So i'm not the only one, huh. Got myself an iPhone, downloaded 2 apps, went to bed, woke up to a complete lockout. They unblocked me through a phone support request, after 18 hours, and then hit me with a fresh ban, not even 24 hours later. Account got permabanned after like 5 more calls, where they just started sending me a legal notice instead.
The fact that your device can become a complete brick, because of an issue in their completely hands-off account management system, smells like a class action suit
> The fact that your device can become a complete brick, because of an issue in their completely hands-off account management system, smells like a class action suit
This is HN frontpage. It's on a big "Mac" website. The damage is done.
Many are going to write nonsense like: "Apple is still a $2 trillion company, so this obviously works for them" to which I'll respond with a simple question: Did it not work for Apple before these SNAFUs? Does it work better for Apple now, after fuck ups like that?
It's not normal behavior and they are losing customers over this.
We had an Apple "moment" in the family: around the 2012'ish MacBook Air era. Two at home and they worked fine, for about ten years. Then the battery issues, the keyboard issues, the trackpad issues. Eventually these MacBook Airs died a painful death.
I'm on Linux since the nineties (and, yup, I can get into my system with Apple or Microsoft forcing an online ID down my throat) but the Macs were convenient for the wife.
So we bought a MacBook Air M1. After 13 months or so the screen died alone, overnight: was working fine before closing the lid, was dead in the morning. There are threads with dozens of pages on that subject.
That's when I switched the wife to Ubuntu. Ubuntu, Linux Mint: she doesn't care. Heck, I probably could have her use Debian or Devuan (Debian without systemd).
Apple is done for us. It's over. We'll never ever buy a Mac again and I'll never ever recommend a Mac to anyone.
And I'm far from the only one thinking that way.
The damage is done.
Rationalize as much as you want, invoke AAPL's market cap as much as you want, and enjoy being locked out of of your devices without any recourse.
I bought an iPhone a couple of days ago, and was planning on using the weekend to finally migrate from my old Android phone. Luckily, I haven't even opened the box so I should be able to return it for a full refund. No way I'm spending over $1000 for this kind of experience.
I’m curious, would you be willing to share the gist of the legal notice(s)? Even just broad strokes categorization of what they claim, perhaps…
- unauthorized access related to the lockouts and support requests you already described
- unauthorized activity related to something else you didn’t mention (even if unfounded)
- some other unrelated but specific violation of TOS or other cited rules (even if unfounded)
- zero additional information, perhaps reiterating some previous finding (even if unfounded)
I’m giving you the benefit of the doubt, but I agree with another commenter that it sounds like something is missing from your story. Details like these might help us understand how your experience fits the pattern of accounts in the article.
Something seems missing from your story. They banned you for downloading two apps, or was something else involved? Or you still have no idea why they banned you in the first place? Just curious.
This happened to me yesterday although I was able to quickly unlock my account on my MacBook pro. I spent a while making sure it wasn't an attempt by a backdoor to access my password. Felt very suspicious!
> they just started sending me a legal notice instead
This is bizarre and fucked up even from Apple's standard. Did you get to know anything about it - what happened? Did those legal notices seem to be automated? Any inkling what could have triggered it (False alarm? And Apple is known to hide its incompetence in this manners)?
Bought a brand new MacBook last year and set up a fresh iCloud account to go with it. Problem was for the First and Last Name I entered some variant of Unknown User / Unknown Account (for privacy..) and chose a username “[email protected]”. Everything was fine but 24 hours later, I could no longer sign into the account. It was saying my password was incorrect! I was 100% sure this password was right so wtf? In a panic, try to remove the account from my brand new device and can’t! You have to sign in normally to remove an account in settings. Obviously I called Apple support and a high quality American sounding woman took my call. She said my account appeared like it had been deleted, like when a user deletes their own account. She placed me on hold and found out what’s going on. Apparently “engineering” had my account DELETED. My only guess is they didn’t like my user name / mailbox name and suspected I was a fake person. Anyways the lady was able to get my account temporarily reinstated right there on the spot and I was able to login and delete that toxic account off my Mac. I made a new account and everything’s working fine. Needless to say I was very impressed with how they handled my situation, within 20 mins no less.
I was thinking about something related yesterday.
It is amazing how big "Internet Silos"
Google, Facebook, etc provide close to no
customer support services and that we "users" have
accepted this.
Getting cut off from one of these places can have a
huge impact on people.
