
It really is demoralizing when you realize there is nothing you can do
really, even in cases when you have done nothing wrong.
Not impressed to say the least.
015a wrote 5 hours 24 min ago:
A friend and I spent a month or so building an iOS app we were hoping
to release and monetize, but we're also entirely unable to get a
developer account created. Corporate entity, DUNS number, American,
extremely boring people, and just a generic "Error creating developer
account" on the signup form. Apple's support was hopeless in helping.
We gave up and re-built it as a web app. The thing that convinced me
was the realization: When was the last time you installed/used a
non-game App on the app store that, by your assessment, has less than
1 million users? I looked down my list of installed apps and realized
that indie apps are kinda dead anyway. And our web app has been
pretty successful.
richardjdare wrote 8 hours 16 min ago:
I've had a similar problem trying to renew my Apple developer
account. Had it for over 10 years. I had an email a few weeks ago
telling me it could not automatically renew (same bank details that
worked fine last year). Nothing I could do on their website would
make it work. I got hold of someone on their online chat who directed
me to the Apple developer forums.
I gave up in the end. But I will have to sort it out before I can
release the Mac version of my current project.
prmoustache wrote 15 hours 37 min ago:
Then don't develop for them.
WA wrote 13 hours 39 min ago:
People develop for other people and markets, not for Apple.
prmoustache wrote 10 hours 19 min ago:
They are still working for Apple indirectly, especially if they
sell through the app store.
beeboobaa3 wrote 8 hours 52 min ago:
That's a funny take. I guess Apple is going to pay my sick
leave, then? Buy me the hardware I need to do my "work for
them"? No? Weird, guess I'm not working for them at all in any
way.
k8svet wrote 8 hours 22 min ago:
No, you're right, it's actually worse than if you worked for
them. Lmao. Really the worst of all worlds. You're dead in
the water with out their platform, without their grace, or
with all of those things, but their incompetent auth
platform.
adamomada wrote 6 hours 3 min ago:
You could reframe that easily by saying that without Apple
making the hardware and services exist, there would be
nothing to run your app on. Itâs a symbiotic
relationship: devs need Apple and Apple needs devs.
beeboobaa3 wrote 8 hours 17 min ago:
I'm not sure what your point is, but I 100% agree with you.
Apple is awful, and you have to be downright masochistic to
develop for their platforms. Thinking you're their employee
when you develop for their platform is laughable.
k8svet wrote 8 hours 14 min ago:
Oh, good reminder for me to watch my tone. My bad.
utensil4778 wrote 9 hours 10 min ago:
No
sammy2255 wrote 16 hours 45 min ago:
Register yourself as a company
nativeit wrote 15 hours 30 min ago:
This requires a Dun & Bradstreet DUNS ID number, which isnât the
most difficult thing in the world to obtain, but also isnât
trivial, especially if you donât actually have any formal
business documents.
refulgentis wrote 9 hours 20 min ago:
Yeah, can say from recent experience this just adds _more_ steps
and opportunities to ghost for a couple weeks, get another vague
email, ghost for a couple weeks...took me about 3 months to get
it all going.
The DUNS stuff was pretty funny. All flows related to getting an
ID have a big "Are you doing Apple dev stuff?" button. It's like
Apple outsourced support to them. Apple's DUNS lookup tool saw my
business and the correct DUNS number, but trying to register with
it got an error...eventually dissipated after a couple weeks.
Same story for registering an account in the first place: it
refused to register james@tld.com, where tld is a Google
Workspace account, with no discernable error. Again, dissipated
after 3 weeks, thankfully.
adastra22 wrote 17 hours 12 min ago:
I had similar issues, and I wish I could remember what solved it. It
was something stupidly dumb like I had to log out and log back in on
my phone or something. There have a couple of different edge case
bugs that prevent people from signing up, and Apple customer support
is useless on this.
brailsafe wrote 16 hours 59 min ago:
Same here. It was something trivial with the form that I fussed
around with until it worked, or maybe I didn't have iCloud enabled
at all and the form didn't alert me about it.
HaZeust wrote 17 hours 19 min ago:
To this day, I still get random "Enter your password to continue using
iCloud" push notifications on my iPhone with no relevant action to
trigger such a notification.
My Apple ID uses a unique password, I keep a recovery key, I don't have
its login credentials saved anywhere, and it's a dev account; so I have
my LLC's DUNS number attached to it. My devices are the only ones
listed in my settings portal.
I have no idea why I get these notifications, lol.
jncfhnb wrote 7 hours 41 min ago:
Probably some regularly scheduled attempt to sync
garyrob wrote 8 hours 2 min ago:
I got that prompt on all my apple devices a couple days ago. I just
clicked Cancel on every one. The prompts stopped coming and
everything seems to still work. I don't know whether there will be
some ongoing problem with my AppleID that I'm not aware of yet, but
so far so good.
ratg13 wrote 12 hours 39 min ago:
Perhaps you are connecting from a VPN or endpoint that known bad
actors have also used in previous attacks (university network, guest
network).
Or a device on your network is or was compromised and used as a
channel to attack others on the internet.
