If you ever forget your Apple computer's password, it's super easy to fix it! All you have to do is hold command+R on startup, open the terminal, and type resetpassword, then press enter. Then, you'll be prompted with a lovely GUI where you can reset any account on the computer, even admin ones! It's a super cool trick!
What's even wackier is that you can't turn it off, without enabling a BIOS password, or encrypting your entire hard drive! What a nifty feature!
Tyrone here.
I will not be giving the 2013 Macbook pro back.
Have a good day.
once an adversary has physical access, all bets are off
So what? Same features exist in other OSes.
I'll take the obvious bait:
>without enabling a BIOS password or encrypting your entire hard drive
Which you should do anyway. There's literally no reason not to, the performance hit is imperceptible on basically literally every modern processor.
Yes, but none of these are as straightforward as on OS X. You can literally google "os x reset password", and the first result is a super easy tutorial on on how Jamal can steal his first Macbook.
>what if you forget your bios password
sorry sweetie you're locked out of you $2000 toddlertoy
>he thinks being a brainlet is a valid argument against basic security
What's even funnier is that when this happens, the device is literally bricked, and OS X install CDs / USBs will no longer work. I wish I was making this shit up.
If you forget your BIOS password to a $1000+ laptop you deserve everything you get.
I'm pretty sure you can get it reset by Apple after presenting valid proof of purchase anyway.
Ok, but what if your computer is on but just locked? Does that mean I need to shut down my fucking computer each time I walk away from it?
OS X is a fucking joke.
You can't, they will assume it's been stolen and contact the authorities, unless you pay for AppleCare
Thanks Tyrone! And you have a nice day!
If it's locked, has a BIOS password and is encrypted, there's shit all someone malicious can do.
Can't shut it down and boot into recovery because there's a firmware password. Can't get to your data because the computer is locked.
Thank god there are no niggers on Sup Forums.
Even Windows 95 needed that strange explorer thing to gain access.
Yes, Windows 95 was more secure than osx is.
you can .. just brute force it.. ..
I already try and did it..
> You can't
You can. May not even go to an Apple Store, authorized service centers can do it.
BTW there are many offers for that on ebay.
Meanwhile on Windows...
Nice 20 years old picture here. Really brings a tear to my own eye.
>physical access
He's loud.
He's confident.
He's wrong.
And he knows that not one of you would ever go near a Mac to check.
You can, i did it.
You have to show the proof of purchase and a matching id, but they will reset the BIOS password. (Actually, they simply flash a new one, with a new version of osX, so you lose all your data)
I think if you use Apple's built in filevault drive encryption this doesn't work.
There's the trick on Windows where you move around system files (from another system like a Linux livecd) so that the Ease of Access on the login screen button opens an elevated command prompt. It's trivial to do similar shit for just about any modern operating system.
Again, BIOS password and disk encryption solves this problem entirely no matter what OS you use.
>unless you pay for AppleCare
In what shithole country would the consumer law allow that? My non-shithole country would tell Apple to fuck off if they did that.
Best part is there are Mac malware variants out there now that authenticate a users computer with someone else's iCloud account, then the holder of the account issues a remote lock to the computer and holds the machine ransom, requesting $50 USD to unlock the computer. This happens at the firmware level, and Apple so far has refused to assist with these cases.
Had one come in for repairs last week with this issue - an almost new 2017 MacBook Pro 13" Touch Bar. The owner of that machine was essentially fucked because Apple doesn't yet have an internal policy for this yet.
>Windows easy access trick is funny
>iToy easy access trick iToddlers defend it
Not defending any OS over the other. They all fall to the same tricks where physical access is gained to a non-encrypted machine without a BIOS password.
Why wouldn't you have your hard drive encrypted?
Does OS X support multiple users? If it does then this is wrong from both security and privacy perspectives. If it doesn't then I guess it is fine since you shouldn't be letting others to your system in first place.
>coworker
>can casually access your account
Encryption wouldn't matter as system is running that decryption keys are on memory.
