This is something I can’t figure out, because my understanding is that no matter what OS you install, unless you bought your Mac with cash, your serial number and credit card are now connected…and will always be spilling data about you.
Thanks for any advice…I’m wondering if it’s worth it to install a new OS.
Why do you want to install it on a Mac when you can get a PC for way less? But definitely.
Because I already have a fairly new Mac. :) I bought it before I ever even thought of using a Linux OS.
Yes (see Question about Mac phoning home from 6 days ago, which is answered by the former Asahi Linux lead). There is no firmware-level Apple telemetry, and booting into Linux disables Find My.
Thank you, this is just what I needed! Now I just need to figure out HOW to get it installed on my Mac. :)
all Apple devices are part of a covert peer-to-peer network and its primary purpose is to facilitate the Airtags and find-my-shit apps. it runs on desktops, laptops, phones, ipads, watches, etc., including when they’re supposedly off. you can’t turn it off or opt out of it and what that crap additionally does and how secure it is is unknown.
having said that, if you run linux on an old intel-based macbook or similar (say, up to 2015 models) you’re out of that racket and similarly all Apple or iCloud based crap. they do have a permanently enabled IME but that’s true for the majority of devices sold and, dependent on your threat model, isn’t an issue per se.
not sure about the “credit card” angle as you can’t buy a new Apple device that runs linux, the asahi mess is limited to M1/2 models which are like 5 years old at this point.
the asahi mess is limited to M1/2 models
As of the Asahi Linux blog post from 2 days ago, they’re working on SPMI controller support, which is part of M3 support.
I wouldn’t really call Asahi a mess, they upstream their patches to the Linux kernel and are a part of the Fedora project. Also, Linus uses Asahi Linux for his travel laptop, a MacBook Air.
which are like 5 years old at this point.
M2 models were released in June 2022, they aren’t 3 years old yet.
Thanks! Interesting, I didn’t know you can’t install Linux on a newer machine. Mine is just a few years old. I want to leave the Apple ecosystem, but I don’t want to have to ditch a fairly new laptop and buy a different one.
What data?
It’s possible there’s something in the firmware or BIOS that transmits some things to Apple; I do not know for sure, but maybe someone else will show up here who knows details about this. Even if that is so, Apple gets significantly less data because anything built into macOS won’t be running.
It’s more likely hidden chips on the motherboard or in other circuits are sending data back to China. I, like you, doubt Apple is doing anything beyond the software level.
doubt Apple is doing anything beyond the software level.
Why though? They are designing the most complex part of the computer, the M* chip, so they definitely have the technical and production capability to do whatever they want with the hardware. I’m not saying they do though but they could if they wanted to. That being said however they do it, they would still have to transmit whatever data being captured with interroperable means, i.e over the Internet (being over BT relayed to another device, WiFi, Ethernet, etc) which then in turn could be spotted with any network traffic analysis tool. A single instance of this would bring their entire goodwill and thus probably business to the ground though.
So… I’m not saying one has any reason to worry but also claiming they don’t do anything beyond software is strange to me.
My reasoning goes: they have no reason to. They’re not making commodity hardware; they’re making machines with an integrated OS, large parts of which are closed source. Why go through the cost and effort of doing something in hardware when you can do it more inexpensively and more flexibly in software? They do not support, nor do they expect, anyone to run anything but OSX (or iOS) on their computers. I doubt that they consider the folks hacking Linux onto their hardware to be worth worrying about: that’s a very short long tail, and almost certainly not worth the extra cost of doing it on-chip.
China does it because they’re selling commodity chips used in a variety of machines, running a variety of OSes, over which they have no control. They do it because there’s no other way for them to get telemetry from Apple computers, because they don’t control the software.
Can you think of a reason why Apple would need to do it in hardware, given that it’s hugely more expensive?
I can think of plenty of reasons, e.g. NSA, or any US institution interested in intelligence gathering, paying for it.
I can though, at the same time, imagine that Apple itself would still NOT want to do it, neither in software or hardware, because once discovered (not when) their economical value would crater.
The market value of Apple is totally different from alternatives, e.g. Chinese companies, as you mention, but also Microsoft or Google. Yes, they ALL sell vertical integration of software and hardware BUT everybody expects Google or Meta to “steal” your data. Most people expect Chinese companies to do the same. Most people understand that Microsoft do it because it’s profitable so they follow their footstep.
Everybody who knows this is buying Apple for the prestige AND because they are “different”. Namely you are “hip” by buying from them because they are NOT Google subsidizing hardware for privacy, Xioami or anything Android because it’s the same but “cheap” or Microsoft because it’s what one uses at work.
