It's just insane that a gift card redemption can trigger this. What's the rationale? It would make more sense if they just locked the person out of redeeming gift cards or something, not the entire account.
But reading horror stories like this is is why I only use the very bare minimum of any of these cloud services. Keep local copies of everything. For developer accounts, I always create them under a separate email so they're not tied to my personal. At least it can minimize the damage somewhat.
It sucks that I have to take all these extra precautions though. It's definitely made me develop a do not trust any big corp mindset.
If enough of these horror stories are publicized, people will learn to never buy/redeem Apple gift cards because of the real possibility of account bans.
- Don't give Apple gift cards to family and friends: You're potentially ruining the recipient's digital life if they redeem it.
- Don't buy Apple gift cards: You risk ruining your own digital life.
If you've been given an Apple gc for Christmas -- and you have paranoia of the risks -- don't buy anything online that's tied to your Apple ID. Instead, go to the physical Apple store to redeem it. And don't buy an iPhone with it because that will eventually get assigned to an Apple ID. Instead, get a non-AppleID item such as the $249 ISSEY MIYAKE knit sock.
I have thousands of credit-card reward points that could be traded in for Apple gift cards but I don't do it because Apple's over-aggressive fraud tracking means Apple's store currency is too dangerous to use.
The "gift card" in general is an anachronism whose time has passed. They have got to go. If companies are going to consider use of gift cards as red flags (as they often are, due to their being key components in money laundering and scams), then society should just abandon them. They are worse in every way than a prepaid credit cards, and in most cases where you want to give someone a gift card, you should probably just give them cash.
The only “use cases” I’ve seen are discount or niche. For example, Target and Bass Pro Shops/Cabelas in the US both offered some kind of 5 or 10 percent back/discount around Black Friday on gift cards. Niche would fall into, generally, some small enough business that these messes aren’t likely to happen, where the point of the gift is specifically later-consumption, like a local coffee place that you know someone loves, or say a specialty herbs and spices place for a cook (where you wouldn’t know exactly what they want from there, but that they WOULD be delighted to get something from the place).
Otherwise? Yeah. Gift / prepaid credit cards are a horrible scam, because they tend to have a percentage or, worse, flat fee to activate. $4 extra on a $50 card as a gift means you just paid 8 percent just to GET the card.
I used to buy a gift card every ~week at a local sandwich place near where I worked and ate at every day. Their deal was a free meal (sandwich, chips, drink) with a $50 gift card purchase. Then I'd just pay with the card until it ran out.
I'm the author of that Reddit post. I should probably update it to clarify that I didn’t just purchase the gift cards, but also redeemed them. I don’t think it was purchasing them that triggered the lock on my Apple account. I mean, after all, how would they know what my Apple account is until they’re redeemed?
>, how would they know what my Apple account is until they’re redeemed?
To add context, your reddit post also mentioned: >, I purchased eleven Apple Gift cards from [...], and apple.com, and added the amounts to my Apple account.
I'm not saying the following applies to you but one can buy Apple Gift Cards using their Apple ID. After adding gift cards to the ecommerce shopping bag on Apple.com, it offers the option : "Check out with your Apple Account"
So Apple would know the exact AppleID at the time-of-sale instead of waiting until redemption. If for some reason Apple's fraud detection system doesn't like the transaction (e.g. unusual ip address from Mexico instead of USA, or too many high-value cards in a certain time period, or other black-box opaque heuristic) ... then the buyer puts their Apple account at risk.
Fraud prevention heuristics are insanely aggresive these days...
Last week, I bought a Netflix subscription and 5 days later, Netflix cancelled the membership for no apparent reason. I got on a customer support chat with Netflix and the agent said it was cancelled because of the credit-card #. It didn't pass their fraud prevention system and to try using another card. At least Netflix automatically refunded the entire amount back to me -- whereas Apple keeps the gift card balance for itself after locking accounts.
In another incident, I used a Chase credit-card at a physical Apple store to buy 2 iPhones on 2 separate receipts. The first iPhone sale was a success. The 2nd iPhone transaction just 1 minute later was denied and Chase locked the entire account. I had to call Chase customer service and recite the make & model of a car I had 20 years ago to prove my identity for them to re-activate the credit card!
My recommendation is to completely drop the Apple ecosystem, however painful it is. I do use an iPhone but I treat it as just a phone. If Apple locks me out I dgaf.
Comments like this remind me of my distant relatives who proudly live out in the countryside and avoid traveling to big cities for any reason. They see a lot of Fox News headlines about bad things happening in big cities and they've concluded those bad things are happening all the time.
So they constantly congratulate themselves for not going to the nearest city, look down upon people who spend time in cities, warn us that we're at risk of the bad things happening, and never miss an opportunity to talk about how bad cities are in conversations.
Now replace big cities with big tech and that's exactly how a lot of these Hacker News comments read.
Huh you got me with this analogy. On the other hand, can't this be said about any bad thing? Few bad things are always bad. A few examples:
* My liberal relatives won't own guns because they keep hearing stories about how guns are deadly, even though I own guns and nobody's died yet
* My friend's kid won't pet puppies because he heard they bite sometimes
* My aunt in Moscow didn't want to vote for Putin because he's "authoritarian", but my life is going great
How do you distinguish between things that are actually bad vs overreactions? Maybe it's just based on individual risk tolerance? I don't see the need to put my digital life in the hands of some unresponsive corporation, but the risk is worth it to you and we just have to agree to disagree?
I’m not trying to be rude, but what is the point of buying and then redeeming gift cards yourself?
I just pay Apple with my credit card when I want to buy something. Is this some kind of weird credit card rewards churning thing? Are you unbanked? I don’t understand why you’d voluntarily add unnecessary extra steps.
A credit card offers far more protections to consumers than a gift card.
Given the amount of false positives, Apple should have an appeal process for innocent users to regain access to their accounts. It would be nice if this applied to all big tech companies, losing an email address can make other accounts difficult or impossible to access.
I always buy Apple gift cards when there's a deal on them. A few weeks ago you could buy an Apple gift card and get $10-15 of Amazon credit, so I bought the gift card and loaded it into my account.
I do this all the time and I've done it for years.
I once bought thousands of dollars of Apple gift cards, $500 at a time, by redeeming credit card reward points that could be spent like cash at a couple of select retail stores for 2X their points value.
It's a common practice. The edge cases are scary when you see them reported on Reddit, but they really are rare and generally get resolved after follow up (however inconvenient).
Some people go to extremes to do things like buy Apple gift cards at stores that give them a small discount on gas purchases or something. I'm not nearly extreme enough to do that entire process, though. Having the money loaded on to a Gift Card is inherently risky and I need some significant upside before I'll do it.
Lots of stores offer deals on gift cards, essentially giving g you a discount at the cards’ store. $100 Apple gift card for $80 means you can buy something at Apple for $20 off if it is less than $100.
If you want to trade in an old phone without doing it at the time you purchase a new one, the only way to receive the trade in value is via an Apple gift card.
I was looking forward to getting $160 gift card for my old iPhone 11 but after reading all this I think I’ll just leave it in a drawer.
Not so. I just traded in/upgraded (on a Verizon contract, but AT the Apple Store; maybe that affects this… but still paying Apple directly) and they handed me the new phone and had FedEx send a trade-in mailer that I had a while to send back with my trade-in.
Ah but you told them at the time of purchase that you were going to do the trade-in. As I said. It’s different if you want to do the trade in later, which at that point looks more like “sell an old random phone back to Apple for some credits”
This is a problem with modern life in general. Computing and the internet have exploded the complexity of society. Regular people have so much on their plate as it is (school, work, family, mortgage, etc) that they simply cannot keep up with all of the privacy and security risks of a digital life. They also can't keep up with the complexity of politics and civic life, but that's another discussion entirely!
I think tech people who read a lot of news headlines have a hard time grasping the scale of these services.
Commenters here talk about PayPal account closures as if everyone who uses the service will eventually lose their money. Now we're talking about gift cards as if everyone using gift cards will have their account locked.
These stories, while frustrating and sad, are rare occurrences. The majority of people who use these services will not have any experience like these stories you read.
To be honest, I think the average person is probably better at estimating their risk of using these services than a lot of these HN commenters.
I remember when Cory would let you download any of his books for free and even said you were allowed to email him and call him a sucker for doing this.