Or your ISP has given you a public address where the last owner was
abusing it.. or perhaps the whole ISP block has been added to a
shitlist.
coldtea wrote 15 hours 37 min ago:
>I have no idea why I get these notifications, lol
Perhaps so that someone who found your iphone unlocked can't just
keep using it and your iCloud in perpetuity?
jamescontrol wrote 15 hours 0 min ago:
I think he means, what causes apple to trigger those notifications.
I donât remember ever seeing that prompt, at least not without
myself doing some action to trigger it.
coldtea wrote 14 hours 16 min ago:
>I think he means, what causes apple to trigger those
notifications
Yeah, that's what I tried to guess too. Like, maybe those are
sent periodically?
Could be there's some heuristics like "logged in from a different
city" or such, too.
dsego wrote 17 hours 22 min ago:
The thing that scared me recently was two updates that gave me new
encryption keys. At first I trusted apple and wrote down the new key.
But I became suspicious after the second update and checked online. It
seems like it's happening to others, so I used the recommended
command-line tool to verify my new encryption key and it didn't verify.
Apparently it works after disabling and enabling encryption, but
I'm just keeping it disabled for now.
nsagent wrote 1 hour 47 min ago:
Oh wow, thanks for the heads up! Turns out my recovery key was also
invalid... That's something Apple really should have notified people
about. These kinds of slip ups without notifying users is terrible.
n8henrie wrote 12 hours 38 min ago:
Sorry, can you give a few more details? Are you talking about
FileVault encryption on your Mac? Or the newish iMessage encryption?
And what command line tool are you referencing?
dsego wrote 12 hours 20 min ago:
Oh sorry, I would edit the comment but it's locked, I realize now
it's not that clear. This is about FileVault encryption on Mac and
the recovery key. I think the command was `fdesetup
validaterecovery`.
blegr wrote 11 hours 45 min ago:
This is less severe than losing an account because at least the
encrypted drive is backed up, right? :)
jmkni wrote 13 hours 39 min ago:
Dumb question but how did you find this out? Do you manually check
after every software update?
dsego wrote 12 hours 31 min ago:
On the first update when it showed me the message, I trusted it and
wrote down the new key and threw the original piece of paper into
the trash. Then the second time it showed up, I became suspicious
and did a quick google search and then ran the command tool just to
confirm that the new backup key validates, but it didn't. My hunch
is that it was still using the original key I had set up myself,
but I couldn't confirm since I had tossed it.
Exuma wrote 11 hours 43 min ago:
Can you share the command
dsego wrote 11 hours 36 min ago:
I think it was fdesetup validaterecovery.
renk wrote 14 hours 41 min ago:
That was the moment I started browsing âfreebsd desktopâ forum
postsâ¦
fsflover wrote 3 hours 28 min ago:
You should try Qubes OS instead.
1oooqooq wrote 14 hours 48 min ago:
maybe apple is tired of copying Samsung and will copy google for once
:)
URI [1]: https://news.ycombinator.com/item?id=38043574
walterbell wrote 15 hours 24 min ago:
> updates that gave me new encryption keys
On iOS or macOS? Was a consent dialog presented before the update was
installed?
tzs wrote 9 hours 28 min ago:
I'm not him, but for me it was MacOS. After the update was
installed and the system rebooted it presented a dialog asking if I
wanted to be able to use iCloud for recovery if I forgot my Mac
login password. I let it set that up.
Afterwards I wondered if it was just storing the recovery key I
already had in iCloud or if it had generated a new recovery key and
my saved one was invalid.
I checked my recovery key ("sudo fdesetup validaterecovery") and it
was no longer valid. A bit of Googling failed to turn up a way to
get a copy of the recovery key that was in iCloud, and I decided
I'd rather have a recovery key I store myself in case I need to
recover when I cannot get online so I switched it back.
Switching back is easy. You just turn off FileVault, then turn it
back on and choose to manage the new recovery key yourself.
dsego wrote 12 hours 30 min ago:
Sorry, macOS, I don't remember about the consent.
adastra22 wrote 17 hours 14 min ago:
This also spooked me. Iâm a former security professionalâthere
are few good reasons Apple should be doing this, and it smells of a
targeted attack. If I had a zero-day exploit to steal your data, this
is what it would look like.
In the other hand, if Apple suddenly found out that a good chunk of
encrypted volumes werenât actually encrypted / the key was
recoverable by an offline attacker, this would also explain the
facts.
But the lack of explanation from Apple is troubling.
fuomag9 wrote 16 hours 14 min ago:
Yeah, Iâm one of the people affected by this and it has happened
to me on multiple machines on multiple updates and I have no idea
whatâs happening. Of course the keys do not actually work like
for everyone else, which is even worse from a consumer UX
standpoint (if I didnât knew better Iâd just throw away the old
keyâ¦)
adastra22 wrote 9 hours 51 min ago:
It's on my todo list to backup and wipe that machine at some
point. It's a desktop machine, not a laptop, and I don't save the
recovery key to my iCloud, so I don't see how this could be a
security threat. But something smells fishy.
tempodox wrote 17 hours 42 min ago:
Scary indeed. I tried it just now, after I saw the headline, and I
could log into iCloud. But then, I have 2FA activated on my account
and Safari uses Sign in with Apple to log in. Or maybe whatever
problem it was has been fixed by now.
vbezhenar wrote 17 hours 42 min ago:
I'm using my own domain for e-mail, but obviously I need another e-mail
for registrar, hoster, etc. I used to use gmail for that, but recently
switched to icloud as I thought gmail is too dangerous with Google
banning people around. Seems Apple's no better.