They happen without warning and often without explanation.
I think they ought to be forced to be more open around
the process and how to get help in general.
For Apple I have usually managed to get a hold of some support.
Often not helpful but at least somebody.
With Google and Facebook I have never been able to find anyone.
Sameting that is demonstrated on this site frequently
when someone will post a plea for someone who knows people
at Google who they can't contact on their behalf.
Since they can't get hold of anyone themselves.
(Yes I am sure its covered in the EULA several times that
there is close to no support)
(For Google Workplace it is usually possible to get a hold of someone.)
> Google, Facebook, etc provide close to no customer support services and that we "users" have accepted this.
This is why I've always rejected the concept of vendor "ecosystems" and cloud-first SaaS solutions for my personal computing. I've also designed my life so it's not dependent on having uninterrupted access to Facebook or Gmail.
The thing that scared me recently was two updates that gave me new encryption keys. At first I trusted apple and wrote down the new key. But I became suspicious after the second update and checked online. It seems like it's happening to others, so I used the recommended command-line tool to verify my new encryption key and it didn't verify. Apparently it works after disabling and enabling encryption, but
I'm just keeping it disabled for now.
Only tangentially related, but I have been trying to enroll for Apple's developer program for almost 3 months now.
Understanding what the problem is is essentially impossible. Going to a physical store doesn't help, calling their customer service has them telling you to go to www.apple.com/support (???), and writing for support has them rotate you through 4 different, and decreasingly useful, representatives.
The last response I got I was told the issue had to be handled by yet a different representative and it would take an "indefinite amount of time". Which may be a nice way of them saying it's never going to happen.
It really is demoralizing when you realize there is nothing you can do really, even in cases when you have done nothing wrong.
A friend and I spent a month or so building an iOS app we were hoping to release and monetize, but we're also entirely unable to get a developer account created. Corporate entity, DUNS number, American, extremely boring people, and just a generic "Error creating developer account" on the signup form. Apple's support was hopeless in helping.
We gave up and re-built it as a web app. The thing that convinced me was the realization: When was the last time you installed/used a non-game App on the app store that, by your assessment, has less than 1 million users? I looked down my list of installed apps and realized that indie apps are kinda dead anyway. And our web app has been pretty successful.
I had similar issues, and I wish I could remember what solved it. It was something stupidly dumb like I had to log out and log back in on my phone or something. There have a couple of different edge case bugs that prevent people from signing up, and Apple customer support is useless on this.
I've had a similar problem trying to renew my Apple developer account. Had it for over 10 years. I had an email a few weeks ago telling me it could not automatically renew (same bank details that worked fine last year). Nothing I could do on their website would make it work. I got hold of someone on their online chat who directed me to the Apple developer forums.
I gave up in the end. But I will have to sort it out before I can release the Mac version of my current project.
Been locked for almost 3 months between November 2022 and January 2023.
Apple is crazy. My iPad with the authenticator broke, and even though I filled endless forms, verified emails and phone number they just keep sending me emails I was gonna be called by support at a date 3 weeks away.
Got no call, restarted the procedure. Got called in January, and it was an automatic voicemail or something..
I literally couldn't use my work machine (had a backup desktop to use).
Needless to say, except for the MBP I sadly need for work I'm not giving apple a dime for my life.
With risk of being spammy, this is probably the most relevant discussion I've seen so far on HN w.r.t my experience of being locked out from my Apple ID.
I hope legislation will force Apple to step up and be more transparent / helpful.
Not sure if it’s a valid data point or not. I manage 7 people’s Apple ID accounts. This has happened a few times including twice last night but only on the people who use the @icloud.com as their primary email address. Assume that is related to password guessing attacks. Both addresses are in public email leak databases.
Can only advise that you should have recovery contacts and a recovery key set up in case something goes wrong.
To this day, I still get random "Enter your password to continue using iCloud" push notifications on my iPhone with no relevant action to trigger such a notification.
My Apple ID uses a unique password, I keep a recovery key, I don't have its login credentials saved anywhere, and it's a dev account; so I have my LLC's DUNS number attached to it. My devices are the only ones listed in my settings portal.
I have no idea why I get these notifications, lol.
I understand why people enjoy Apple products, but I will never understand why people defend the company when we all know, often through direct personal experience or the experience of someone we know, that the wealthiest company is the world has chosen to provide insultingly miserable customer support as a business decision.
