Apple's New Proprietary Software Locks Kill Independent Repair on New MacBook Pros



Apple’s New Proprietary Software Locks Kill Independent Repair on New MacBook Pros by Jason Koebler

[…] According to the document, which was distributed to Apple’s Authorized Service Providers late last month, this policy will apply to all Apple computers with the “T2” security chip, which is present in 2018 MacBook Pros as well as the iMac Pro.

The software lock will kick in for any repair which involves replacing a MacBook Pro’s display assembly, logic board, top case (the keyboard, touchpad, and internal housing), and Touch ID board. On iMac Pros, it will kick in if the Logic Board or flash storage are replaced. The computer will only begin functioning again after Apple or a member of one of Apple’s Authorized Service Provider repair program runs diagnostic software called Apple Service Toolkit 2.] […]

Is Apple about to extend its repair coverage to older devices?

Next-level, really. :boxing_glove: off!

This is a repair model that is similar to that used by John Deere and auto manufacturers, who often prevent owners from repairing their own tractors or cars


Apple’s secret repair kill switch hasn’t been activated—yet says iFixit.


These kind of shenanigans are undermining one of the core principles of Apple, i.e. making robust and durable devices by harmonising software and hardware. That was the reason why I switched to Apple a while back, and that is why my 5 year old mid-end (at the time) macbook pro is still outperforming my brand-new high-end windows computer in many ways. But I’m hearing more and more of these things; like the increased difficulty of maintenance and repair, as well as performance throttling for “battery life”. I wonder if it’s not more profitable to invest in a
new type of business model - and device, accordingly - instead of resorting to backhanded solutions, which is steadily killing their image.


I find that a helpful feature that ensures you can use your phone for longer even when the battery is in bad condition. The phone will last longer on one charge albeit with reduced performance. There’s always a tradeoff between performance and battery life. I appreciated it on my phone, an iPhone 6, until I recently changed the battery (BTW changing the battery made the screen more responsive as the battery had swelled and the increased pressure on the screen was reducing its responsiveness, especially in the bottom left corner; that’s similar to the impact from a swelled battery on the trackpad on the old Black/White Macbook).

The issue with this was the initial lack of transparency, not the feature itself.


In addition to the right to repair awfulness of this, I think this might (could) backfire for Apple for the demographic who see Apple devices as more privacy-respecting than others, safer for journalists, dissidents, etc (e.g. Zeynep Tufekci, Aral Balkan etc.)

It includes the Mac Resource Inspector, which does a “quick health check of hardware and software,” as well as tools that check the system’s memory, display, power adapters, cooling system, and other aspects of the computer. It functions only if connected to Apple’s Global Service Exchange (GSX), a Cloud-based server that Apple uses to handle repairs and service. It requires a login from Apple to access.

The iFixit article guesses that the Apple Service Kit 2 software might track part serial numbers, linked to a particular service store. Given it has to be run on the individual’s own device, definitely a possibility it will link this to a specific device serial number. I didn’t see any specific mention of it in the articles, but it seems a reasonable assumption that Apple somewhere has a log of laptop serial numbers and customers. So if you take your MacBook in for repair you could theoretically be pinpointing your location in the world, and who knows whatever else information the software scans for, and sending this to Apple. If I was a political dissident I’d be pretty worried about that. It’s MacBooks now, but maybe iPhones next?

Even just for general citizens you don’t want black-box software that phones home to someone else’s server running on your machine. Apart from everything else Apple should explain exactly what this “quick health check of hardware and software” actually is and they should make their AST2 software publicly auditable.


What is your threat model? If I was a political dissident I’d be more worried by other things than the fact that I’ve visited an Apple Shop.

Before servicing a device Apple will check its warranty coverage. Apple maintains a database of all the servicing it has done. I suspect other brands do the same.

Most OSs do phone home in one way or another, and you have to spend time to harden them in that respect if it’s important to you. There were some concerns a few years ago with the default ntp server used in some Linux distro (can’t remember the details but it must be somewhere on the web). Apple devices use an Apple ntp server by default. This is a common, often overlooked, protocol that regularly calls home by design.

On MacOS if this concerns you, you may want to check out ObjectiveSee’s Lulu, a free, shared-source firewall for macOS. Of course whether you trust its author, a Mac security specialist, who has created many convenient security related tools and… who used to work for the NSA is another story!

Agree re demand for more transparency.


Haha, true! Perhaps not the most pressing threat :smile: However I would suspect Tufekci, Balkan et al would recommend Apple devices less for privacy-concerned journalists, dissidents, etc, should Apple pursue this policy. If you simply cannot continue to use a damaged device without taking it to an Apple approved store that reports back on your servicing, along with other unspecified pieces of information, to a central database somewhere, it’s not a very good precedent to set.


That needs unpacking. I agree with you about the right to have your device repaired wherever you want by whomever you want. However, if you bring it to Apple they’ll record some information. And they’ll also record information when you use their Store and similar services. (And I believe it is similar for all brands, with Google being worse as they monetise this information). It also helps them with fraud:

At its peak, Apple was seeing 60% of warranty repairs in China and Hong Kong as being fraudulent, literally costing Apple billions of dollars per year. […]

Apple retail had taken a very laid back approach, swapping out faulty iPhones as long as they didn’t appear to be intentionally damaged. It had been estimated by executives that fraud represented less than 10% of claims.

However, in 2013, an Apple data scientist counted the number of iPhones that switched Apple IDs after being repaired. This provided a very good estimate of the number of fraudulent replacements, as legitimate customers would naturally log back in to the same Apple ID they were already using. Criminals getting repairs for stolen iPhones lit up like red flags across Apple’s system. The problem of iPhone repair fraud was finally taken seriously inside Apple.

This counting showed the actual reality; more than 60% of repairs in China were fraudulent. The Information says that in the 2013 financial year, Apple had set aside $1.6 billion for warranty repair costs. The company ended up spending $3.7 billion in that period, with much of that gap explained by Chinese fraud.