I have no idea how to untangle this dependency chain. I'm using
registrar in my country, so if everything goes wrong, I can just
contact them with my ID and hopefully fix things up, but I'd prefer to
have 100% reliable e-mail in the first place.
hx833001 wrote 15 hours 0 min ago:
As long as you can change your Mx records, it doesnât matter who is
hosting your email. If Apple had a problem, you could switch it to
any other provider and request the reset email again, etc.
stavros wrote 15 hours 34 min ago:
Fastmail is the best email provider in its own right, plus it's not
Apple or Google. Their support is extremely responsive, even in
technical matters.
chrisjj wrote 13 hours 9 min ago:
FM support is indeed excellent. But FM service has issues e.g.
search faults which mean labels may bring up different results on a
different day.
layer8 wrote 12 hours 21 min ago:
All mail synced locally with local search is still best.
chrisjj wrote 11 hours 44 min ago:
Agreed, but only where local is acceptable.
freetanga wrote 17 hours 0 min ago:
Maybe an .edu account from a University or so? Thatâs my approach
to the same issue.
And my email is on Fastmail under a custom domain. They have good
support so far
1oooqooq wrote 14 hours 26 min ago:
after the education capture race of 2022, every single institution
in the world is either google or Microsoft.
greenavocado wrote 16 hours 16 min ago:
You can't use the edu after you leave the institution
vineyardmike wrote 15 hours 52 min ago:
Many places will let you. Many more will let it forward to a new
email address.
Anyone who published papers which included their academic email
address will want it to persist forever. Paper publishing happens
to be a special priority for many educational institutions.
cjk2 wrote 17 hours 34 min ago:
The only thing you need to own is your primary email address and as
long as thatâs on a domain you own then you can move it. Thatâs
about the only independence there is these days. If you use
@icloud.com or @gmail.com for everything then youâre screwed.
You have to depend on someone somewhere. Just make that dependency
less of an issue should anything show stopping happen.
Personally Iâd like to see some legislation around identity
providers and service levels and account retention.
stingraycharles wrote 17 hours 20 min ago:
Yeah keep your email provider and iCloud provider separate. For
password management, use something like 1Password, and you got your
main âidentitiesâ separated. In case of losing access to either
of them, the impact will be relatively contained.
mdavidn wrote 17 hours 20 min ago:
I think vbezhenar's point was simply that the recovery e-mail at a
registrar should not depend on a domain managed by that same
registrar. The registrar can update MX records.
layer8 wrote 12 hours 17 min ago:
You can have two domains at two different registrars, each
hosting the recovery mail address of the other.
cjk2 wrote 17 hours 18 min ago:
Good point! I will look at my configuration for that.
ricardbejarano wrote 17 hours 40 min ago:
I do this with ProtonMail, that's my root email. Not for any
particular security reason. It's just another email provider.
cjk2 wrote 17 hours 46 min ago:
Not sure if itâs a valid data point or not. I manage 7 peopleâs
Apple ID accounts. This has happened a few times including twice last
night but only on the people who use the @icloud.com as their primary
email address. Assume that is related to password guessing attacks.
Both addresses are in public email leak databases.
Can only advise that you should have recovery contacts and a recovery
key set up in case something goes wrong.
quitit wrote 16 hours 31 min ago:
Iâd say your guess is right - the accounts typically get locked
because hacking groups are running attacks on lists of email
addresses.
The email addresses ending in @icloud.com are scraped from a master
list and the attack is directed to apple, while the custom domains
are ignored because there is work involved in figuring out where
those are hosted.
iCloud lets the user generate secondary email addresses, itâs
better to use that and keep the login email address secret.
throwaway290 wrote 17 hours 34 min ago:
> If you lose your recovery key and can't access your devices, Apple
won't be able to help you regain access to your account or your data.
Seems like a dangerous advice for a regular person who can just go to
Apple and get stuff back?
cjk2 wrote 17 hours 31 min ago:
Quite possibly. But itâs roll dice and hope Apple will fix it or
guaranteed have a way out.
Regular person canât even remember their email address so a good
point though.
throwaway290 wrote 17 hours 31 min ago:
Can you disable recovery key later?
I ask because Apple's docs helpfully say
> If you decide to stop using a recovery key, follow the steps
above on your device and turn off recovery key. When you do, you
can use account recovery to regain access to your Apple ID.
But the "steps above" only describe how to turn it on, not off.
Edit: thank you.
cjk2 wrote 17 hours 29 min ago:
There is an option to disable it but Iâve never tried it. So
I assume yes.
LAC-Tech wrote 17 hours 48 min ago:
What does it mean to be locked out of your Apple ID? What's it used
for?
happymellon wrote 17 hours 29 min ago:
Your Apple Id is used for everything Apple related.
To set up your iPhone, you have to log into your Apple account. Macs
don't care as much.