I'm using my own domain for e-mail, but obviously I need another e-mail for registrar, hoster, etc. I used to use gmail for that, but recently switched to icloud as I thought gmail is too dangerous with Google banning people around. Seems Apple's no better.
I have no idea how to untangle this dependency chain. I'm using registrar in my country, so if everything goes wrong, I can just contact them with my ID and hopefully fix things up, but I'd prefer to have 100% reliable e-mail in the first place.
I feel like these random behind the scenes issues happen a month or two before WWDC to give Apple the foundation they need to announce new services.
I had read Apple is switching the name AppleID to be Apple Account or something similar at WWDC. Me thinks they are quietly pushing code that somehow is causing this for people.
Maybe it’s an age of account issue or some other commonality.
I signed up for an at me account twenty years ago and still use that as my living and haven’t had issues. Maybe icloud.com users?
It happened to me last night! At that moment, I froze, thinking that somehow my password had leaked and someone was trying to brute-force my MFA. At the time, I was at a restaurant celebrating my son's birthday and couldn't change the password on my phone... So I just ignored it and when I got home, I changed the password on my MacBook without any trouble.
This morning, as a precaution, I changed all my important passwords.
I can only imagine the uproar if this was happening to the users of any other company. But it's pretty muted here with a lot of consideration given for apple rather hostility. Nice to see.
Happened to me today. First got the message on my computer that my location was unknown and needed to enter a code from the phone. By the end of it, I had to reset my Apple password. No idea why it happened.
could be somewhat related, last week I had a successful login for my Apple ID from a location I didn't recognise (somewhere in central asia).
I noticed because I got a prompt on my phone, which requested I allow (or disallow) the access.
Since I'm pretty good about password hygiene and security, I of course changed my password immediately and force-signed out all my devices.
That being said: if someone has a password list and is using a bot to scan them all; Apple will of course lock-out sign-in attempts.
Not to say what they're doing is right, there's better ways to handle it. But if I were to apply very recent anecdotal data to this even then this is a meaningful conclusion I could draw.
We need to get a legal advocacy group started for dealing with digital rights (EFF isn't getting it done with consumer rights). A couple of well-funded lawsuits on behalf of wronged users will fix this with all of the vendors. This kind of thing should never happen.
This makes me want to minimize my touchpoints with any of any cloud services of the hardware I purchase to ensure I can't be locked out of my life for 18-24 hours.
|
Some people have to take care of critical dependants. I don't exist and serve at the pleasure and convenience of any aspiring digital identity provider. I actually never wanted any of them to be my digital identity.
What's convenient may also be a bigger security gap and impact than many ppl realize.
The recent threads about PalmOS phones seem timely in hindsight. With Palm devices, you installed apps yourself with a sync cable to your computer, and there was no convenient app store, no one could lock you out of your smart phone and your life. Maybe that's an option that should come back. iTunes used to backup and sync just fine.
If there's no real acknowledgement or detailed coming out about this, it's very possible it's a cybersecurity incident of some kind that is serious enough. And it's not just an Apple thing. This has or will happen with every digital identity provider.
There's no one to really pick the phone or answer an email at google or apple when it comes to your digital identity that they want to be holders and providers of.. At least with the government there's a DMV or registry to go to.
[+] [-] dinckelman|1 year ago|reply
The fact that your device can become a complete brick, because of an issue in their completely hands-off account management system, smells like a class action suit
[+] [-] TacticalCoder|1 year ago|reply
This is HN frontpage. It's on a big "Mac" website. The damage is done.
Many are going to write nonsense like: "Apple is still a $2 trillion company, so this obviously works for them" to which I'll respond with a simple question: Did it not work for Apple before these SNAFUs? Does it work better for Apple now, after fuck ups like that?
It's not normal behavior and they are losing customers over this.
We had an Apple "moment" in the family: around the 2012'ish MacBook Air era. Two at home and they worked fine, for about ten years. Then the battery issues, the keyboard issues, the trackpad issues. Eventually these MacBook Airs died a painful death.
I'm on Linux since the nineties (and, yup, I can get into my system with Apple or Microsoft forcing an online ID down my throat) but the Macs were convenient for the wife.
So we bought a MacBook Air M1. After 13 months or so the screen died alone, overnight: was working fine before closing the lid, was dead in the morning. There are threads with dozens of pages on that subject.
