- Posts: 7
- Thank you received: 0
Forum Login
Can the macbook still give away it's location?
Rendering Error in layout Widget/Social: Call to a member function exists() on null. Please enable debug mode for more information.
8 years 1 month ago #2525 by Nonono12
Can the macbook still give away it's location? was created by Nonono12
Hello, maybe a stupid question but i got to ask 
Say you have a icloud locked macbook
After the efi chip has been flashed, with the original serial in the dump, will it still be able to give away its location ?
I'm guessing if i reinstall mac os it will icloud lock again, but what if i install windows ? or ubuntu ? can it still send out data to apple ?
The reason i ask is when i hold the options key to give me a bootmenu, it already shows the available wifi sources to connect to so it can run recovery. and that worries me
Say you have a icloud locked macbook
After the efi chip has been flashed, with the original serial in the dump, will it still be able to give away its location ?
I'm guessing if i reinstall mac os it will icloud lock again, but what if i install windows ? or ubuntu ? can it still send out data to apple ?
The reason i ask is when i hold the options key to give me a bootmenu, it already shows the available wifi sources to connect to so it can run recovery. and that worries me
Please Log in or Create an account to join the conversation.
8 years 1 month ago #2559 by Nonono12
Replied by Nonono12 on topic Can the macbook still give away it's location?
Okay, so just to sum it up... sorry if i ask the same question twice.
I know for a fact that if you start the recovery mode where it will download a new mac os by connecting to wifi (MBA, so no disc), but with the main partition wiped, it will still lock down and give away it's position. Allthough i'm not sure if it needs it reserved partition on the hard disk to do so. (i believe it was a 5gb partition that i noticed later on named EFI-something)
Later on i removed all partitions and formatted it with linux, flashed the efi chip by your instructions (BUT with the original serial number still in the modified dump).
But for some reason i'm still worried that it might somehow still lock and/or give away it's location if i connect it to the internet. At the same time it sounds stupid since it got linux (ubuntu) installed and i don't think it would allow that.
I ask the same question twice because apple's EFI seems more complicated than i originally thought And because i think it is not totally OS dpendent (like i said, small partition left somewhere + recovery mode = lockdown).
What are your thoughts on this ? is it safe to assume FMM is not functioning anymore, or do you mean by "dependent on the OS" that the small partition was a part of the OS that had to be removed ?
Sorry if i made a mess of the story, just trying to understand!
Thanks in advance.
I know for a fact that if you start the recovery mode where it will download a new mac os by connecting to wifi (MBA, so no disc), but with the main partition wiped, it will still lock down and give away it's position. Allthough i'm not sure if it needs it reserved partition on the hard disk to do so. (i believe it was a 5gb partition that i noticed later on named EFI-something)
Later on i removed all partitions and formatted it with linux, flashed the efi chip by your instructions (BUT with the original serial number still in the modified dump).
But for some reason i'm still worried that it might somehow still lock and/or give away it's location if i connect it to the internet. At the same time it sounds stupid since it got linux (ubuntu) installed and i don't think it would allow that.
I ask the same question twice because apple's EFI seems more complicated than i originally thought
And because i think it is not totally OS dpendent (like i said, small partition left somewhere + recovery mode = lockdown).What are your thoughts on this ? is it safe to assume FMM is not functioning anymore, or do you mean by "dependent on the OS" that the small partition was a part of the OS that had to be removed ?
Sorry if i made a mess of the story, just trying to understand!
Thanks in advance.
Please Log in or Create an account to join the conversation.
7 years 10 months ago #3405 by therealjayvi
Replied by therealjayvi on topic Can the macbook still give away it's location?
Let me start out by saying that I do not condone in the servicing of stolen items. If you choose to follow my advice then you are doing so AT YOUR OWN DISCRETION and you accept sole responsibility for any actions you may take on behalf of this post. Now...
Not sure if this is 100% on-topic but I figure it may help out. So what I've learned about location services being reported... YES IT ABSOLUTELY WILL REPORT YOUR LOCATION THE VERY MOMENT YOU LET THE DEVICE CONNECT TO ANY INTERNET SOURCE!! Apple has programmed their Mac devices to seek out ANY open WiFi nearby for it to leech off of. Even if it is something like Xfinity WiFi (Open network but needs login to "fully" connect) you should still be concerned. If the device has been reported stolen then you have to be aware that it will ping not only your location (because Location services are ON by default on a fresh install), but also your geolocation is observed and that is based upon your IP address. Even if you use a VPN you need to be concerned. Police CAN and WILL show up to your doorstep asking about the device, so be prepared for what you're getting yourself into.