If you use "Log In With Apple" then you'll lose that. And if you've
decided to use the terrible Passkeys idea, you're locked out of that
too.
LAC-Tech wrote 28 min ago:
So people can't use their iphones anymore?
asmor wrote 17 hours 49 min ago:
Sounds like someone's doing credential stuffing. Apple had quite a few
of those "other people can hit my rate limit" problems.
Animats wrote 17 hours 57 min ago:
Apple says there is nothing wrong.[1]
When your identity provider has total control over your life, and you
signed away your right to sue for damages, this is what happens.
URI [1]: https://www.apple.com/support/systemstatus/
chrisjj wrote 13 hours 18 min ago:
> All services are operating normally.
Error: 'normal' undefined.
;)
zamalek wrote 14 hours 27 min ago:
> Apple says there is nothing wrong.[1]
My experience status pages (with Azure) is that they are a PR/legal
mouthpiece. They only change once something becomes newsworthy.
lr1970 wrote 13 hours 58 min ago:
Any change to the status page requires at least VP sign-off. They
declare outage or a problem only when hiding it any longer becomes
impossible.
adolph wrote 13 hours 44 min ago:
Do you think systems reliable themselves? It takes real
leadership to drive organizations to five nines.
p_l wrote 3 hours 0 min ago:
You meant nine fives, I guess?
fuomag9 wrote 16 hours 16 min ago:
Iâm so glad itâs illegal for me to sign away my right to sue in
Europe
URI [1]: https://europa.eu/youreurope/citizens/consumers/unfair-treat...
coldtea wrote 15 hours 42 min ago:
The truth though is that if a consumer right remains hardly
enforceable and impractical to sue and get any real resolution from
doing so, corporations can live with consumers retaining it...
gklitz wrote 14 hours 9 min ago:
I imagine this attitude of âeven if we had laws protecting
consumers they wouldnât get usedâ is a big part of why
Americans donât have them. The European laws do get enforced,
but of cause there is both room for and movement towards
improving consumer protection.
amarcheschi wrote 14 hours 51 min ago:
I would say that most of the time people don't even know that not
everything written in a contract might be valid in case of a
legal dispute. However, once in a while we have nice things, such
as requesting to be refunded the windows license [1] ).
Unfortunately it's in Italian, basically if you don't accept
windows (and office) tos you can be refunded, almost nobody knows
this except some Linux users. However, if you follow the steps
(such as not accepting the tos) you're basically guaranteed a
refund or to win the legal dispute
URI [1]: https://sistemainoperativo.it/#:~:text=Come%20chiedere%2...
berkes wrote 14 hours 19 min ago:
I did that once, almost 20 years ago. Bought an IBM laptop that
came with windows (there weren't any options w/o Windows back
then, for consumers at least). I always planned to put Linux on
it.
Rejected the TOC. Made a meticulous image report that showed
careful unboxing and setup.
There was a line in the TOC that (from very vague memory)
disallowed using the OS for a.o. nuclear power mgmt. I did work
in energy back then (but mostly webdev), so I could not rule
this useage out. Send it along to Redmond and got a prompt
reply from som e salesman for some kind of "industrial licence"
for insane amounts. A few back and forths later, I got a measly
â¬20 Euro's back. They put the rest down to admin fees, and
OEM discounts.
Anyway. It ran SUSE and (k)ubuntu perfectly.
I guess it's much easier nowadays. But I buy my laptops
preinstalled nowadays. Open the lid, answer five or six
questions, restore my backups (/etc, .files, ~), reinstall the
packages from packages.txt, reboot and continue working.
amarcheschi wrote 14 hours 11 min ago:
As of today, in Italy, you get refunded the average market
price for a license and not the oem price (roughly ~20â¬),so
depending on the windows version you get 40/80⬠+ if you
have office, you get a few other bucks back, upto ~115⬠for
windows + office. And yeah, it's a bit easier today but
companies still try to make it difficult on purpose, such as
asking you to ship back the product, while you're not obliged
to. I spent last hour reading the legal proceedings on the
site I posted and lol, they're kinda all the same, you ask a
refund, you get told to ship it back, you do the "messa in
mora" (you legally tell the company to refund you), they tell
you to ship, you say you're not obliged to, you're eventually
refuned
eastbound wrote 14 hours 23 min ago:
Just to add: This right to be reimbursed of Windows OEM has
taken extremely long in the 1990ies to become a right, after
much lobbying from Linux fans.
baq wrote 15 hours 2 min ago:
Corporations usually get very polite and fast track issues when a
consumer rights advocate gets involved.
leptons wrote 17 hours 36 min ago:
Not only does the "walled garden" keep you safe, the walls are also
too tall to escape it.
farhaven wrote 16 hours 26 min ago:
And apparently, sometimes, when you want to return to that walled
garden, your keys to the front gate just don't work anymore.
danieldk wrote 16 hours 51 min ago:
You can use a Mac or iPhone without an iCloud account. Doing so
works fine for Mac, most applications can be downloaded outside an
app store. Sadly on iOS it makes the phone pretty useless if you
want to install any third-party apps.