That's when I switched the wife to Ubuntu. Ubuntu, Linux Mint: she doesn't care. Heck, I probably could have her use Debian or Devuan (Debian without systemd).
Apple is done for us. It's over. We'll never ever buy a Mac again and I'll never ever recommend a Mac to anyone.
And I'm far from the only one thinking that way.
The damage is done.
Rationalize as much as you want, invoke AAPL's market cap as much as you want, and enjoy being locked out of of your devices without any recourse.
[+] [-] Handprint4469|1 year ago|reply
[+] [-] eyelidlessness|1 year ago|reply
- unauthorized access related to the lockouts and support requests you already described
- unauthorized activity related to something else you didn’t mention (even if unfounded)
- some other unrelated but specific violation of TOS or other cited rules (even if unfounded)
- zero additional information, perhaps reiterating some previous finding (even if unfounded)
I’m giving you the benefit of the doubt, but I agree with another commenter that it sounds like something is missing from your story. Details like these might help us understand how your experience fits the pattern of accounts in the article.
[+] [-] seanmcdirmid|1 year ago|reply
[+] [-] uh_uh|1 year ago|reply
[+] [-] amelius|1 year ago|reply
Sounds like you have been scammed. Maybe just try to get your money back?
[+] [-] johndunne|1 year ago|reply
[+] [-] Teever|1 year ago|reply
A real way to hit these kinds of companies selling defective products is to coordinate simultaneous small claims courts cases around the world.
[+] [-] Nextgrid|1 year ago|reply
[+] [-] crossroadsguy|1 year ago|reply
This is bizarre and fucked up even from Apple's standard. Did you get to know anything about it - what happened? Did those legal notices seem to be automated? Any inkling what could have triggered it (False alarm? And Apple is known to hide its incompetence in this manners)?
[+] [-] russellbeattie|1 year ago|reply
After filling out an online form you receive in a year or so, then waiting another three, you'll get a check in the mail for $2. Justice! Hooray!
The only people class action lawsuits benefit are the lawyers.
[+] [-] jjtheblunt|1 year ago|reply
I am wondering if your account was collateral damage of an automated system detecting misbehavior of the apps.
[+] [-] willis936|1 year ago|reply
[+] [-] j45|1 year ago|reply
[+] [-] javajosh|1 year ago|reply
You (and others like you) need to meticulously record and assess the financial damage the lockout does to you.
[+] [-] chrisjj|1 year ago|reply
[+] [-] hx833001|1 year ago|reply
[+] [-] beeboobaa3|1 year ago|reply
[+] [-] luckylettuce|1 year ago|reply
[+] [-] anecdotendum|1 year ago|reply
[+] [-] ThinkBeat|1 year ago|reply
Getting cut off from one of these places can have a huge impact on people. They happen without warning and often without explanation.
I think they ought to be forced to be more open around the process and how to get help in general.
For Apple I have usually managed to get a hold of some support. Often not helpful but at least somebody.
With Google and Facebook I have never been able to find anyone.
Sameting that is demonstrated on this site frequently when someone will post a plea for someone who knows people at Google who they can't contact on their behalf. Since they can't get hold of anyone themselves.
(Yes I am sure its covered in the EULA several times that there is close to no support)
(For Google Workplace it is usually possible to get a hold of someone.)
[+] [-] rchaud|1 year ago|reply
This is why I've always rejected the concept of vendor "ecosystems" and cloud-first SaaS solutions for my personal computing. I've also designed my life so it's not dependent on having uninterrupted access to Facebook or Gmail.
[+] [-] dsego|1 year ago|reply
[+] [-] newrotik|1 year ago|reply
Understanding what the problem is is essentially impossible. Going to a physical store doesn't help, calling their customer service has them telling you to go to www.apple.com/support (???), and writing for support has them rotate you through 4 different, and decreasingly useful, representatives.
The last response I got I was told the issue had to be handled by yet a different representative and it would take an "indefinite amount of time". Which may be a nice way of them saying it's never going to happen.
It really is demoralizing when you realize there is nothing you can do really, even in cases when you have done nothing wrong.
Not impressed to say the least.
[+] [-] 015a|1 year ago|reply
We gave up and re-built it as a web app. The thing that convinced me was the realization: When was the last time you installed/used a non-game App on the app store that, by your assessment, has less than 1 million users? I looked down my list of installed apps and realized that indie apps are kinda dead anyway. And our web app has been pretty successful.