‘Member States shall ensure that, in the cases referred to in paragraph 4 …, after taking its decision, the credit institution immediately informs the consumer of the refusal and of the specific reason for that refusal, in writing and free of charge, unless such disclosure would be contrary to objectives of national security, public policy or Directive [2005/60]. […]’
https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CEL...
The most money I have ever had on my PayPal account was 100 bucks from a reversed transaction (like, double booking of a hotel room or wrong item sent), otherwise it's just a gateway. It would be annoying if my PayPal account was locked, because I use it a lot to order pizza online and a few small purchases. I could just use my credit card or something else but it's more clicks. And I know a lot of people who do it like this. The only thing lost is convenience. No past purchases, no digital identities.
Maybe you meant the merchants who really amass thousands but I suppose they are a small minority of active users.
There are a good number of freelancers of various sorts that get paid via PayPal and only occasionally pull that money to their bank accounts to avoid the fixed fee, or even prefer to spend much of it straight from PayPal to avoid the percent fee. People also use it to send money between family members in different countries because it's often cheaper than an international wire.
It's quite easy to build up a few hundred or thousand USD worth. It feels just enough like a bank account that you think you're safe. Then...well, the internet is full of PayPal horror stories, I won't bore you with my own.
Last time I had to deal with that was 8-ish years ago and there was definitely a fee. Can't check now because they blocked my account due to a failed Spotify payment and I don't care enough to deal with their phone support again to get it unblocked
For every purchase you make as a gateway there's a vendor account on the other end receiving that money and required to do accounting with it (like issuing refunds) which requires keeping a balance. These are the people having big problems when their account gets locked and their funds are no longer available. The blow back does potentially effect you if you return an item and then the vendor can't issue the refund because the account is locked.
That you don't keep a PayPal balance and i don't buy Apple gift cards is irrelevant to the people that do keep a PayPal balance and do use Apple gift cards
I think it's a combination of money laundering and phone scams where people are told they owe money to the IRS or something and are tricked into buying a bunch of gift cards.
That said, if buying and redeeming gift cards are such an indicator of fraud that people are legitimately afraid of getting their accounts permanently locked, why doesn't Apple just stop selling them?
> If enough of these horror stories are publicized, people will learn to never buy/redeem Apple gift cards because of the real possibility of account bans.
If you are trying to be a bad person you could weaponize that approach. You do not like person x, send them some Apple gift cards... :o
> You do not like person x, send them some Apple gift cards... :o
99.999% chance they happily redeem them and go about their lives.
These stories, while frustrating, are clearly edge cases. Yes I know you can find more if you search social media, but I don’t think a lot of these HN commenters realize the volume of gift cards Apple sells and redeems without problem every day.
In this case buy the gift card from some shady retailer with a one-time-use virtual card, and give this shady code to your friend. Or buy a physical card from aliexpress, the cheapest one with bad reviews.
It seems you haven't learned the whole lesson. You're close, though. If you're going to be skittish, there's a better and easier set of rules. Don't use anything that involves an Apple ID.
The newer iPhones have such great cameras, I have have been considering an iPhone for my next phone. The only thing holding me back is the lack of built-in stylus.
Does the iPhone require an Apple ID? I don't even log into my Google account with my Android device. If the phone requires an Apple ID, then obviously I'm not buying one.
No, it doesn’t require one… but you won’t be downloading anything from their App Store without one, leaving your only option for getting software onto it “Xcode after you build it yourself” since there’s no side loading. Xcode’s ability to do that may require an Apple ID or developer account; I’m unsure.
In the EU, the requirement to support alternative app stores would probably mostly fix that, but those of you in the US are kinda…
I skimmed some of the comments from that giant Reddit thread. A lot of people responded that they’ve been buying even more Apple gift cards without problem.
One commonality among the stories in that thread from people who had problems was either switching their App Store country or using their App Store account primarily from a different country than the setting.
And in fact, a prohibition is never a solution, it is a reduction in solution options
And this advice takes into account exactly zero aspects of the particular problems a given person may have to solve, besides “problems with Apple”, in a world where most people have “problems with X” for each of the few large ecosystems.
Freedom of choice would mean for N choices, being able to make, well, N indepointed choices. N may be a very large number given how many things people do.
For an ideal world of compatible modular technologies, N choices is easy.
But our technology world is highly non-modular, centralized at many levels, and full of incompatibilities and dependencies of various kinds and costs. Including important dependencies involving the choices of other people we interact with, or very specific tools or resources.
So no, “Don’t buy Apple” is not better advice, it is just bad random generic advice, without knowing a lot more about any particular situation.
But it is a solution. Apple being a poor stuard of their customers is indicative that people buying their hardware and software are not their priority. Apple support used to be stellar, they used to care about customers, they no longer do.
Apple's ToS should be readily indicative of anyone using any of their products that Apple's perspective is that you don't own anything and they can do whatever they want with anything you do with their products. As the author points out you clearly don't own free access to what you've purchased.
The last thing I'll say is that it is fantastic advice to not purchase Apple in 2025. You can only be certain that this won't happen if you avoid them. I actually own a MPB, with receipts from purchase, that I had to purchase a bypass for when the device was enrolled in MDM by a family member that Apple has MDM locked and refuses to remove from iCloud.
Avoid Apple, that's the best advice. If you can't avoid Apple, minimize your footprint and make sure you're a good boy or girl else Tim Cook will steal from you and hide behind some bullshit first line support tar pit and an army of lawyers if you do happen to decide to threaten them.
But, at least with Google you can use hardware without the binding software requirement. You can use an Android device with GrapheneOS and have the phone entirely de-Googled, yet still use Android apps.
If the implication was that there's no other option outside of Apple and Google then that is unfortunate.
LOL it’s not some sisyphean task to not use big tech products, its slightly inconvenient and takes some time to adjust, don’t talk about it as though it were something that only the great men of the ancient times could do, take your iPhone and throw it as hard as you can against the concrete, you will be fine.
Great advice if you don’t need a smartphone. Many do, they are now an identity tool.
The alternative to Apple is…Google? How is that in any way better other than not being Apple? Sure, there are de-Googlefied versions of Android and today they work . But Google is actively working on ending the ability of those alternative operating systems to work.
In my country we have a large religious population that eschews smartphones. Thanks to this, all services - bank, government, etc - are available without requiring apps or even internet access.
The US has just proposed making the ESTA application process mobile-only.
As an example of one.
Banks requiring device attestation may be a pain in the ass, but it’s not a “requirement”; they (for now) still have websites and, usually, a physical branch.
Banks 2FA are not SMS anymore, so no banking, and because no 2FA no online card payments and no limit adjustment.
Some banks are even app-only.
IRL events where you have to open the app at the gate.
Probably no charging for your EV.
No bus tickets. No Uber. No scooters. No food delivery.
More tedious flying / immigration. No Tinder (requires live face verification on your phone)
Some modern cars you are going to have troubles.
Impossible to setup a lot of smart appliances (like home WiFi routers).
Many examples.
It’s like: can you live without a bank card ? Probably but not everywhere and you will not be able to go to all shops.
Essentially it’s great if you plan to stay at home. Becomes a great problem once you want to interact with anyone further than 1 meter from you.
None of those require smartphones if you live in a free country (1) (2).
(1) Unbanked population in Uganda or india don't have options. Funnily, it's become the same with everyone, banked or unbanked, in the USA. The USA a third world dictatorship now, so expect that and more. Please vote for the orange buffoon a third time! He will most surely try to get on a third term.
(2) No bank in the EU requires a smartphone; it's banned by law (you know, law that protects people, the type you lost). "Banks" that are app-only are not banks but financial casinos. No bus driver in the EU can refuse small coins. In some countries they cannot refuse that you get on the bus without paying. No shop in the EU can refuse cash. No EV charging requires any app; you can pay right at the charging station with a credit card. Uber is not a universal right but a trinket. Same with tinder/food delivery and all the impoverishing tech for the disowned.
Sounds like we don't live in the same EU.
Banks are required to use Strong Customer Authentication, and they consider apps to be safer alternative than SMS.
Revolut, N26 and co, are real banks, like any bank in the EU.
In many countries, you cannot pay with small coins the bus driver.
Shops can refuse cash.
https://fullfact.org/online/UK-not-only-europe-country-legal...
etc
In Northern Europe it's very common not to have cash at all or to have it rejected.