Like others say, it's fairly easy to escape, just keep backups
outside iCloud. Also, it's probably best to use a password manager
that is not iCloud Keychain.
nottorp wrote 12 hours 42 min ago:
Can you? You can skip using the measly iCloud storage I guess.
But can you activate a phone without an apple id?
nativeit wrote 15 hours 35 min ago:
Agreed. Whatâs more, I find iCloudâs implementation in MacOS
to be far less intrusive than OneDrive in Windows, which
constantly pushes me to use it as a default, and has at least
once unilaterally forced the issue during an update by moving my
home folders into OneDrive, and leaving an absolutely wild text
file titled âWhere Did My Files Go.txtâ on the desktop. If I
donât want to use iCloud, I can easily forget it exists.
Iâm not terribly partisan when it comes to platforms, I own and
actively use an M1 Mac Mini, Dell Precision running Windows, and
a Kubuntu box. I understand the assertion that software
ecosystems tend to be a featured player in tactics aimed to fix
users on a particular device or platform, and I think thereâs
plenty of evidence that this is broadly the case. But I
wouldnât use iCloud as a particularly good example of it,
Appleâs clearly not banking on their cloud storage to drive its
revenue.
andrewinardeer wrote 16 hours 51 min ago:
"Garden" is too good of a word. "Prison" is more apt.
spike021 wrote 16 hours 56 min ago:
How's that? All my contacts can be stored locally, photos backed up
both on my computer and to a separate service plus iCloud, it's
pretty easy to set up Dropbox or Box in-place of iCloud Files.
Apple Wallet is handy but it really just stores digital copies
(over-simplifying) of my physical cards, any of which I can request
a replacement for outside Apple.
I don't use Safari but if I did any of its bookmarks/history are
easy to import into other browsers.
_V_ wrote 15 hours 27 min ago:
Your contacts can be stored locally but your device will not work
if Apple says so as it needs to be "activated" against their
servers. And there is no "secondary system". So no, you are
completely dependant on Apple and their infrastructure even if
you (think you) store data locally.
Wool2662 wrote 16 hours 27 min ago:
Yes, you can do this with considerable effort.
But the moment you use OIDC with Apple ID there is a good chance
you will lose many of the accounts created this way.
yayr wrote 15 hours 28 min ago:
The effort is actually minimal. Just export the passwords
occasionally and save it in an encrypted file. 30 seconds
The issue is rather, that most people rely on these convenient
services 100% and dont (want to) think about what happens in a
bad case scenario.
cqqxo4zV46cp wrote 14 hours 5 min ago:
âSave in an encrypted fileâ? Christ. We really need to
draw a HUGE line between âhacker news user solutionsâ and
âthings that are practical for actual people to doâ.
yayr wrote 12 hours 27 min ago:
I agree, that there is no obvious solution by just enabling
a setting...
But no matter what tool you use for it, that is what needs
to be done. It is quite simple for example if you use
Macpass or Cryptomator on a Mac.
wizzwizz4 wrote 12 hours 41 min ago:
Most people have a file encryption program of some kind on
their computers. WinRAR, 7-Zip, some versions of Microsoft
Windows (note: not supported in Windows 10 Home), Microsoft
Wordâ¦
highwaylights wrote 15 hours 31 min ago:
OIDC is the one part of this that really is an outsize problem.
Iâd say email providers are an even bigger problem though.
Good luck getting your accounts back if you lose access to your
own email account. I donât know that iCloud mail is
particularly popular, but the risk really applies to any
provider.
teekert wrote 17 hours 9 min ago:
I use Tailscale, NextCloud (files, pics, calendar, contacts),
Podverse, Obsidian, Bitwarden (Vaultwarden), Home Assistant,
ProtonMail, Signal, Element, â¦. If my iPhone (iCloud) goes down
itâs just a node in the network with all my data still my own and
available.
hu3 wrote 12 hours 54 min ago:
We are in a 0.01% bubble.
For most people, losing their iCloud or Google accounts would be
devastating.
I always joke that I'd rather lose all my documents and credit
cards than lose my main e-mail account. And only tech savvy folks
understand that it is not, in fact, a joke.
phantomathkg wrote 14 hours 24 min ago:
It will be great this set up can be commoditised so everyone can
buy one for themselves/family.
cqqxo4zV46cp wrote 14 hours 6 min ago:
You can add it the bucket of similar crap that nerds make when
they donât think to actually check if theyâre building
something that solves a problem that people actually want
solved.
The reality is that if you go to any family BBQ and start going
on about the importance of self-hosting, I - someone thatâs
been working with computers my whole life - am going to roll my
eyes and not be all that interested in the conversation, let
alone anyone else there (chances are they donât want to talk
about computers at all).
The reality is that these open-source / self-hosted solutions
are, the vast majority of the time, harder to use and maintain.
There are few things that sound less appealing to me than
dealing with the realities of helping my family and friends
with using any of that stuff.
This is all just some nerdâs out of touch pipe dream.
smeej wrote 13 hours 38 min ago:
I get what you're saying, but not all of those things are
self-hosted. For example, Proton Mail isn't harder to use
than Gmail. Signal isn't harder to use than any other
messaging app.