>baby learns about single-user for the first time
welcome to Unix, why the fuck are you even here?
all this utility does is replace the usual filesystem mount/password change procedure with a shitty GUI that's even more annoying to use, fuck a lot of other *nixes straight up auto-mount the filesystem so you can get right to deleting the root password from the shadow file and gaining unrestricted access to the system in less than five minutes
physical access is game over for a reason, NT isn't that much more secure, it just takes a CD burner and ophcrack
but muh narrative...
>get files
>change /etc/password
>linux, bsd, os x, xenix, plan 9, inferno, unix, all unix likes totally absolutely blown the fuck out
You apple shills are something else. Firstly that's like 20 years old, and secondly is way more complicated. Why can't you just accept your shame?
>Unix
>single-user
user, UNIX was made to be multi-user. Literally their usage were to connect to fucking mainframes.
>a lot of other *nixes straight up auto-mount the filesystem
>gaining unrestricted access to the system
What the heck are you talking about? Do you have any idea about permissions and what ACL is? Have you used any other operating system besides OS X? The only way to get unrestricted root without exploits is by chroot from external media.
>I have no idea what I talk about
>user, UNIX was made to be multi-user. Literally their usage were to connect to fucking mainframes.
it's called single-user *mode* you fucking dipshit, also referred to as maintenance mode, every modern Unix system under the sun has it and it can usually be accessed through the bootloader/PROM depending on the platform you're using with a few keystrokes
and stop using the fucking AT&T trademark to refer to the operating system as a whole, it doesn't make you look smart, especially when you don't understand the difference between a mainframe and a minicomputer
>Do you have any idea about permissions and what ACL is?
shit that doesn't matter when you have root
>Have you used any other operating system besides OS X?
yeah, I mostly do it on Solaris, HP-UX and IRIX systems, only had to do it on an OS X system once or twice
>The only way to get unrestricted root without exploits is by chroot from external media.
you're using all of the right buzzwords but you literally have no fucking idea what you're talking about
docs.oracle.com
cyberciti.biz
rainbow.ldeo.columbia.edu
unixguide.net
>N-word
>>>/reddit/
Go back, nigger
go here
If you've got a receipt with your name on it and a description of the device you can just write the serial number on it, scan it and email it to us and we will unlock it. We don't give a fuck, calling the police isn't our job and we don't even have access to our own FMiP data.
And all AppleCare does is add free incidents if you decide to throw your shit at the wall and break it.
t. Apple support
not true, still better than thinkpad:
thinkpad: replace motherboard
mac: go to apple store, unlock within 1 hour as they have a challenge/response process which involves apple care/hq
You said plainly "single-user." If you said "single-user mode" I will have understand what you meant. Nevertheless from those mentioned Solaris needs a password on single-user. Docs of various BSD and Linux (well, it's Unix-like) flavors also inform you of securing single-user mode.
>stop using the fucking AT&T trademark
Isn't AT&T UNIX the name of the first and wasn't it made for the reason I mentioned?
>shit that doesn't matter when you have root
You shouldn't be able to trivially get root in first place but as you said without doing anything else it is also possible on other systems. Difference is the only way of securing here is by setting a BIOS (do Macs still use BIOS?) password. But in the end I misunderstood what you're talking about.
There are no known exploits to get around the macOS lock screen. Thunderbolt/USB DMA doesn't work while the machine is locked. You can't boot from USB if a firmware password is set. Cold boot attacks via DMA won't work if you're updated to 10.12.2.
The only thing that might work is moving the RAM chips to another computer. If you're worried about someone doing that then you should definitely either shut your computer down or enable DestroyFVKeyOnStandby and remove the 3-hour standby delay.
Yes, you idiot, that's the whole point. The nigger who steals my MacBook can't wipe it, so he'll either throw it away or give it back.
that escalated quickly.
I am seriously concerned about safety on my mbp though
kill yourself
>or encrypting your entire hard drive!
You mean the default option?
>moving the RAM chips to another computer
>implying Tyrone could do that
Obviously doesn't work if FileVault is enabled. If you don't have FileVault enabled, why even care?
people have been saying nigger here forever you stupid nigger
>be 2017
>buy $1200 facebook machine
>don't bother locking with iCloud like a dumbus.
You deserve to have your shit taken from you.