In Estonia, you can choose to login to services using... your mobile phone OR (if you are lucky and this is supported) a physical ID card reader, so realistically you want to have a mobile phone. Some services don't even have alternative.
It's more like a German / Swiss thing to have cash everywhere.
They may not require one, but good luck getting transactions done without one. My EU bank branches are now only open 3 hours a day, and to approve an online transaction without the app means phoning the bank during business hours…
In phones you have a choice of iOS (Apple) or Android (Google). Sure, maybe some people can go back to flip phones, but I can’t without finding a new job.
This is the first I’ve heard of Apple locking someone out of their account for no reason. Google does it all the time. So, yeah, can’t leave Apple over this.
People love to smugly suggest this useless advice like there aren’t literal public services from governments around the world that are being tied to these platforms, let alone the many private companies which gate access to their goods and services behind apps on proprietary devices.
To say nothing of the fact that well-adjusted humans need to communicate with friends and family, and many times that also practically requires being on these platforms as well.
Someone has to be the stick in the mud, right? I personally enjoy being that guy that doesn’t have a smartphone and causing problems in every government office / institution that assumes everyone has a smartphone, it’s like I’m a pioneer on the frontier :)
E-stim addicts will rationalize their slavery to a small rock in their pocket and sing grand songs about how it’s a curse but they need it. Like all addicts, they are not capable of rationally assessing the utility of the dependence object, and they’ll start carting out all sorts of silly things and gesturing vaguely “See this washing machine? Yep, it needs the rock, that’s why I keep my rock on me and charged at all times”
Reality is that you are the one paying the price, you will spend 45 minutes extra at the office when you could have spent it with your family or friends or playing soccer.
Time is the most precious thing in life, you’ll never be able to buy it back so you may want to reconsider long-term.
This also applies to protesting, activism, politics... It's not that you're wrong, it is in fact time that you could've spent playing soccer. But if everyone just turned their back and played soccer, the world would be a much darker place
Pretty sure I'm getting >10x returns on my time for the minor inconveniences I suffer, most people sacrifice a double digit percent of their time on Earth to the device in their pocket.
If it was be that simple. In that case I would have to go to the bank for every transaction/payment I want to initiate online. Banking app doesn't work for jailbroken devices. Using PC to access banks website works, but transactions still require 2FA and they don't support any other 2FA flow except the one in the app.
There's always a workaround. There are banks with far less annoying root checking and you can just switch. Many banks allow SMS or a physical authenticator for web banking or 3DS 2FA. There are also many was to bypass root detection. If your main problem is 3DS 2FA for online card payments, get a proxy card.
"you can just switch" and yet then you have to contact X people and change Y contracts that are related to your prior bank account. It is not that simple.
Plus nothing ensures the bank you switch to won't up their "defenses" in a week.
I never said it was trivial, I said it was possible. In many places, it's actually very easy. In others it takes some work, but we're talking about de-googling your life, having to put in some work is already implied.
At least around here, I can walk into a bank, sign a few papers, then that bank coordinates with my old bank to transfer all my direct debits, move all my money and notify all my periodic creditors (employer, social security, tax office...). Peer-to-peer payments (like splitting bills with friends) are usually done by alias (phone number or email) on our instant payment scheme, not by IBAN, and my new bank will take care of rerouting that too. And if for whatever reason someone has my old IBAN and tries to send me money in the future, they'll get a rejection and will just have to ask me for my new one, no big deal.
As for "in a week", come on, you're just being intentionally annoying. Obviously there's no guarantee. If they don't have root detection now, after everyone has had it for a decade, there's probably a reason and they won't implement it any time soon. And if you're just supremely unlucky and they actually do it right after you switch, oh well, you wasted and afternoon. Definitely less time wasted than trying all the million different root hiding techniques that probably don't work anymore.
Depends though what you mean by "do not use Google". Having an Android phone with a Google account logged in will not affect you much. If they would block one account you just create another.
Having all your emails on Gmail and used for external services (bank, insurances, etc) is a different story though. I prefer to pay my email provider, at least they will care a bit more than they do for a free account...
You don't have to go to the bank for every transaction, you can just go there once to close out your account and open one somewhere that doesn't require that.
I'm surprised, most banks I've come across force sms or phone-call 2fa only. A rare few allow generic TOTP authenticators, and maybe one or two has an app as an option. And I've only come across one bank that detects and warns for root access. Is there no "jailbreak hide" on ios?
In Poland it's SMS OTPs, bank app (heavily recommended and in some cases enforced by the bank) or additionally paid physical TOTP token devices. And almost all banks throw a hissy fit once you have some sort of vector of root detection left open.
I am in a situation right now where Amazon delivered a fake product. Support suggested they can also try redelivery, and when I asked what if it happens again, they said it should not happen.
It happened - fake again. Now the customer support flow is: you upload images of the product (max. three), and the system approves the verification or rejects it, and then you have a way to contact customer care. System rejected. The trick is - they do not know why the rejection happened, they are not able to tell me, they are confirming the images are very clear and crisp, but they can't do anything to help me because the system leaves them with zero options to move forward - in fact, there is no further escalation matrix either. Nada!
The bank (credit card issuer) refused to raise the chargeback because "but the merchant 'delivered' the item". But it was fake, so? No, no, it "delivered" - that is what counts, so you have to sort it out with the merchant. But they are refusing any further help. You have to sort it out with them. And so on... in a loop.
Can I take them to court? Sure. It may take weeks, months, and maybe years, and even then, in the end (if I win), the court may just instruct them to refund and possibly (possibly!) compensate a trivial amount for legal expenses, which is never even remotely close to the actual legal expenses in this country's courts.
I had the misfortune of visiting an Amazon Go store. They charged me for items that I never picked.
No option to contest the receipt....until the "would you recommend a friend visit amazon Go" survey popped up. I responded negatively, then the "why?" question had a "My receipt was incorrect" option.
Suddenly I was able to go through the "contest receipt" workflow.
The system works as long there is user trust in the system. It is sad and annoying when something like this happens, but occasionally the best thing you can do is tell your story and never use a service again. I find there are still reasonable alternatives to Amazon, maybe not at the same price, but at least they deliver less fakes.
Unless you live in a jurisdiction that is known to have very generous court judgements that fully compensate all expenses occured… wouldn’t this be true for literally every dispute you have above a certain threshold?
That’s simply the actual cost of living in your jurisdiction.
I don’t think any large retailer or bank on Earth guarantees there will be a viable escalation pathway for all possible combination of scenarios either.
Maybe a very high end private bank but even that’s iffy.
My parents had their account with Deutsche Bank private bankers. They had moved overseas and sold their house in the 90s and were living off the proceeds. Everyone got lucky that they bought their house in a big city in the 1960s. Since they didn't spend too much money, the capital accumulated for a while. It could have gone the way of Detroit but went the other way. When they passed away, we inherited the money and bought a house in the suburbs. It wasn't a huge amount of money, but it changed our lives, no question.
So, when my mom passed, our family had to deal with DB. I have never, ever hand such a bad experience with a bank. The bank overseas was so courteous and efficient that I asked if I could open a bank account with them but I couldn't since I don't live in the country, just a frequent visitor. The IRS and government were easy. The will was as easy as it gets. Do things by the book, you'll be fine.
The NY DB office, to which I would have to go frequently and sit in some luxurious waiting room with nice art, was insane. My lawyer and accountant could not understand how they could repeatedly ask for the same information, deny they had received it, ask for information that literally the US government does not give out to anyone and on and on and on. And no there was nothing shady or shifty about my parents' lives. My lawyer started sending meaner and meaner letters to them, the kind that talk about making my client whole and litigation.
And yet, a few years later it turned out that same bank was often in the news for, among other things catering to Jeffrey Epstein. Who knows, maybe he spent his last hours complaining about them too. I could only hope he had that experience to add to his all-too-brief punishment. Actually, I have often wondered if we got raked over the coals because they had genuinely fishy clients and thus all the clients, especially the ones overseas, were on some kind of government watch list.
Amazon expects you hire a consultant that is a buddy with the manager responsible for closing your account, and bribe them through that engagement to re-enable your account. They started doing that a decade ago with the mass-banning of legitimate sellers.
For all the negative press he gets and the way he treats his workers I'm surprised he still has resources allocated to handle complaints sent to his inbox.