It should be in everybody's checklist of steps when performing anything related to EFI lock that you have an external drive with OS X installed upon. Not saying that it isn't possible by other means, just that with the amount of devices that I have serviced it is the safest way to go. With an external drive you have a controlled environment with which to boot any Mac device. And by controlled I mean you need to completely remove the .kext for WiFi from your external OS X, this way you ensure the device connects to the internet ONLY when you want it to.
Use a VPN. Period. And not just a software-related VPN. Make your own. Unless you would like to put trust in the hands of some company that wouldn't think twice to look into where you are if they are confronted by law enforcement. I have recently written an article here on just how to go about creating your own VPN in a remote location on a VPS (other devices/locations/methods can be used as well) I highly recommend reading it through to get a better idea. There's still the issue of having that split second in between when you initially connect to the internet and when you connect to the VPN though. And be aware that it may only take 1 second between clicks, but that 1 second is all that is needed for your whereabouts to be known to within a 10 foot radius. That's pretty specific. The ONLY way to ensure complete anonymity while doing this is to install your VPN service onto a separate router, remove the WiFi .kext from an external OS X installation (or just the WiFi (Airport) chip entirely), reset NVRAM/PRAM from device, boot into external drive, disable location services, open up the iCloud Account login prompt, type in the username and password to a burner iCloud account you have (dont have one then get one), then connect the device to the router you have your VPN installed onto via an Ethernet cable (newer devices have no Ethernet port so get yourself an Ethernet to USB converter), and the very moment you plug it into the device start spamming Enter as fast as you can to begin logging into iCloud with your burner account at the absolute soonest possible moment. Be prepared for it to sound the alarm if it is in fact reported stolen, it's loud. Check the box for Find My Mac and click continue. If everything went as planned then you will have overwritten the iCloud account on Apple's servers and you can now proceed with installing a fresh OS.
Cheers
Not sure if this is 100% on-topic but I figure it may help out. So what I've learned about location services being reported... YES IT ABSOLUTELY WILL REPORT YOUR LOCATION THE VERY MOMENT YOU LET THE DEVICE CONNECT TO ANY INTERNET SOURCE!! Apple has programmed their Mac devices to seek out ANY open WiFi nearby for it to leech off of. Even if it is something like Xfinity WiFi (Open network but needs login to "fully" connect) you should still be concerned. If the device has been reported stolen then you have to be aware that it will ping not only your location (because Location services are ON by default on a fresh install), but also your geolocation is observed and that is based upon your IP address. Even if you use a VPN you need to be concerned. Police CAN and WILL show up to your doorstep asking about the device, so be prepared for what you're getting yourself into.
It should be in everybody's checklist of steps when performing anything related to EFI lock that you have an external drive with OS X installed upon. Not saying that it isn't possible by other means, just that with the amount of devices that I have serviced it is the safest way to go. With an external drive you have a controlled environment with which to boot any Mac device. And by controlled I mean you need to completely remove the .kext for WiFi from your external OS X, this way you ensure the device connects to the internet ONLY when you want it to.
Use a VPN. Period. And not just a software-related VPN. Make your own. Unless you would like to put trust in the hands of some company that wouldn't think twice to look into where you are if they are confronted by law enforcement. I have recently written an article here on just how to go about creating your own VPN in a remote location on a VPS (other devices/locations/methods can be used as well) I highly recommend reading it through to get a better idea. There's still the issue of having that split second in between when you initially connect to the internet and when you connect to the VPN though. And be aware that it may only take 1 second between clicks, but that 1 second is all that is needed for your whereabouts to be known to within a 10 foot radius. That's pretty specific. The ONLY way to ensure complete anonymity while doing this is to install your VPN service onto a separate router, remove the WiFi .kext from an external OS X installation (or just the WiFi (Airport) chip entirely), reset NVRAM/PRAM from device, boot into external drive, disable location services, open up the iCloud Account login prompt, type in the username and password to a burner iCloud account you have (dont have one then get one), then connect the device to the router you have your VPN installed onto via an Ethernet cable (newer devices have no Ethernet port so get yourself an Ethernet to USB converter), and the very moment you plug it into the device start spamming Enter as fast as you can to begin logging into iCloud with your burner account at the absolute soonest possible moment. Be prepared for it to sound the alarm if it is in fact reported stolen, it's loud. Check the box for Find My Mac and click continue. If everything went as planned then you will have overwritten the iCloud account on Apple's servers and you can now proceed with installing a fresh OS.