I've had great luck convincing even church ladies in their
60s to use both just by explaining that "end-to-end
encryption" means that only the sender and recipient can read
the messages, not big tech companies and advertisers.
pdimitar wrote 13 hours 41 min ago:
> This is all just some nerdâs out of touch pipe dream.
Yes, though only because it's a lot of trouble to set up
today.
If it were completely commoditizated -- imagine one more
button when setting up a new phone ("Choose where your data
resides: Apple, Google, Facebook, Self hosted") and it was
completely transparent then it would be used much more,
especially if that's complemented by one of the nerds setting
up e.g. a neighborhood sync server and everybody around
knowing it and using it.
So yes, you are not wrong but the situation can change
dramatically if ergonomics are improved. Which sadly most of
the nerds never work on.
unlikelytomato wrote 13 hours 8 min ago:
I used to think this. The Google, Apple, and Facebook
options are the improved ergonomics solution. It just never
pans out for these open solutions. I've been waiting
decades for it things to get to that level, but it always
ends up the same way - fiddling with servers.
pdimitar wrote 13 hours 3 min ago:
You are restating that the self-hosted options are not as
ergonomic yet which I already acknowledged.
As for waiting, yeah, sad story, but most of us don't
want to be on the computer for 16-18h a day anymore. I
implore any of the more privileged programmers -- people
with job security, $200K+ annual salary, a lot of social
safety nets -- to open their eyes and stop fucking around
with the one millionth LISP interpreter and just start
making non-corporate-controlled tech already.
Rinzler89 wrote 14 hours 39 min ago:
That's great for you and everyone on HN who's tech savvy, but
your average smartphone user has no idea what those even mean let
alone how to set them up and use them. Your parent is right and
is being needlessly downvoted.
My dad is often defeated on how to set up or use basic features
of his smartphone, let alone on how to migrate stuff from one
ecosystem to another, which let's be real, is purposely designed
to be as friction inducing as possible.
cjk2 wrote 17 hours 28 min ago:
This is not exactly true. I can lift and shift to Google or
Microsoft or standalone if I want to in a day easily. I just
donât want to!
(I have tested this - always have an exit strategy)
coldtea wrote 15 hours 39 min ago:
"Even though I paid for this home (laptop) and have all my things
in it, I can totally buy another from another realtor if the
current locks me out. So joke's on them, it's not exactly a
walled garden"
cjk2 wrote 15 hours 11 min ago:
We can all use hyperbole and carefully pick our narratives when
we want.
Example: I can live in this nice comfy condo for a sky high fee
(Apple) or I can live in a rickety old shed I have to keep
fixing for free so I donât have to pay the ground rent
(Linux).
Iâd rather live in the condo even if the lease runs out one
day.
coldtea wrote 14 hours 13 min ago:
The analogy is all well and good, except missing the point
we're discussing that happened to the parent:
It's not: "Iâd rather live in the condo even if the lease
runs out one day"
It's more like: "Iâd rather live in the condo even if the
realtor arbitrarily locks me out, even though I did pay for
it"
cjk2 wrote 13 hours 55 min ago:
I'm not saying it was a bad analogy, just that it's easy to
create analogies to create a narrative based on your own
perception. Obviously the point was missed.
ImPostingOnHN wrote 11 hours 53 min ago:
In this case, their analogy seems to be based on reality.
The key point of their analogy is that buying another
condo isn't a good solution to someone locking you out of
the one you paid for, just like buying a new phone isn't
a good solution to Apple locking you out of your phone
that you paid for.
Your complaint with their analogy seems to boil down to
"they used an analogy", without actually addressing the
point above. Try to focus on the point instead.
GoofballJones wrote 15 hours 57 min ago:
Yeah, I never understood this whole "you're locked in, you can't
get out of their ecosystem."
This has always been BS. I've switched from Apple to PC to Linux
back to PC to Apple back to PC and then Android etc etc. It's
actually quite simple. At the moment I'm using Apple stuff, but
there's nothing holding me here other than just me being here.
beeboobaa3 wrote 8 hours 45 min ago:
Where is the button to copy your photos from apple to google?
Until something like that exists normal people are 100% locked
in.
They may not even own a laptop with sufficient storage to
download all their photos to. If all they have is one, maybe
two, phones with limited storage they're totally fucked. Just
like Google & Apple designed it.
And it's not like these services make it easy to bulk
download/upload your photos, either.
AnthonyMouse wrote 14 hours 48 min ago:
This is missing the point.
Suppose Walmart has a monopoly in California and Target has a
monopoly in Florida. Anybody in California can shop at Target,
they just have to go to Florida. "I've switched from California
to Florida and then back, it's actually quite simple."
But if you're in California and you need some batteries, even
if flying to Florida to buy them from Target is possible, even
if you used to live in Florida and might move back there next
year, even if you have the money to buy the $300 plane ticket,
it's still prohibitively expensive to do it solely to avoid a
$5 markup on batteries. Then the two stores don't really have
to compete, and you get stuck paying the monopoly price for
everything. That's what it means to be locked in.
cjk2 wrote 14 hours 35 min ago:
This is a crap analogy.
You buy different stuff, copy your data across and sell the
original stuff.
Thatâs not lock in. It is if there is no other stuff to
buy.