I'm just always a little surprised to read things like "i couldn't live without Amazon," and i wonder if there are no other alternatives for two day shipping on other countries or what it is that keeps people stuck on Amazon instead of using other next-day deliveries
It's not that Amazon is irreplaceable, but sometimes it's the best option by far depending on where you live and what you're looking for.
I'm in Austria (not Australia) and local retail prices are infamous for being 25% to 100% higher than in neighboring Germany for the same stuff because of cartel behavior of local retail industry.
Buying from amazon Germany means I can get the same prices as Germans (with +1% extra for higher Austrian VAT) for the same goods.
I'd love to give up Amazon in favor of local stores but local cartels are just as bad or even worse.
So to fix the Amazon problem you need to fix the competition problem first, which is caused by players other than Amazon too.
People in my circles in the US (in an area with tons of alternative options) look at me like I have two heads when I say we don’t have Prime and never shop on Amazon. For many, I think, Amazon has simply been the default option to buy anything for long enough now that it’s ingrained muscle memory.
Big part of that is just that it's insanely easy to use compared to most of the competition.
But still, most people go to the shop to buy toilet paper. Once you get used to Amazon, it just saves so much time and effort. The prices aren't bad either, I just checked toilet paper on amazon.com and 30 rolls of good quality amazonbasics toilet paper costs $0.22 more than the equivalent kirkland product on costco.com
You can order almost everything you need in the same app, whenever you feel like it. Just a couple of clicks, no need to fill in delivery information or anything.
The only part where YMMV is receiving the parcels obviously.
I live between central London and a smaller European city, the competition is generally much much worse.
Sure, for every individual item there might be a better better local option. I'd have to spend time finding that, then go through the terrible order process and hope their delivery service isn't utter shit. Oh, and yeah, half the time they'll probably block my order because I'm using a non-european card.
Just being able to use Amazon for almost everything starting from bottled water and toilet paper saves me immense amounts of time. I can generally trust that the stuff I order reliably arrives at the concierge, which isn't a given.
And FWIW, most of the time I've shopped around, Amazon has been cheaper or essentially the same price. Doesn't really matter to me, but it is a plus. I'd happily pay more for a more convenient service, but in this case it seems I'm usually paying less.
Not only local copies but also at least own and use one device where you have your important data that is not on the same OS ecosystem as the other device(s) - also helps with things like 2FA, password manager, etc., if shit has hit the ceiling fan on the other device.
In addition, I always suggest people to:
- Not use big tech's cloud services - ever
- But if you must, do not use many cloud services from just one provider (i.e no Google everything, no iCloud everything) i.e stop using "one account gateways".
- Needless to say, it's time you had a domain and start paying for mail hosting (at least for critical stuff - you can actually buy a very cheap plan; and use that gmail/live-hotmail/yahoo/iCloud/whatever everywhere else) [0]
- Keep an offline (but safe) copy of your "most" important data [1] and ways to remember (i.e cryptic hints) for your "most" important passwords
- Gain some experience in fighting in consumer courts/forums (depending upon your country) - start early, start with e-com companies. A lot many times we don't put up a fight because we have never done it before and we give up always because every time it's a first time. Apple and Google make a mockery of consumers everywhere because we have allowed them to. In fact sometimes when we talk of lack of accessible support at Google and Apple (yes, Apple) we speak in a disdainful appreciation or awe :)
[0] Some might disagree but disabling (or dev/nulling in a way) mail@, hi@, contact@, sales@ etc on your domain (esp. if you have catch-all enabled) goes a long way in terms of avoiding spam
[1] It's also very important to have a tiered approach to data storage and backup strategies. There should be a very, very, very small subset of your personal data, including some of your photos and videos, that is really, really small in storage footprint that you can back up/sync to multiple locations and actually pay the full price for it at storage costs via your own setup, preferably using FOSS tools (which are becoming too good these days) out there.
How much free time do you think the average person has to learn and set all this up?
“You’re giving these companies your data and then dare to be angry when you lose it? Just get a degree in computer science and host it yourself!!1! I am very smart”
Yours is an absurd response. Rage-bait? Still, I will bite - kind of.
1. You don’t need too much time to set this up.
2. All this doesn’t have to be in one sitting - with meds and coffee that keeps you awake through the sleeping hours
3. In fact it’s better if you do this over the weeks, months, years. For me it took years and I am still kind of doing it. Once in a while, here and there.
4. I am not very smart. If I was I’d have just ignored your comment.
The question is: will you roll over and die without a fight for your rights?
At least you have time you are spending on HN that could be devoted to learning to fight. The fewer people that fight, the faster your rights disappear.
The list is a bit overkill for the normal person. I would suggest just:
- Have a local backup (simple giving the storage prices)
- Pay for one email provider (less chance to ignore you)
- For important services (bank, etc.) always register also a telephone number / second email if possible (there is a low chance that both primary and secondary thing will be blocked at the same time)
I had a family member who had sudden onset of massive seizures. He could not remember any of his passwords or hints at all. It was a real challenge getting into any of his accounts to figure out what needed doing.
> It's definitely made me develop a do not trust any big corp mindset.
I've been reading about Lovecraft's Old Ones. Apparently they have no ill will towards humans. They just sometimes cause harm without realizing it, while going about their business.
I watched an interview with Elon Musk a few years ago (circa 2018?). I'm no fan of him but he was asked about AGI and he kinda just said matter of factly, AI can view humanity as we view anthills. We don't really care about anthills, but if they're in the way of us building a neighborhood in an area then goodbye anthill.
I'm not sure if I like that take because of how horrifying it is, but I found it very interesting that harm can be caused so nonchalantly by more powerful entities, since humans already view themselves as the most powerful entity.
I don’t mean to defend this, but I know from experience that gift cards are frequently used for money laundring. The laws against that are very strict, incentivizing companies to overshoot and block false positives.
At the same time, AML solutions tend to be a closely guarded black box which simply tells you to block a customer, finding out why is pretty difficult.
To add more to the problem, some anti money Landry solutions are … AI powered.
>At the same time, AML solutions tend to be a closely guarded black box which simply tells you to block a customer, finding out why is pretty difficult.
For a good reason! You, as a rule, really don't want to tell the customer why you're blocking them. What will happen in the end is that you will be facing federal charges for assisting the money launderers because you kept telling them what they're doing wrong.
> This is the same failure mode of all security-through-obscurity. Secrecy means that bad guys are privy to defects in systems, while the people who those systems are supposed to defend are in the dark, and can have their defenses weaponized against them.
That’s a great article - explains what I haven’t fully thought through or quite been able to put into words but what I’ve always felt, because the “you can’t tell people the secret rules” with things like money laundering is treated by many as obvious, but has never sat right with me.
I disagree with this article—its premise relies too heavily on the oft repeated, oft misunderstood line “there is no security in obscurity.”
This concept is used to argue that obscurity shouldn’t be used at all as a defense mechanism, when really all it means is it shouldn’t be your only line of defense.
Obscuring aspects of a system can contribute to its overall functioning: it’s a filter for the laziest of adversaries, and it creates an imperative for more motivated ones to probe and explore to understand the obfuscation, creating signal and therefore opportunities to notice their behavior and intervene.
I think for anyone who has dealt firsthand with mitigating online fraud, hackers, spam, trolls, cheating etc, the idea of having completely transparent defense mechanisms is pretty much ludicrous.
Also, to be fair, for money laundering it does raise the barrier to entry quite a bit. Doesn't matter if you have billions of dollars to launder, could already make quite a bit of a difference if you only have millions of dollars to launder.
> The laws against that are very strict, incentivizing companies to overshoot and block false positives.
Yes, in many countries they are, but I don't think the laws are dictating Apple to completely turn off the accounts, but instead dictate that Apple should take measures against it.
They could disable those gift card features + Apple wallet/pay if they suspect fraud, and if no one complains within a month, then disable the entire account, rather than start with disabling the account. Would give them space/time to investigate, and wouldn't be a huge pain in the ass when the inevitable false-positives happen, like in this case.
> I don't think the laws are dictating Apple to completely turn off the accounts, but instead dictate that Apple should take measures against it.
You misunderstand the nature of financial regulation. The laws on things like money laundering are intentionally vague, they say things like "Apple should take measures against it". And financial regulators will not come out and say (especially in writing) that you MUST do any particular thing (like ban customers entirely on suspicion).