Cheers
Please Log in or Create an account to join the conversation.
7 years 10 months ago - 7 years 10 months ago #3499 by therealjayvi
Replied by therealjayvi on topic Can the macbook still give away it's location?
@reverendalc While your bit about what Apple says about FMM may be true
Clearing NVRAM/PRAM and reinstalling OS X, for a fact, does NOT remove the device from iCloud. All you're doing by clearing NVRAM/PRAM and reinstalling OS X is essentially "convincing" the Mac that it has a new owner. By no means should you EVER feel comfortable about a device if these are the only steps you have taken.
(Scenario from your perspective)
Say that you have a device, and you perform the steps you mentioned... The only possible way that you would have the ability to reinstall OS X would be if the device had not already been locked up. Alright, so you got lucky, cool, you notice you can boot via external devices (hdd, usb, etc). You proceed to resetting the NVRAM/PRAM. Okay. You perform a fresh install. Awesome. Now your Mac boots up and you got a brand new Admin user account at your fingertips. Sweet.
(Scenario from "their" perspective)
My Mac was stolen out of my apartment last night bro! Agh they pilfered all my electronics, my wallet, my car keys, all my check books and credit cards, and pictures of my wife! The cops say they'll "get back to me" with any updates, so that's not too promising... Wait a minute... I just remembered! (Hits up icloud.com from his mobile device, thankfully had it on him at the time of the felony burglary) I'll find this thieving ******* myself then! Good thing I synced my Mac to my iCloud account the other day! *Logs in/navigates to devices/sees serial number of device* Here we go! Lock and erase? Nahhh I'll let him think he's gotten away with it for a day or two, maybe I'll get lucky and the dumbass will connect it to the internet, it only takes a split second of open wifi! Oh what's this? Last known location? An apartment a few blocks from me? 20 minutes ago? *Ponders about either going on vigilante killing spree of revenge, or letting the cops know and let them deal with it...*
BOTH SITUATIONS WHICH SPELL DISASTER FOR YOU. DOESN'T MATTER IF YOU STOLE IT YOURSELF OR BOUGHT IT FROM CRAIGSLIST OR GOT IT FOR THE SUPER BOPPIN PRICE FROM THA HOMIE. EVER HEARD THE SAYING "POSSESSION IS 9/10 OF THE LAW"?
This is not just a fictional scenario I just created off the top of my head for some hopeful advice online. This is serious sh*t that Apple has spent MILLIONS of dollars trying to prevent the EXACT thing that we have all come to figure out how thwart.
The ONLY way to safely overwrite the information on iCloud is to login to iCloud either via an external drive that you have booted from the device in question (I suggest having your login details already typed into the fields PRIOR to connecting the device to the internet & spamming the Enter key as fast as possible while connecting. If the device has been locked after its been in your possession it will flare an alarm hella loud and attempt to immediately lock itself. By you logging into a new iCloud account at the same time there is a few seconds where it will allow the login to go through and you will have a few second window where you can click the option to "OVERWRITE THE PREVIOUS ACCOUNT ICLOUD INFO?") Do not feel safe with any device unless you have successfully rewritten the Icloud info using this method or another similar method, because the moment you let your guard down is the moment you have police showing up on your doorstep. True story. Take this stuff seriously please, for everybody's sake.
is not only incorrect, but quite possibly the most horrendously and potentially endangering piece of advice I have ever heard on the topic! I am removing your final comment ASAP and then I will explain why.NOTE: clearing NVRAM and reinstalling OS X removes the device from iCloud.
Clearing NVRAM/PRAM and reinstalling OS X, for a fact, does NOT remove the device from iCloud. All you're doing by clearing NVRAM/PRAM and reinstalling OS X is essentially "convincing" the Mac that it has a new owner. By no means should you EVER feel comfortable about a device if these are the only steps you have taken.
(Scenario from your perspective)
Say that you have a device, and you perform the steps you mentioned... The only possible way that you would have the ability to reinstall OS X would be if the device had not already been locked up. Alright, so you got lucky, cool, you notice you can boot via external devices (hdd, usb, etc). You proceed to resetting the NVRAM/PRAM. Okay. You perform a fresh install. Awesome. Now your Mac boots up and you got a brand new Admin user account at your fingertips. Sweet.
