[LAD] Forgive me, for I have sinned, or: toss your Macintosh, as fast and wide as you can.

[Robin Gareus]

On 12/04/2017 06:52 PM, Jörn Nettingsmeier wrote:
> On 12/04/2017 01:30 PM, Robin Gareus wrote:
> 
>> Seeing as this was in a train, and last I looked the DB-network was wide
>> open, I'm curious if this was actually a hack by guy in another
>> train-compartment or perhaps a subverted access-point exploiting some OS
>> X vulnerability.
> 
> I was connected to my own phone hotspot. So unless it's a very low-level
> WLAN interface vulnerability, a local wireless exploit seems unlikely.
> 
> I'm pretty sure the kill message did come from the iCloud (a service
> which I'm not using and which I don't indent to ever use) using the
> Find-my-Mac feature. I was _never_ given an option to opt out of this
> feature, and it was never made clear to me that I was carrying a
> time-bomb (with remote wipe option) that would enable unknown third
> parties to potentially cause five-digit damages on a whim.

It's probably all in some EULA smallprint, and your visit to the
Apple-store will be rather unspectacular.

You said earlier "[the macbook] had been factory-reset and completely
installed from scratch." According to the doc, clearing the NVRAM or
PRAM should disable "Find-My-Mac". Then again, since any Apple-store can
un-brick it if you show them a proof-of-purchase, there's yet another
backdoor...

Anyway, I'm glad you were able to get all the data from it.
May I ask how? http://www.system-rescue-cd.org/ ?

Cheers!
robin

PS. As atonement for your sin, I suggest hosting the next Linux Audio
Conference ;-))