What they WILL do is ask probing questions, frown a lot, and make suggestions. Which the company had better take seriously. Because the financial regulators have the ability to simply close down your business, and if you cross enough of the unclear lines they will do so.
This is also one of the reasons the government is fond of gag orders. If companies could tell you "sorry we closed your account because of government pressure" then at least you would know why, but then you would know why. Which could give you standing to challenge it or create bad PR for the government and generate public outrage sufficient to make them stop doing that.
So instead they censor the company from telling you the reason, because everyone whose account is locked is guilty of Terrorism, obviously, and the people actually committing fraud would be unable to discern that they've tripped the detection system from the fact that their account is locked unless you told them that was why. Certainly not because it would make people unsympathetic to what the government is doing.
> Because the financial regulators have the ability to simply close down your business
You misunderstand how business regulation works in free countries. Financial regulators can't just "simply close down your business" however they want, unless you live in a country that is primarily authoritarian.
Again, I'm not saying closing down accounts isn't easier than turning of functionality, but companies could chose the "harder route" if they did care about the users themselves. Alas, most companies priority remains "make more money above all".
Every company's priority has always been "make more money above all," it's just that once upon a time some of them beloved that treating their workers and customers well was a part of that goal. History has shown them that wasn't really necessary.
And don't think for a second the US federal government couldn't do a huge amount of damage to anyone it feels like by way of its financial regulators. In general it's better for the US government if Apple continues to exist, though.
> Every company's priority has always been "make more money above all,"
Maybe that's true where you live, but it's definitely not true all over the world, many economies have a free economy yet companies exist for public benefit, not shareholder value generation. It's out there, wouldn't be impossible to implement where you live either.
> And don't think for a second the US federal government couldn't do a huge amount of damage to anyone it feels like by way of its financial regulators
Right, I agree. But I also qualified my statement to not be valid in authoritarian countries, so maybe not the greatest example to use.
A bit like OpenAI (non-profit) or Anthropic (public-benefit-corporation). Based on their business model it is clear that profitability is not their goal, and in their own statements: greater good for the humanity
I don’t know. You can’t buy the kind of loyalty that treating your customer well earns you (nor buy revocation of the spite that treating them poorly does).
Particular airline like United makes your life hell, or even behaves sloppily and heavily inconvenienced you? You not only hate them, you actively go out of your way to tell your friends, family, and anyone who asks your opinion that you hate them. And why you hate them. (Lost one/only bag, for longer than an entire trip, over ten years ago.) And go out of your way, even at higher cost, to avoid them. (Have never flown United afterwards.)
Aside: We know this can be done competently; see Japan. They’ll even fail sometimes, but I suspect that nearly-always, someone from the airline would be delivering the bag personally after they obsessively located it, as opposed to the “meh” attitude US carriers take.
On the other hand, some company like Valve: for an out-of-warranty product (just time, current-model Steam Deck) that was purchased outside the country and gray-market imported (consumer level, just carried out to another country)… and which they don’t sell in your country… they demurred a bit then agreed to ship a replacement part to the original purchaser. At zero cost. Dealing with product issues isn’t fun, but we all know issues arise sometimes, and they killed the “delight the customer” goal.
Some companies still care, and I’d argue that treating your customers like crap while attempting to extract maximum “short term value” doesn’t actually work. Not in the long term, and in the short term, well… it depends on your definition of “short term”. One bad incident can go viral and wreck your quarterly earnings.
All this costs money for little return of invest. As long as the collateral damage is below a threshold that causes reputational damage, there is no business incentive to solve this.
Yes, I agree, the companies don't actually care about consumers, only what's cheaper for them. But this is a choice companies do, not because laws somehow require them to block the entire account vs individual features. I was just adding that because the original comment made it seem like the companies are somehow forced to act like they do because of laws, but it isn't, it's an intentional cost-measured choice they make by themselves.
Ironically, I had Amazon flag and undo some gift card purchases (of cards, not with cards) that I made for Christmas, while myself thinking about this category of problem, about why cards are a mechanism for scams rather than specifically money laundering.
The cards were to family members that I normally send gift cards to at Christmas, and the activity was counted as "sus" even though I was asked to validate my card number and expiration date before being allowed to make the purchase.
I agree. The way they make sending parcels internationally more difficult through custom declarations and taxes and fines for smaller occasions it’s more practical to send a gift card from the destination country.
> The laws against that are very strict, incentivizing companies to overshoot and block false positives.
On that note[1] is a good read (Cmd+F: "suspicious activity report"), although this specific case is about gift cards, but the AML/T&S etc. space is remarkably similar.
Unfortunately, when you access multiple accounts from the same set of IP addresses and browser signatures, you can bet Google, Apple, Microsoft, and any other large company with that level of information collection has probably correlated all of those accounts to you. The company may lock them all if any one of them is suspected of "bad behavior".
Yeah I dont remember the details but I remember a developer at a studio causing their account to lock up when google shut down the previous studio he was working woth account
Apple is perfectly happy to take money from criminals though. My grandmother bought some Apple gift cards from a supermarket which turned out to be fake. The cards on display had been replaced/modified in a way that upon purchasing them it activated another card held by the criminals. Apple refused to take responsibility and so did the supermarket. Gift cards are loved by scammers as a way to receive and launder money, they should be subject to much more scrutiny and have stronger AML mechanisms.
Most likely stolen cards. Stolen credit cards are used to purchase gift cards which are then resold to unsuspecting buyers. Think of it as stolen money laundering.
Youtube is full of scam baiting videos – of people who waste scammer's time for entertainment.
A very usual scenario is that the scammer pretends to be a technician doing some remote support and for example pretends to provide some refund. Then they pretend that they've mistakenly sent out e.g. 10x the amount and they ask for the difference back, claiming that their job is on the line.
Crypto would work, but since they target old and tech-illiterate people, the easiest way is usually to ask the victim to go to a store, buy gift cards and read out the codes.
Google kitboga (a known scam baiter) for the videos.
They’re great entertainment pieces, and almost a commentary on the state of the world through the lens of microeconomics, with both sides behaving in a way they think is best for them.
For the baiters, they get engagement and, sometimes, the feeling of revenge for a scam visited upon an elderly relative; for the scammer, maybe it’s worse, as we know some people are trafficked into places then forced to scam people (or maybe they just want money). Still, kinda paints the world in a sad light.
Well from my view as European working in finance. Handling money for customers to pay (buy apps) likely requires an e money license (not sure about other states). And with this there is lot of things coming, like AML and what not.
So disabling the account might be due to regulations required for the e money license.
Of course Support should be able to resolve this if proves are given
It is probably lazy in the sense that they would need more lawyers and more careful ToS. Defending their ability to shut anyone off completely is a lot easier than dealing with lawsuits from customers denied X, denied Y, denied Z in regions A,B,C..
Gift cards are often used for money laundering or scams, because they allow to transfer monetary value in small increments and without tracking: there's no link between the person who bought a gift card (anonymously with cash) and a person who used its code to put money onto an account.
It genuinely makes me a little anxious whenever I come across people whose entire digital lives are dependent on a google/apple account. Just one misstep and it's all gone
Their mega high risk - high value gift cards are effective for laundering stolen/fraudulent credit cards. Buy a $500 gift card with a stolen CC and sell it on FB marketplace for $400 - you’re up $400, the buyer saves $100, Apple get paid by the retailer and the CC company are (likely) on the hook.
Of course the actual solution here is _don’t sell high value gift cards_, or require the Apple ID email at time of purchase/activation of the card
I created a Google developer account with a separate email due to warnings like this. Then Google closed it because I left it idle too long and I didn't get the warning email. Sometimes you can't win.
It would make more sense to stop offering gift cards, which make zero financial sense for the consumer, but why stop offering a lucrative product that people buy because they're bad at logic, when you can just shut down accounts and greatly inconvenience people at no cost to you?
> which make zero financial sense for the consumer
Not in all situations. Because of various cross promotions between car insurance, supermarket and airlines, by using gift cards for groceries I get an effective ~9% discount every time. That really adds up over a year.
For Apple and others, you can use secondary gift card market to get some discounts too, if you wanna risk it.
I don't think they'd work out if everyone used them. It's essentially companies paying for your shopping data. But a) they overpay to incentivise you, b) I'm buying the same boring things on rotation so it's close to useless to them.