So… if tomorrow Apple is not “cool” anymore, that’s actually a very big deal for the bottom line IMHO.
They might be tempted to do so, regardless of how genuine the “culture” of the corporation is, but even if one were to care solely for money, their image is deeply intertwine now with the notion that at least if you buy some fancy Apple device they’ll work and nothing with leak.
That’s why economical, not technical, bet on how I have a hard time imagining a hardware backdoor.
I can think of plenty of reasons, e.g. NSA, or any US institution interested in intelligence gathering, paying for it.
But why would the do it in hardware when they can do it in software? Again, the number of people running Asahi Linux is minuscule.
I dunno about such an exposure tanking their stock. Sure, some privacy advocates would be disappointed, but most Apple users would shrug it off. I doubt a significant percent of people using Apple products are doing it because of privacy concerns. And what are those people going to do? Switch to Microsoft? If they were ever going to switch for privacy reasons, or had any willingness to switch to Linux, they probably already would have. But it’s all speculation, because getting statistics on this would be almost impossible. My opinion is, it might make a temporary blip in their stock price, but there’d be no enduring impact on their bottom line. Adding hidden telemetry to their chips, however, would add significant cost to every chip.
Because software is easier to analyze than hardware?
Certainly, although OSX has enough closed source parts, and obfuscation is good enough to let a supply chain attack live in Go’s module ecosystem for years. Obfuscation is reasonably effective, especially when the DMCA in the US makes reverse engineering legally hazardous, and it’s iffy in the EU as well. Anyone who found an issue would have to make it public very anonymously.
I don’t think purchase info is necessary tied to hardware out of the box beyond asset tracking. That would cause issues with gifting.
The easy answer is if you don’t run the software, it can’t collect data.
However, the firmware is network capable and certain diagnostic tools and recovery modes can call home. I am not familiar to the extent, however.
This also does not stop other devices, Apple included, from detecting the Mac and reporting home hardware/location data.
No, if what you described were true it would be impossible to give someone an apple computer without getting confused for the person you gave it to.
Or to refurbish and use a mac from the trash can without being mistaken for the previous user.
I have done both with no problems.
Apple does know what you bought from them… because they sold it to you and gave you a receipt and kept a record of it to accurately account for taxes just like wal mart does when I buy a bag of apples from the produce department.
Wal mart doesn’t serialize their apples, but they do serialize their game consoles and keep track of those, so maybe that’s a better example.
I guess I gotta ask: what do you think is happening between the credit card and the serial number of the computer and how do you think it’s happening?
Thank you! I actully have read that if you sell your Mac, your info is still attached to it. Which is actually good for you and bad for Apple, I guess, because they could be attaching the wring info to you.
I don’t know the details, but in Extreme Privacy, the author says that to be untraceable, you need to buy a laptop with cash, then wipe it and install Linux. I’m not super techie, but to me that means if you use a credit card, Apple can now attach the laptop to your identity… which is of course connected with everything else that’s been collected about you by third parties.
So, that has nothing to do with apple or macs. (Except a part at the end which might not be what you’re talking about)
When you use a credit card the transaction record is kept by the merchant who sells you the computer, the card processor and the card issuer (I’m probably using the wrong terms, it’s been awhile since I had to accurately talk about the precise operation of credit card payments.). So when you buy anything using a credit card, at least three entities who can be ordered to submit to law enforcement requests and are legally required to keep records of transactions actually have records of that transaction.
So when I swipe my visa to get a bag of apples at the wal mart, wal mart, their processor and my bank all have record that they’re required to keep for accounting purposes and will turn over when they get a lawful order to do so.
I don’t remember if it’s the law now, back when I was really in pos there were lots of bills trying to make it law, but it’s certainly industry practice to record serial numbers of high dollar items. The goal is to have a more precise and quick return/service process. You bought unit abcdef123456 and that means if they don’t get abcdef123456 back when you try to return it then there’s a problem.
So when I buy an ideapad at Walmart with cash they record the serial at time of sale and when I try to return a different one with my receipt there’s a serial number line that can be compared and verified.
That transaction is only stored by wal mart, but can be corroborated by my banks records where I withdrew enough money to buy a computer all at once in person because it’s more than they let me pull from an atm at one time.
I’ll go even farther:
Know your customer laws require that merchants verify and in some cases record ids of people making some purchases. So when I go to the wal mart to buy a cheap phone and a prepaid SIM card to stuff in my glovebox, they’re required to record my id for both purchases.