(Scenario from "their" perspective)
My Mac was stolen out of my apartment last night bro! Agh they pilfered all my electronics, my wallet, my car keys, all my check books and credit cards, and pictures of my wife! The cops say they'll "get back to me" with any updates, so that's not too promising... Wait a minute... I just remembered! (Hits up icloud.com from his mobile device, thankfully had it on him at the time of the felony burglary) I'll find this thieving ******* myself then! Good thing I synced my Mac to my iCloud account the other day! *Logs in/navigates to devices/sees serial number of device* Here we go! Lock and erase? Nahhh I'll let him think he's gotten away with it for a day or two, maybe I'll get lucky and the dumbass will connect it to the internet, it only takes a split second of open wifi! Oh what's this? Last known location? An apartment a few blocks from me? 20 minutes ago? *Ponders about either going on vigilante killing spree of revenge, or letting the cops know and let them deal with it...*
BOTH SITUATIONS WHICH SPELL DISASTER FOR YOU. DOESN'T MATTER IF YOU STOLE IT YOURSELF OR BOUGHT IT FROM CRAIGSLIST OR GOT IT FOR THE SUPER BOPPIN PRICE FROM THA HOMIE. EVER HEARD THE SAYING "POSSESSION IS 9/10 OF THE LAW"?
This is not just a fictional scenario I just created off the top of my head for some hopeful advice online. This is serious sh*t that Apple has spent MILLIONS of dollars trying to prevent the EXACT thing that we have all come to figure out how thwart.
The ONLY way to safely overwrite the information on iCloud is to login to iCloud either via an external drive that you have booted from the device in question (I suggest having your login details already typed into the fields PRIOR to connecting the device to the internet & spamming the Enter key as fast as possible while connecting. If the device has been locked after its been in your possession it will flare an alarm hella loud and attempt to immediately lock itself. By you logging into a new iCloud account at the same time there is a few seconds where it will allow the login to go through and you will have a few second window where you can click the option to "OVERWRITE THE PREVIOUS ACCOUNT ICLOUD INFO?") Do not feel safe with any device unless you have successfully rewritten the Icloud info using this method or another similar method, because the moment you let your guard down is the moment you have police showing up on your doorstep. True story. Take this stuff seriously please, for everybody's sake.
Please Log in or Create an account to join the conversation.
7 years 9 months ago #3653 by therealjayvi
Replied by therealjayvi on topic Can the macbook still give away it's location?
Wow this convo really took off! @reverendalc nice research concerning the serial and such, that's good work! All I have to add to the topic at this point is that there are certain situations that I personally have encountered that resulted in the police showing up at my door due to my negligence to follow the steps I created for myself. Two times I've had to release a device to the police due to it having come up stolen upon first boot. I've since then had to get a legitimate business license and become Apple Certified because they said if they have to come a third time and I do not have the proper credentials then charges WILL be filed against me. The two times that it happened I reset NVRAM/PRAM immediately upon first boot (after already unlocking) and was able to boot to an external. From there I opened up iCloud to re-register with a new account. Both times this happened to me I got lazy and didn't want to go through and take out my personalized router, hook up all the cords, go find my ethernet-usb adapter and then continue. So instead I figured "meh I'll be good" and just just connected to my Wi-Fi and mashed enter on the login info. The mac would then take a moment, glitch the iCloud window into two places on the screen (usually always happens) and then start sounding an alarm as loud as the speakers could possibly go. Of course this freaks me out every time this happens, but I've encountered it enough times to know that if I wait out the alarm for about 10-20 seconds then another window pops up and asks "Do you want to overwrite (current registered owners name)'s iCloud information on this Mac?" Clicking Enter after this stops the alarm.
Now I can only assume that because I used my actual Wi-Fi it gave off my location which led to the police showing up, but I don't know for certain. All I do know is that since I looked into making my personalized VPN router, whose location is somewhere far away from me, this issue has never happened again.
Now I can only assume that because I used my actual Wi-Fi it gave off my location which led to the police showing up, but I don't know for certain. All I do know is that since I looked into making my personalized VPN router, whose location is somewhere far away from me, this issue has never happened again.
Please Log in or Create an account to join the conversation.