Comments on: Find My Mac and Remote Wipe http://mjtsai.com/blog/2012/08/04/find-my-mac-and-remote-wipe/ Wed, 22 May 2013 22:16:11 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Michael Tsai - Blog - Two-Step Verification for Apple ID http://mjtsai.com/blog/2012/08/04/find-my-mac-and-remote-wipe/comment-page-1/#comment-846898 Michael Tsai - Blog - Two-Step Verification for Apple ID Fri, 22 Mar 2013 00:26:59 +0000 http://mjtsai.com/blog/?p=5546#comment-846898 [...] note, it does not appear that two-step verification is needed to remote wipe or to access FileVault-encrypted files on a locked but powered-on Mac. It seems more likely that [...] [...] note, it does not appear that two-step verification is needed to remote wipe or to access FileVault-encrypted files on a locked but powered-on Mac. It seems more likely that [...]

]]> By: Roy Strang http://mjtsai.com/blog/2012/08/04/find-my-mac-and-remote-wipe/comment-page-1/#comment-702386 Roy Strang Sat, 20 Oct 2012 19:53:40 +0000 http://mjtsai.com/blog/?p=5546#comment-702386 Great blog, excellent issue. Oh, and you don't trust Apple? Do you know anyone but a kid in their retail store that does? Great blog, excellent issue. Oh, and you don't trust Apple?
Do you know anyone but a kid in their retail store that does?

]]> By: Michael Tsai - Blog - FileVault 2’s Apple ID Backdoor http://mjtsai.com/blog/2012/08/04/find-my-mac-and-remote-wipe/comment-page-1/#comment-674988 Michael Tsai - Blog - FileVault 2’s Apple ID Backdoor Wed, 08 Aug 2012 03:05:41 +0000 http://mjtsai.com/blog/?p=5546#comment-674988 [...] is a guest post by Jonathan Grynspan. I followed his reporting of this issue on Twitter with interest. Far more than 140 characters were needed to [...] [...] is a guest post by Jonathan Grynspan. I followed his reporting of this issue on Twitter with interest. Far more than 140 characters were needed to [...]

]]> By: Michael Tsai - Blog - My Apple ID Episode From 2008 http://mjtsai.com/blog/2012/08/04/find-my-mac-and-remote-wipe/comment-page-1/#comment-674964 Michael Tsai - Blog - My Apple ID Episode From 2008 Wed, 08 Aug 2012 00:35:37 +0000 http://mjtsai.com/blog/?p=5546#comment-674964 [...] An Apple ID is pretty much required these days, but you can at least limit the potential damage. Don’t use iCloud’s e-mail account, even as a backup address supplied to other services. Honan’s Gmail was compromised because the password recovery e-mail went to his me.com address. And don’t enable Find My Mac. [...] [...] An Apple ID is pretty much required these days, but you can at least limit the potential damage. Don’t use iCloud’s e-mail account, even as a backup address supplied to other services. Honan’s Gmail was compromised because the password recovery e-mail went to his me.com address. And don’t enable Find My Mac. [...]

]]> By: Chucky http://mjtsai.com/blog/2012/08/04/find-my-mac-and-remote-wipe/comment-page-1/#comment-674295 Chucky Sun, 05 Aug 2012 19:04:39 +0000 http://mjtsai.com/blog/?p=5546#comment-674295 <i>"Jonathan Grynspan reports that there’s a bug that can allow anyone with access to your Apple ID (which obviously includes Apple itself) to access your FileVault-encrypted drive, even if you’ve not shared your FileVault recovery key with Apple."</i> Good god, if true. I believe I've previously mentioned once or twice that I'm still lovin' Snowy, but this is <b>ridiculous</b>. (AppleID worming its way into OS X is at the core of what has moved me over the past couple of years from being an Apple Fanboy to being a Cupertino Dissident. I'd love to switch to Microsoft, but their direction for Windows 8 doesn't exactly inspire confidence that that would be a sensible path to take. Maybe I'd just better stock up on replacement pre-2011 Macs.) "Jonathan Grynspan reports that there’s a bug that can allow anyone with access to your Apple ID (which obviously includes Apple itself) to access your FileVault-encrypted drive, even if you’ve not shared your FileVault recovery key with Apple."

Good god, if true. I believe I've previously mentioned once or twice that I'm still lovin' Snowy, but this is ridiculous.

(AppleID worming its way into OS X is at the core of what has moved me over the past couple of years from being an Apple Fanboy to being a Cupertino Dissident. I'd love to switch to Microsoft, but their direction for Windows 8 doesn't exactly inspire confidence that that would be a sensible path to take. Maybe I'd just better stock up on replacement pre-2011 Macs.)

]]> By: Michael Tsai http://mjtsai.com/blog/2012/08/04/find-my-mac-and-remote-wipe/comment-page-1/#comment-674246 Michael Tsai Sun, 05 Aug 2012 13:34:57 +0000 http://mjtsai.com/blog/?p=5546#comment-674246 @Martin The dialog for remote-wiping the Mac says that it can take up to a day. So I presume that it boots from the recovery partition and, if there’s no encryption, spends a lot of time overwriting the main partition with random data. @Martin The dialog for remote-wiping the Mac says that it can take up to a day. So I presume that it boots from the recovery partition and, if there’s no encryption, spends a lot of time overwriting the main partition with random data.

]]> By: Martin http://mjtsai.com/blog/2012/08/04/find-my-mac-and-remote-wipe/comment-page-1/#comment-674205 Martin Sun, 05 Aug 2012 10:21:58 +0000 http://mjtsai.com/blog/?p=5546#comment-674205 How does remote wipe work reliably without system encryption? With system encryption, a remote wipe equals the deletion of the encryption key … without encryption, however, a simple wipe takes some time and it is easily recoverable. How does remote wipe work reliably without system encryption? With system encryption, a remote wipe equals the deletion of the encryption key … without encryption, however, a simple wipe takes some time and it is easily recoverable.

]]> By: Chucky http://mjtsai.com/blog/2012/08/04/find-my-mac-and-remote-wipe/comment-page-1/#comment-674053 Chucky Sat, 04 Aug 2012 17:40:34 +0000 http://mjtsai.com/blog/?p=5546#comment-674053 That's a pretty remarkable story on so many levels. That's a pretty remarkable story on so many levels.

]]>