[+] [-] adastra22|1 year ago|reply
[+] [-] richardjdare|1 year ago|reply
I gave up in the end. But I will have to sort it out before I can release the Mac version of my current project.
[+] [-] prmoustache|1 year ago|reply
[+] [-] sammy2255|1 year ago|reply
[+] [-] epolanski|1 year ago|reply
Apple is crazy. My iPad with the authenticator broke, and even though I filled endless forms, verified emails and phone number they just keep sending me emails I was gonna be called by support at a date 3 weeks away.
Got no call, restarted the procedure. Got called in January, and it was an automatic voicemail or something..
I literally couldn't use my work machine (had a backup desktop to use).
Needless to say, except for the MBP I sadly need for work I'm not giving apple a dime for my life.
[+] [-] toomuchtodo|1 year ago|reply
https://reportfraud.ftc.gov/
[+] [-] rtaylorgarlock|1 year ago|reply
[+] [-] sleight42|1 year ago|reply
My experience, on the phone and via Message, has been uniformly garbage for years.
It used to be that you could go to the Apple Store and the "Geniuses" or their management would make it right.
What the hell happened??
[+] [-] ametrau|1 year ago|reply
[deleted]
[+] [-] notemaker|1 year ago|reply
I hope legislation will force Apple to step up and be more transparent / helpful.
https://skogsbrus.xyz/dont-put-all-your-apples-in-one-basket...
[+] [-] quitit|1 year ago|reply
The problem stems from nefarious groups getting a hold of email addresses and running distributed dictionary attacks.
Apple’s response is to prevent all logins (including valid ones) from accounts that are under attack.
Unlocking the account involves calling Apple, they’re not going to tell you why the account was locked.
[+] [-] cjk2|1 year ago|reply
Can only advise that you should have recovery contacts and a recovery key set up in case something goes wrong.
[+] [-] HaZeust|1 year ago|reply
My Apple ID uses a unique password, I keep a recovery key, I don't have its login credentials saved anywhere, and it's a dev account; so I have my LLC's DUNS number attached to it. My devices are the only ones listed in my settings portal.
I have no idea why I get these notifications, lol.
[+] [-] standardUser|1 year ago|reply
[+] [-] vbezhenar|1 year ago|reply
I have no idea how to untangle this dependency chain. I'm using registrar in my country, so if everything goes wrong, I can just contact them with my ID and hopefully fix things up, but I'd prefer to have 100% reliable e-mail in the first place.
[+] [-] someonehere|1 year ago|reply
I had read Apple is switching the name AppleID to be Apple Account or something similar at WWDC. Me thinks they are quietly pushing code that somehow is causing this for people.
Maybe it’s an age of account issue or some other commonality.
I signed up for an at me account twenty years ago and still use that as my living and haven’t had issues. Maybe icloud.com users?
[+] [-] delduca|1 year ago|reply
This morning, as a precaution, I changed all my important passwords.
Good to know it wasn't just me.
[+] [-] hgyjnbdet|1 year ago|reply
[+] [-] vondur|1 year ago|reply
[+] [-] dijit|1 year ago|reply
I noticed because I got a prompt on my phone, which requested I allow (or disallow) the access.
Since I'm pretty good about password hygiene and security, I of course changed my password immediately and force-signed out all my devices.
That being said: if someone has a password list and is using a bot to scan them all; Apple will of course lock-out sign-in attempts.
Not to say what they're doing is right, there's better ways to handle it. But if I were to apply very recent anecdotal data to this even then this is a meaningful conclusion I could draw.
[+] [-] infogulch|1 year ago|reply
[+] [-] TeMPOraL|1 year ago|reply
[+] [-] indymike|1 year ago|reply
[+] [-] j45|1 year ago|reply
What's convenient may also be a bigger security gap and impact than many ppl realize.
The recent threads about PalmOS phones seem timely in hindsight. With Palm devices, you installed apps yourself with a sync cable to your computer, and there was no convenient app store, no one could lock you out of your smart phone and your life. Maybe that's an option that should come back. iTunes used to backup and sync just fine.
If there's no real acknowledgement or detailed coming out about this, it's very possible it's a cybersecurity incident of some kind that is serious enough. And it's not just an Apple thing. This has or will happen with every digital identity provider.
There's no one to really pick the phone or answer an email at google or apple when it comes to your digital identity that they want to be holders and providers of.. At least with the government there's a DMV or registry to go to.