Tech

Apple’s T2 Security Chip Has Created a Nightmare for MacBook Refurbishers

Screen Shot 2020-05-04 at 9

As predicted, the proprietary locking system Apple rolled out with its 2018 MacBook Pros is hurting independent repair stores, refurbishers, and electronics recyclers. A combination of secure software locks, diagnostic requirements, and Apple’s new T2 security chip are making it hard to breathe new life into old MacBook Pros that have been recycled but could be easily repaired and used for years were it not for these locks.

It’s a problem that highlights Apple’s combative attitude towards the secondhand market and the need for national right to repair legislation.

Videos by VICE

“The irony is that I’d like to do the responsible thing and wipe user data from these machines, but Apple won’t let me,” John Bumstead, a MacBook refurbisher and owner of the RDKL INC repair store, said in a tweet with an attached picture of two “bricked” MacBook Pros. “Literally the only option is to destroy these beautiful $3,000 MacBooks and recover the $12/ea they are worth as scrap.”

As Motherboard has reported previously, without official Apple diagnostic software, newer MacBooks cannot be repaired or reset.

“By default you can’t get to recovery mode and wipe the machine without a user password, and you can’t boot to an external drive and wipe that way because it’s prohibited by default,” Bumstead told Motherboard in an email. “Because T2 machines have no removable hard drive, and the drive is simply chips on the board, this default setting means that a recycler (or anyone) can’t wipe or reinstall a T2 machine that has default settings unless they have the user password.”

As we’ve seen with iPhones in the past, users often don’t reset their own devices before they recycle or donate them, so the only thing that can be done with these devices—some of which are less than two years old—is have them shredded for scrap.

If the T2 equipped laptop’s previous owner doesn’t factory reset their machine before selling it or turning it in, then it can’t be done at all. The laptop is effectively a brick. “Recyclers are obviously prohibited from selling computers with user data on them,” Bumstead said. “But now they literally have to scrap the boards because Apple is giving them no way to remove user data if they don’t have passwords, as they most often don’t.”

Apple started including the T2 chips in MacBook Pros in 2018, and they’re now present in MacBook Airs and Minis produced after 2018. The chip requires the system to check in with a piece of proprietary Apple software after someone makes a hardware change, such as replacing a faulty part, on the computer. Without that check, the computer won’t work. The T2 chip makes the device more secure, but experts say that it should be possible to at least wipe a device and start it from scratch without endangering user privacy.

T2 is becoming a problem for refurbishers and independent repair stores as more of the post-2018 laptops hit their stores. Bumstead his biggest problem is with Apple’s Device Enrollment Program (DEP). DEP allows a company to purchase an Apple device, register its serial number with the company, and easily deliver software updates and proprietary company software.

DEP is a godsend for companies, but a nightmare for independent operations like Bumstead’s. If a company enrolled in the program doesn’t factory reset the machines before selling them off, then second-hand stores can’t sell them.

Wiping your information from a device you trade in is good data hygiene, but individuals aren’t the only people buying computers. Often, companies buy and sell computers in bulk. “When managed machines are decommissioned, the companies rarely de-register their computers,” Bumstead said.

“And if a computer is wiped, and it is a [DEP] managed machine, it becomes unusable during the setup wizard when the user connects to WIFI,” Bumstead said. “Registration is acknowledged at that point, and the user is prompted to log into the company, but they can’t, and so the machine is essentially bricked for the user. If they do manage to get to the desktop, they will be plagued with constant ‘this machine is enrolled by XYZ school district.’ Most consumers see this and assume the machine is stolen, and rightfully so.”

Bumstead said that around 20 to 30 percent of the new Macs he sees have this problem.

“It also hurts recyclers,” he said. “Most of the companies donating/selling devices are unwilling to de-register machines even if recyclers ask. But even if they are willing, it’s a pain in the ass that almost makes refurbishers scrap them instead of bothering to refurbish.”

If a recycler gets 1,000 MacBooks and 500 of them are DEP managed, then the recycler has to wipe and reinstall the operating system 500 times via an external harddrive. “Then they create a log of serial numbers and give it to the company to be de-registered. Then, once the company gives the OK, the recycler has to repeat the whole process in order to verify the machines are actually now de-registered. They often aren’t,” Bumstead said. “So you can see how this problem is rapidly infecting the recycling/refurbishing system and absolutely tanking its viability.”

The right-to-repair our own devices is essential to the functioning of a society so reliant on tech. But companies such as Apple and John Deere have made it next to impossible to cheaply, safely, and effectively repair the devices they sell. States across the country are moving forward with laws meant to enshrine the right-to-repair. Bumstead’s struggles highlight the need for the legislation.

Apple declined to comment on the record for this piece.