Wouldn’t work for money laundering. As far as AML regs (and banks) are concerned a small business is indistinguishable from a personal retail account. This makes sense from a business point of view because a lot of small businesses are just one guy, and small business owners tend to mix their personal finance with their business finance. From an AML point of view, a lot, perhaps most money laundering is done with registered business entities. It’s easier to create a numbered corporation than a whole person.
I'm sure they're not all scammers, but what's the upside to the consumer? Why not just give the money directly? Seems to me like all the upside is on the company, and all the risk is on the user.
In some countries, where people receive conditioned social security benefits, just sending the money via bank account will have disadvantages (at worst the next sum from social security is lowered 1:1 by the money received and they try to keep it that way). So, if you do not meet the gift receiver in person and do not trust the postal service with cash, a gift card can be a solution.
The theory is that if you give someone cash, they're just going to put it in the bank or buy gas with it, but if you give them gift card to e.g. a game store then they're going to buy a game, without you having to know which game they want.
It's the same premise as buying someone any gift instead of just giving them the money so they can buy whatever they want.
Arguably, they'll be happier with the video game than with a tank of gas, which you've ensured they'll choose by not giving them the cash
Edit to add: kids often don't have bank accounts, i mostly received gift cards as a child, from relatives who wouldn't want to mail cash and couldn't give me cash in person. On a dark note, giving a kid a gift card to a toy store makes it harder for the parents to steal it for themselves.
The whole practice originates from "gift certificates" where you'd maybe go to your favorite spa and get a gift certificate to give someone, so that the spa treatment is the gift you're giving, but the recipient redeems it whenever they want. That just got abstracted to non-service gifts as well, with the same idea ("treat yourself to a new video game, whichever and whenever you feel like it" -- that's the gift, facilitated by the card)
Also for kids at least, sometimes they really will be happier with less choice. Sometimes kids make bad decisions and limiting choice to good options is helpful.
Additionally the inverse is true. Sometimes kids choices are restrained, and they really would like to do a thing they are not allowed to, and gift cards offered them away to do that. Case in point: my tween figured out that we don’t let him buy in game currency for any the games that we do let him play, however, when a relative gives him a gift card, we let him redeem it, making gift cards incredibly popular gifts.
I joke that a $100 gift card is an "inferior $100 bill", because you can spend the bill anywhere, but the gift card only in one place. People give them as gifts because it shows marginally more effort than just giving cash.
That's backwards. The company treats the GC as a liability. It cannot recognize the funds as revenue until they are spent. This is GAAP and law (but see exception below).
GCs are valuable to brands because they are marketing tools. Recipients are prompted to go to the merchant to spend money, and they usually spend about 40% more than the face value of the card.
Also, GCs are valuable to merchants for breakage. This is when a card (or partial balance) goes unused. Starbucks, as an imperfect example, recognizes about 10% of their total outstanding GC balance as revenue every year, due to breakage. This amounts to hundreds of millions of dollars.
But all those GC funds sit in investment accounts until they are used. It's genuinely profitable to have millions in unredeemed gift cards (and mobile app dollars) sitting around unused.
I've never had my $100 GC be worth $104 a year later, but for the issuer it is. They just keep the $4.
Sorry I was not aware of GAAP. Anyways, I think the primary benefit is the interest-free financing. The company gets to hold the customer's cash and use it for operations (working capital) for the entire time the gift card is unspent. Maybe I was not right with the account terminology and should have mentioned the cash flow positive impact only.
Well yes, obviously, and the company doesn't have to pay anything for the cost of locking you out of all your work files forever and costing you however much, so it's all upside for them.
If they had to reimburse you for the cost of all your lost files, then we'd see the real impact on finances.
One practical reason gift cards exist is tax treatment. In the UK, small non-cash gifts to employees can be tax-free under the “trivial benefits” rules (each under £50, not cash or cash-equivalent). For owner-managed companies, directors have a £300 annual cap across such benefits. Cash or cash-redeemable vouchers don’t qualify and are taxed like salary.
Gift cards are used by phishers. In our institution, we routinely get personalized spam mails (in the name of the corresponding group lead of the recipient, sent via GMail -- this is not low-effort) that ask whether they are available and, when (accidentally) responding, ask for Apple gift cards.
> It's just insane that a gift card redemption can trigger this. What's the rationale?
If I need to guess, gift cards are sold online in money laundering schemes, also on some platforms they are used to let you buy apps from a lower priced country
I had similar trouble redeeming a gift card on Amazon. Twice. (thankfully they got resolved upon appeal).
Enough that I am very wary of buying or redeeming gift cards now, especially more than one in a row.
Apparently there's some sort of scam with gift cards, which must affect any platform which allows them, and legit uses often get flagged by automated systems.
If they are so much trouble for Amazon/Apple I wonder why not disallow gift cards, instead of randomly banning users?
It was a couple of years ago, it was virtual cards (I think one was a card given as reward by one of those legit review sites - edit: Gartner or one like those - which will reward you for providing reviews, and the other was money I had elsewhere that I converted to an Amazon card).
I remember I went through some automated process which asked me for some account details, and after a few hours (fewer than one day, I remember as much) my account was unlocked. It was scary!
What I remember puzzled me is that it was only two low-value cards. I would have understood the system being triggered by a lot of low value transactions, or a few large ones... but these were few and low value! Go figure.
Sorry I don't remember more details. All I know is it made me scared of gift cards.
The untapped answer is litigation. Call a lawyer and file against Apple. It may take several business days, and cost $$$$ but it will absolutely light a fire at Apple and get the attention of many-a-human. And if they ignore it, well, maybe a class action lawsuit awaits.
Monetary damages generally accumulate during the pendency of litigation. Also, it seems unlikely that this would take 5 years to resolve—Apple would presumably just reactivate the account and argue the case is moot now. I mean, maybe they want to establish precedent here to avoid opening the floodgates to this type of litigation, but more likely they’d just settle this one out quickly and quietly and fight the issue when they had better facts. OP’s story is pretty persuasive.
Even a small claims filing in the US, which might have a $10k limit, does damage to Apple far enough above the effort it takes them to “just intelligently fix it” to make it worth their time.
If Apple doesn’t show up, they’ll lose and the filer will get a default judgement, for which they hopefully asked/made the case for $10k. I’m sure they can arrange to have it enforced against a local Apple Store to seize not product, but operational working assets, if they’re creative a bit. If Apple has anyone competent in Legal they won’t let it get that far, though.
Then again, if they do show up, they’ll pay a lawyer well more than an hour of time, probably by a lot, and still have to argue against a likely well-prepared person, with proof of purchase, etc., (legitimate) sob story of lost time, digital assets, and the like, and likely won’t endear themselves to the court.
And of course for a business, an actual court filing (or arbitration if it gets forced on them, with competent counsel) could be even worse.
And, importantly, go through with the lawsuit. Figure out how to quantify damages to yourself by being deprived of access to your account so even if they restore access you can continue the suit.
Well... who else is going to defend victims if they're not going to defend themselves? Particularly when the person is presumably rather well resourced.
Justice is dead when nearly everybody just makes backroom deals with no admissions of guilt and nondisclosure of terms if they even defend themselves at all.
A person who is capable of defending themselves owes it to those who aren't as able; if even the most resourced people won't defend themselves, what chance to the rest of us have?
To paraphrase an old saying: Live by Big Tech, die by Big Tech.
After nearly 30 years as a loyal customer
I've heard others say this (and was a "loyal advocate" of Windows for around 2 decades myself), but the reality is they simply do not care. You are merely a single user out of several billion.
Many of the reps I’ve spoken to have suggested strange things
That almost sounds like some sort of AI, not a human. But if I were in your situation I'd be inclined to print out that response as evidence, and then actually go there physically to see what happens.
This is why I don't use an os that depends on cloud functionality built into the os for much of its fuctionality. It's really stupid IMHO to depend on a closed system like this to store data.
> This is why I don't use an os that depends on cloud functionality built into the os for much of its fuctionality.
macOS doesn't require this. My Apple account has a handful of apps purchased over the years, and that's it. I could've bought them directly from the vendors, but the store makes it easier to update.
Technically true but I tried using a mac without creating an Apple ID and gave up. You can't access the store without it so you are locked out of Mac apps that aren't installed by default, and all apps that only distribute through the store now.