Now one thing that is true of apple computers and phones and that you might be referring to is that it’s super fucking difficult to remove a device from someone’s appleid without that person doing it for you. When you first use a mac or iPhone you have the chance to tie it to an iCloud account, just like you can with google accounts in android devices and Microsoft accounts on windows computers. If you do, then in order for someone else to reset the device and wipe/reinstall/take ownership of it you have to remove it from your account. Theres a wizard that guides you through the process just like in windows and android. If you never do this then the person who bought the device (or stole it, or dug it out of the trash) can’t use it.
If you lose your password then apple can verify your identity using their records (if you have their adp turned on then you just have to give em your code and make a new one when you’re done doing whatever you’re doing) and reset the password and remove devices from your account. Certified resellers/repair shops can do this too, but they’re under a lot of scrutiny when they do because Apple views them as possible cracks in the anti-theft armor.
So that means that when I dig a mac out of the trash to fix and use or sell, I have to either contact the iCloud account holder and convince them to drop the device from their profile or perform some decently tough microsoldering and reprogramming of tiny chips on the mainboard.
Of course, all that is optional. People just almost never choose not to do it because it is all upside and no downside for the owner. You as the computer owner get theft prevention, stolen device tracking and control over who can use things you bought in exchange for essentially nothing (especially if you turn on adp).
I haven’t read extreme privacy. I will as soon as I can, but I gotta ask: what are you trying to accomplish or understand? Sometimes for people who aren’t technical it’s easier to start from goals as opposed to metabolizing a bunch of literature on the topic.
This is amazing! Great information.
I read Extreme Privacy for fun…I don’t need to live totally under the radar. However, I’m tired of feeling/being tracked by Big Tech, having my data used inappropriately, etc. I managed to buy a used Pixel and install Graphene OS, but I’m stuck with my Mac until it dies. I’m also trying to divert my money away from Big Tech and unethical corporations like Amazon as much as I can. (Which I know is basically impossible, but I do what I can.)
I wrote a whole free book on the topic called DISENGAGE: Opting Out—and Finding New Options—to Reclaim Your Life from Spammers, Scammers, Intrusive Marketers and Big Tech. It’s meant for newbies (say, my mom) to light-medium tech savvy people like myself. (I’m a semi-retird journalist of 30 years and this was my passion project; you can read in there my motivation and how far I’ve gotten so far.)
I’m now trying to move into the more intensive privacy techniques, and they are often beyond my abilities. Switching to a more private OS is on my list.
You can always do a computer swap. Figure out what you want, like for example a dell or thinkpad with core or libreboot and swap your mac for it. That way there’s no money that changes hands. There’s a hardware list on both projects websites if you wanna windowshop on ebay.
One way to improve your privacy that people always overlook is to stop registering to vote. The rolls are basically public information, all you gotta have is a specific type of company to get access to them.
Thanks! I had thought of that, but would like to hang on to my Mac. I just want it to be…not a Mac, I guess?
I considered cancelling my voter registration and then re-registering every election. However, the way things are going, I wonder if I will even be able to re-register in the future…
Just speaking one hexbear to another: switching away from the operating system and ecosystem favored by the security industry and privacy conscious elite which has a well documented history of being the hardest target for law enforcement, requiring the highest bar for legal cooperation and providing methods of protecting personal data (even if that behavior isn’t the default) and yet keeping yourself on the voter rolls is something to chew on.
I been mulling over your reply and I can’t put into words what I feel but it’s similar to when a friend in recovery with a ton of trauma and long ass rap sheet was excited to get out there at the demonstration.
I can’t say what’s best for you but it makes me worry.
I’m about halfway through extreme privacy and I’m legit about to order a personal copy just so I can scribble in the margins. I’ll read your link too probably tomorrow after work.
Thank you! I wish I had sprung for the hardcopy edition of Extreme Privacy. I don’t have a rap sheet, I “have nothing to hide”…but it gives me a sense of peace feeling more in control of my data. (Oh, and I do run the Punching Up Press site, and I hope it doesn’t get to the point where I have to worry.
If I do something that actually lands me in the sights of the federal government, I’m sure it’s trivially easy for them to find me. I’m more anti-Big Tech, anti-surveillance out of principle, etc.
To what extent the Apple product is spilling data to Apple, it’s the Apple software doing it, which Linux would mitigate, but depending on which mac you have, it may not even support Linux yet. If anything, you should probably be more paranoid about Windows on modern Intel. The secure enclave shit Windows 11 requires has its own network stack it can use to phone home sans the OS knowing.
Thanks for the info!
from what i remember before i jumped from macos to debian is that debian does not collect data, save for maybe like crash reports or something but that can be toggled off. the packages you install may collect data, depending on what you’re installing.
I’ll look into this, thanks!