AnthonyMouse wrote 6 hours 23 min ago:
> You buy different stuff, copy your data across and sell
the original stuff.
You buy a different house, move your stuff across and sell
the original house. How is it a crappy analogy?
The issue is that the cost of moving removes your choice
from individual decisions because they all have to be made
together. If you want iMessage then you have to sell your
Android and get an iPhone. If you want F-Droid then you
have to sell your iPhone and get an Android. What if you
want both? This isn't because the free software community
would be unwilling to set up a store/repository for iOS, it
isn't because no Android messaging app would be willing to
interoperate with iMessage, it's because you're locked in
to one platform or the other at any given time and have to
make all your choices together.
Someone who wants to provide an app store that charges
lower fees would have to convince everyone to switch to
their platform instead of only convincing people to switch
to their store.
The reason they make it that way instead of being able to
choose what you run on your device independent of the kind
of device is in order to lock you in.
nehal3m wrote 17 hours 25 min ago:
If you prepare for a case like this then it's easy. If you get
caught off guard (like I imagine most people will) it's hard.
I have an unhealthy habit of switching between FOSS and Apple a
few times a year (don't ask) and generally it is pretty easy. The
most annoying thing to me is Photos export, especially if you
don't have access to a Mac. You can't download your whole library
from the online environment, there's a 1000 image limit per shot.
edit: Also I have not found a good way to export from Apple Notes
so I have a habit of typing into .md files from the terminal.
edit2: Gave it a search and tried Exporter. Duh. Works great!
cjk2 wrote 17 hours 19 min ago:
Agreed.
Actually an anecdote on switching, my father in law bought an
iPhone in a pawn shop. It was logged in with someone elseâs
iCloud account. He just used that until he dropped dead. We had
no idea until I had to clean his phone out. My mother doesnât
even know what iCloud is. Literally total ignorance must be the
default for everyone these days.
Iâve done the random switch thing as well as a test case. But
to Microsoft. It took me a day to export all photos from
Photos.app and into OneDrive and that was with a Mac (105Gb).
And of course you lose all the edits you did if you export the
originals.
cjk2 wrote 17 hours 37 min ago:
I suspect there is nothing wrong as such ie the system is working as
intended. The intention is either overzealous or broken.
As for not suing them, I suspect that wouldnât wash if you were
deprived of property due to a software issue.
1oooqooq wrote 14 hours 43 min ago:
exactly. they already hit the revenue goals even with shitty
quality. it's the only goal that motivates work and in a monopoly
it's tied to market size only.
what's a few thousand people per month losing all access to their
data, if that is not even a blip on their revenue or revenue
protections?
if you're going to buy a new iphone, you're going to buy a new
iphone. it doesn't matter the slightest if you read some nerds
complaining something broke one theirs that same week.
eastbound wrote 14 hours 17 min ago:
People pay in average $1000 every 3 years ($27 per month). So if
1% people choose Android next time, Apple will lose 1% of 2
billion users x $1000 / 3 years = 7 billion dollars per year.
1oooqooq wrote 2 hours 6 min ago:
already way more than 1% do switch.
but if you're close to a monopoly, numbers go up with market
size increase. you can lose ((market size Delta) - 1) until
your bonus motivated employees have to care.
speedylight wrote 18 hours 7 min ago:
Considering how important an Apple ID is, this is kind of scary to be
honest.
iLoveOncall wrote 13 hours 37 min ago:
How important is it exactly?
I have had iPhones for more than a decade, and I never leveraged any
"feature" of having an Apple ID on any of them.
I've never bought an app or spent money on one, and I don't use
iCloud, so the Apple ID for me is literally just a gateway to
downloading free apps that I can always redownload with another one.
ccouzens wrote 6 hours 32 min ago:
> I've never bought an app
Without being signed into an AppleID you cannot install free apps
either.
And if you install then sign out, you're also blocked from updating
the free apps.
iLoveOncall wrote 1 hour 17 min ago:
Reading until the end of sentences before commenting would do you
a lot of good.
FdbkHb wrote 8 hours 44 min ago:
If your device is associated with the "Find my Mac" "Find my
iPhone" stuff, losing your Apple ID is the same as possibly (only
possibly because you can still have user accounts with separate
passwords and use the OS, but there will be limitations) bricking
your device.
You can't even wipe the hard drive and reinstall macOS without
access to the associated Apple ID. This is a good measure to
dissuade thieves from wanting to steal Apple devices, but it is a
terrible measure from the point of view of a user who has lost
their ID.
iLoveOncall wrote 15 min ago:
Hmm I have a Mac for work and it doesn't have any Apple ID
associated...
kemayo wrote 8 hours 46 min ago:
You understand that you're an outlier here, right?
iLoveOncall wrote 8 hours 27 min ago:
No I really don't think I am.
In fact 98% of the revenue on apps come from free apps.
nottorp wrote 18 hours 16 min ago:
Hmm I used to get kicked out regularly (like 3 times per month) out of
my apple login before i enabled 2FA. It completely stopped after. I
assumed they were fraudulent login attempts.