You don’t need the App Store to install most apps, and can just download .dmg or even .zip files with them; I feel like only a handful of developers go full-App Store-only (with good reason; it not only imposes extra restrictions on certain functionality but also takes a big cut of your sale).
I've used macbooks for 15 years and have never felt the need to create an Apple ID. Maybe I've just been lucky but I have never even encountered a piece of software that didn't offer a direct download or brew installation.
Perhaps that's not a loss, because why would you want to depend on apps that you essentially need an Apple account to use? I've had great luck with finding apps with Homebrew.
I don’t think it is stupid but the golden rule is multiple backups. I personally believe 3 backups is the minimum. A physical one and 2 others. Either another physical copy stored at another location to protect against things like fire or 2 cloud backups to prevent situations like this. But I have only ever met one person who did this. His house burned to the ground and lost all data at his house but had back ups at his brother and on some cloud service and lost nothing. I was impressed as most people I know have zero back ups.
I don’t think so either in the sense we are seeing in this case. As in there should be some legal protections like sure Apple can choose to close his accounts but should allow him a reasonable amount of time to export his data.
But one should in best practice always have their own redundancies as too many times we have seen companies lose data for various reasons.
It’s pretty silly to rely an OS that you don’t own. Though one can be forgiven if you have basically no other reasonable choice such as on mobile phones.
I think we must have passed peak Apple this week or something…
I’ve had Clone Hero running badly on an ancient MacBook for my drums, so I decided to swap it out for an M1 Mini that was collecting dust on a shelf. I did a full erase, but I couldn’t get past its activation lock. At all.
This is a piece of hardware I purchased on my credit card, for my company, (luckily) linked to a phone number I control and an email address on a domain I can control, but Apple in their infinite wisdom are still locking me out of my own hardware because I don’t know the password the last employee used on the computer! I don’t want any data off it, thats gone, I just want the computer I spent money on to actually be usable!
I initiated a “recovery” process to unlock it (at Apples discretion?) and they’ve sent me an automated email saying the initial checks are passed and they will contact me again in 7 calendar days. Kafka-esque doesnt even begin to describe it. So for the next week I have to whistle Dixie!
I’ve been a massive Apple fanboy since I swore off Windows a couple of decades ago, giving them a decent high 6 figure spend over that time and influencing countless others to buy Apple devices. Well that very much ended this week & going forwards without Apple will be painful, but the message they sent me couldn’t have been any louder & clearer. The writing has been slowly creeping on to the wall for the last few years, between buckling to UK government pressure, the CSAM photo scanning nonsense, the absolute UI abomination of this new glass crap, this was my final straw.
I’m also going to be relaying their “message” very clearly and loudly now to any friend or family member considering another Apple device.
This happened to me[1] a decade ago, now. Left Apple hardware on shelf for a year or two, Apple in the mean time did their iCloud migration or something, and my login account could no longer unlock the device. It's been effectively bricked since.
A similar thing happened to me - I lent a phone to my mother-in-law and created an account for her. She returned the phone once her own phone was fixed.
A few years passed, and a couple of weeks ago my phone broke, so I wanted to use that one until I bought a new one. It turned out that Apple had permanently deactivated the iCloud account on that phone. I could make calls, but I couldn’t install or update any apps, even though I still controlled the email address that was used to create the Apple account. Not that 5S is very useful these days but still.
Not sure if the Chinese have figured out a way for the newer ARM-based ones yet (I realise it's already been several years since the M1 was released...) but I believe most of the older x86 ones have been cracked.
I've unlocked some old Thinkpads that were similarly left locked with a BIOS password by departed employees, officially not possible, but actually possible if you reflash the BIOS and EC ROMs.
A CH341A-based programmer with the accessories ("chip clip" cables and adapters) is available on AE for cheap (~$10) and will work to read/write the main BIOS.
If you need to recover the EC, then I believe anything that can work as a generic JTAG device, like an FX2LP dongle (~$5 or less, and useful for other things like a logic analyser) will also be needed.
I’ve talked to apple support reps in the past. It’s absolutely not surprising to hear that there’s confusion. ISTR some aren’t actually direct Apple employees, so they don’t have access to certain information.
> That almost sounds like some sort of AI, not a human
It’s almost certainly not, it’s just humans being human and going off script. I worked in a place where we dealt with an enormous number of customer service requests, and one of our measured support metrics was “how often do the agents deviate from what they’re allowed to offer”.
> I've heard others say this (and was a "loyal advocate" of Windows for around 2 decades myself), but the reality is they simply do not care. You are merely a single user out of several billion.
What changed your outlook? Did you get burned by Microsoft?
Hard disagree. I find that Linux (particularly but not exclusively Gnome) is actually even better than Windows or Mac OS. I hate having to use Windows or Mac again for how clumsy and poorly thought out they are. It took how long before they finally got Window snapping? And file search is still atrocious on both, and getting worse on Windows.
It always seemed to me the people who deride Linux's desktop GUI are those who actually never bothered to use it, especially not seriously in the past decade.
While Plasma is among the better desktop options, it’s still something of an acquired taste, being a significantly different flavor from either mainstream commercial OS (and particularly un-Mac-like). I know some like it, but having used it on various single-purpose machines of my own I don’t think I could make it the desktop of my daily driver or work machines.
Why would my government care less about me than a multinational corporation with billions of customers that isn't headquartered or listed where I live?
My Member of Parliament represents about 130,000 people, does regular door knocking to talk to people, and has a staffed office a few km away the I can walk into anytime I want.
None of that applies to a multinational corporation.
You're lucky and this is not a representative of the politicians at all.
In my Parliament MPs seem to represent primarily the interests of their donors, not those of their country, not even constituents.
It still better than it used to be, the corr...., er lobbying is not as blatant, but its still obvious.
Seeing the MP? Yeah. Maybe if someone lives in the "unsafe seat" area and the MP is trying to get reelected:)
People can vote the government out on the next election but they can't vote Tim Cook and other executives out of Apple unless they're shareholders with significant voting powers.
And don't tell me to "vote with my wallet". We're talking about Big Tech, not your next door kebab shop.
> I am not a casual user. I have literally written the book on Apple development (taking over the Learning Cocoa with Objective-C series, which Apple themselves used to write, for O’Reilly Media, and then 20+ books following that). I help run the longest-running Apple developer event not run by Apple themselves, /dev/world. I have effectively been an evangelist for this company’s technology for my entire professional life. We had an app on the App Store on Day 1 in every sense of the world.
I am surprised that with such a pedigree, the author doesn't already have contacts at Apple they could reach out to for that personal touch.
From my experiences with people at Apple, everyone seems so siloed that it doesn't surprise me that they couldn't help him. It doesn't seem like they have the culture where you could just drop by the Apple fraud team and ask for help for a friend.
Or, they hit the brick wall that is US anti-money laundering laws. It’s illegal to “tip off” (warn) the person if they’ve tripped the AML checks.
At that point, it doesn’t matter how many friends you have on the inside, unless you’ve got one that’s ignorant of the law or willing to risk the penalties.
If he succeeds, perhaps you shouldn't care. If he fails, you should care, because that means that the average person will certainly fail. They will lose the cancer test results on their iPhone, the job they use the iPhone for, possibly their home, the copies of their birth certificate on their iPhone, and the friends they could crash with but whose phone numbers they've forgotten because they only communicate with them through iMessage.
You don't care that massive unaccountable corporations control all our data, devices and connectivity, and can lock us out of all of that on a whim or accidentally, and refuse to fix the problem?
This could happen to anyone. It can happen to people trusting Apple with their data, to people using Google, Microsoft, Amazon, or any other big cloud platform.
This deserves everybody's attention, and also a massive lawsuit to force these corporations to treat our data more responsibly.
It's relevant because it shows they are not newbie on the platform and are unlikely to have misbehave in some capacity to warrant a full deactivation. It adds credibility to their story.
That sentence smells like AI writing, so who knows what the author actually thinks. (As usual, the other major "tell" is the superfluous section headers of the form "The [awkward noun phrase]"...) I mention this because it affects how trustworthy I find the article, combined with other aspects of this situation; and because it is very easy to ask an AI to generate this kind of post.
I'm more curious how/why the author ended up with a $500 gift card. That's a large amount, and the author never shares how this was obtained, which seems like a key missing detail. Did the author buy the gift card for himself (why?) or did someone give him a very large gift (why not mention that?)