This does look more like a glitch on their side though...
vondur wrote 18 hours 30 min ago:
Happened to me today. First got the message on my computer that my
location was unknown and needed to enter a code from the phone. By the
end of it, I had to reset my Apple password. No idea why it happened.
zikduruqe wrote 14 hours 44 min ago:
Happened to me last night. I got a push notification on my watch
that I needed to update my iCloud password. I thought that this
isn't right, so I went to my phone and MacBook. Same thing, those
devices said I needed to change my password. So I figured someone
has my @iCloud email address and tried to login. I do have hardware
keys setup, so wasn't terribly worried.
But none the less, I liked my old password and had to change to
something else.
chrisjj wrote 13 hours 7 min ago:
> figured someone has my @iCloud email address and tried to login.
So... anyone with just your iCloud email address can get you locked
out?? That's not what I would call secure...
ImHereToVote wrote 17 hours 9 min ago:
Didn't someone discover the unpachable NSA backdoors in the M series
processors recently? Could be related.
kingspact wrote 9 hours 41 min ago:
Yeah, LOL. They're trying to memory hole that one.
orf wrote 15 hours 29 min ago:
No?
RedComet wrote 7 hours 22 min ago:
He's probably referring to this:
URI [1]: https://news.ycombinator.com/item?id=38783112
gigatexal wrote 18 hours 31 min ago:
Are they being hacked on a massive scale?
arthurcolle wrote 18 hours 36 min ago:
yeah this happened to me yesterday! i can still get in with passkey on
my iphone but im dreading needing to go to apple store and tell them
that i have been progressively getting logged out of my normal couple
apple devices
super weird, somethings going on
a_random_canuck wrote 18 hours 19 min ago:
Iâm betting theyâve turned on some AI âfeaturesâ for
detecting fraud and itâs not working out as well as promised.
southerntofu wrote 17 hours 52 min ago:
This is exactly what CloudFlare and Google have been doing for a
while. i meet so many tech illiterate people who "can't log in to
the internet" because of some discouraging CAPTCHA or because Gmail
decided that even though they knew their passwords, a phone number
they haven't used in 2 years (and has probably been reallocated to
someone else) is a better proof of identity.
It's a shame it's even legal to discriminate people's browsers
based on shady stats and not actual abuse.
k8svet wrote 8 hours 17 min ago:
Because HN loves to complain about this, I get to repeat it as
always. Enroll a real 2fa (totp, security key, passkey) on your
account and you will not face any of these issues. There's a
reason they do this for insecure accounts and an easy way to
avoid it.
I've logged into years-dormant Gmail accounts, from small towns
in Mexico on a $2usd Mexican SIM and google has not even batted
an eye.
KennyBlanken wrote 17 hours 21 min ago:
Those tech illiterate people probably have infected systems that
are part of bot networks.
jasonjayr wrote 14 hours 33 min ago:
It would be really awesome if Google would kindly tell them so
they could have an opportunity to fix the issue and reactivate
their account, instead of hard-locking them out with no
recourse.
It's not like people are encouraged to keep their valuable data
with these companies, only to lose the ai-fraud-detection
lottery.
noname120 wrote 16 hours 8 min ago:
More likely is that they are behind a CGNAT.
southerntofu wrote 17 hours 11 min ago:
That's very unlikely. If you talk to anyone working in a public
library or a local non-profit assisting elderly/homeless
people, you will notice these issues are systemic and not
isolated cases. From the cases i would see first hand, nothing
would suggest that they had been compromised in any way.
miyuru wrote 18 hours 8 min ago:
similar seems to be happening at stripe, their LinkedIn was full of
accounts locking out last week.
peanball wrote 18 hours 32 min ago:
I had the same thing this morning. Unlock and password reset via
another device worked through.
mmcnl wrote 17 hours 58 min ago:
My other device is locked out too unfortunately.
jen729w wrote 18 hours 31 min ago:
Same here in AU, this happened to me about 8 hours ago. Standard
reset procedure worked.
Now when trying to configure a Recovery Key from my 2021 iPad Pro
Iâm told that I canât do that from âthis new deviceâ of
mine. ¯\_(ã)_/¯
And when I try it from my iPhone I have to wait an hour because of
Stolen Device Protection. Apparently Iâm not at a âfamiliar
locationâ. Iâm at home. I work from home. This phone is in this
house for 99% of the time.
Not amazing is it.
j45 wrote 7 hours 28 min ago:
Going to an apple store might be an option too with ID, etc.
mwexler wrote 9 hours 7 min ago:
I loved Stolen Device Protection when I first heard about it.
And now I've wasted hours of my life dealing with it as part of
the "Daily Lockout".
And tech companies again demonstrate that they are "all about the
user" by providing no clarity, acknowledgement, or empathy around
the issue. It's depressing.
Perhaps this is real talent in tech: to make things seem rather
than be, and to build ways to avoid service and accountability
unless it leads to max profit.
I shouldn't be surprised each time this happens, but
optimistically I still am.
throwaway290 wrote 17 hours 31 min ago:
Check if you have location services -> system services ->
significant locations On. If it's disabled then effectively you
have no "familiar location" as far as iOS is concerned
jen729w wrote 17 hours 0 min ago:
Yeah itâs on⦠always been on. Thanks for the tip thoâ.
DIR <- back to front page