AI used em-dashes initially in that type of sentence structure, but more recently moved to a mix of semicolons and commas, at least from what I've been seeing.
I never claimed the author doesn't exist.
$500 is objectively a large amount for a gift card. Off-the-shelf gift cards with predetermined amounts are almost always substantially less than this.
The author lives in Australia. You get points from supermarket for purchasing some gift cards during some promotion, it's around 10% of the card value.
Gift cards are associated with money laundering and many online scams. I would guess any usage of them (especially in larger denominations) would attract increased attention and additional risk. That's nonsensical of course, why does Apple sell them if they are also suspicious of them, but I would guess if he had paid with a credit card there would have been no issue.
If you receive them as a gift, use them only in a situation unconnected with your cloud ID, such as to pay for new hardware at an Apple store.
> I'm more curious how/why the author ended up with a $500 gift card. That's a large amount, and the author never shares how this was obtained, which seems like a key missing detail. Did the author buy the gift card for himself (why?) or did someone give him a very large gift (why not mention that?)
The author mentions a big store (names it similar to Walmart for US based readers).
I would assume this was an accepted form of "return a product without a receipt" or "we want to accept your complain about this product we sold going crazy 1 day after it's warranty but we cannot give you cash back" etc
I don't understand. Gift cards typically cannot be returned, at least in the US. And the author said the gift card was redeemed "to pay for my 6TB iCloud+ storage plan", which also cannot be returned I'd imagine.
But gift cards aren't supposed to work that, right? If it wasn't "legal" or "okay" to have a 500 dollar card, they shouldn't be sold. They are available, therefore they should be perfectly usable.
I don't want to speculate more, but one of the use cases for them is for people that choose to not use cards online (or even don't have credit cards at all) to be able to buy digital goods with cash.
Either way, if we're questioning buying/using the gift card, we're blaming the victim
I'm not blaming anyone; I just find it surprising that this detail wasn't mentioned or explained. Its omission makes the article less trustworthy to me.
People are fast to pull out pitchforks in response to outrage-bait posts like this, but (generally speaking) a nontrivial percentage of such posts are intentionally omitting details which can help explain the other side's actions.
Also I genuinely wasn't familiar with this specific use-case for gift cards. At least in the US, you can buy general-purpose prepaid debit cards for this type of thing instead, or use various services which generate virtual cards e.g. privacy.com. To me that seems infinitely more normal than buying a large-value "gift card" for yourself, but I'm admittedly not familiar with the options in other countries.
1. The prepaid Visa or Mastercard come with an extra fee (like 5-6 dollars per card if I recall correctly?)
2. I didn't see the prepaid cards in stores outside the US, so they are probably not that popular outside.
Sometimes you also want to shift your spending, like if you spend 500 USD this month at this store, you'll get some good % cashback. So you end up buying a gift card that you know you'll definitely use next month.
LLMs were trained on books like the ones written by the author, which is why AI writing "smells" like professional writing. The reason that AI is notorious for using em dashes, for example, is that professional authors use em dashes, whereas amateur writers tend not to use em dashes.
It's becoming absurd that we're now accusing professional writers of being AI.
I didn't mention em dashes anywhere in my comment!
If this isn't AI writing, why say "The “New Account” Trap" with then further sub-headers "The Legal Catch", "The Technical Trap", "The Developer Risk"... I have done a lot of copyreading in my life and humans simply didn't write this way prior to recent years.
The relevance is that it affects whether or not the article's claims are trustworthy, when combined with some other details here. It is very easy to ask AI to generate a grievance post, for whatever motivation. This is why I mentioned it in combination with the question of how/why exactly the gift card was obtained.
There's the further detail of multiple commenters here saying their various contacts at Apple all cannot solve this particular case, which seems odd.
Now that said, given the OP is a published author, it's more likely he is trustworthy on that basis, but personally I still get a "something doesn't add up here" vibe from all this. Entirely likely I'm wrong though, who knows.
I don’t think you even know what you’re arguing about anymore. You claimed that what the author wrote wasn’t what the author thinks. As evidence you provided weak arguments about other parts of it being AI written and made an appeal to your own authority. It doesn’t matter if AI wrote that line, he wrote it, a ghost writer wrote it or a billion monkeys wrote it. He published it as his own work and you can act as if he thinks it even if you don’t otherwise trust him or the article.
Ah, I see the confusion, you're still focusing entirely on this one "this isn't just x; it's y" line. I was mostly talking about the piece as a whole, for pretty much everything other than the first sentence of my first comment above. Sincere apologies if I didn't state that clearly.
> humans simply didn’t write this way prior to recent years.
Aren’t LLMs evidence that humans did write this way? They’re literally trained to copy humans on vast swaths of human written content. What evidence do you have to back up your claim?
Decades of reading experience of blog posts and newspaper articles. They simply never contained this many section headers or bolded phrases after bullet points, and especially not of the "The [awkward noun phrase]" format heavily favored by LLMs.
So what would explain why AI writes a certain way, when there is no mechanism for it, and when the way AI works is to favor what humans do? LLM training includes many more writing samples than you’ve ever seen. Maybe you have a biased sample, or maybe you’re misremembering? The article’s style is called an outline, we were taught in school to write the way the author did.
Why did LLMs add tons of emoji to everything for a while, and then dial back on it more recently?
The problem is they were trained on everything, yet the common style for a blog post previously differed from the common style of a technical book, which differed from the common style of a throwaway Reddit post, etc.
There's a weird baseline assumption of AI outputting "good" or "professional" style, but this simply isn't the case. Good writing doesn't repeat the same basic phrasing for every section header, and insert tons of unnecessary headers in the first place.
LLMs learned from human writing. They might amplify the frequency of some particular affectations, but they didn't come up with those affectations themselves. They write like that because some people write like that.
Those are different levels of abstraction. LLMs can say false things, but the overall structure and style is, at this point, generally correct (if repetitive/boring at times). Same with image gen. They can get the general structure and vibe pretty well, but inspecting the individual "facts" like number of fingers may reveal problems.
That seems like straw man. Image generation matches style quite well. LLM hallucination conjures untrue statements while still matching the training data style and word choices.
My point was that generative AI may output certain things at a vastly different rate than it appears in the training data. It's a different phenomenon than hallucination. In the case of this example: the training data has fingers, just not at the same exact frequency as the output.
> AI may output certain things at a vastly different rate than it appears in the training data
That’s a subjective statement, but generally speaking, not true. If it were, LLMs would produce unintelligible text & images. The way neural networks function is fundamentally to produce data that is statistically similar to the training data. Context, prompts, and training data are what drive the style. Whatever trends you believe you’re seeing in AI can be explained by context, prompts, and training data, and isn’t an inherent part of AI.
Extra fingers are known as hallucination, so if it’s a different phenomenon, then nobody knows what you’re talking about, and you are saying your analogy to fingers doesn’t work. In the case of images, the tokens are pixels, while in the case of LLMs, the tokens are approximately syllables. Finger hallucinations are lack of larger structural understanding, but they statistically mimic the inputs and are not examples of frequency differences.
Heuristics are nice but must be reviewed when confronted with actual counterexamples.
If this is a published author known to write books before LLMs, why automatically decide "humans don't write like this". He's human and he does write like this!
Most of those section headers and bolded bullet-point summary phrases should simply be removed. That's why I described them as superfluous.
In cases where it makes sense to divide an article into sections, the phrasing should be varied so that they aren't mostly of the same format ("The Blahbity Blah", in the case of what AI commonly spews out).
This is fairly basic writing advice!
To be clear, I'm not accusing his books as being written like this or using AI. I'm simply responding to the writing style of this article. For me, it reduces the trustworthiness of the claims in the article, especially combined with the key missing detail of why/how exactly such a large gift card was being purchased.
> To be clear, I'm not accusing his books as being written like this or using AI. I'm simply responding to the writing style of this article.
It's unlikely that the article had the benefit of professional, external editing, unlike the books. Moreover, it's likely that this article was written in a relatively short amount of time, so maybe give the author a break that it's not formatted the way you would prefer if you were copyediting? I think you're just nitpicking here. It's a blog post, not a book.
It's a difference of opinion and that's fine. But I'll just say, notice how those 3 previous articles you linked don't contain "The Blahbity Blah" style headers throughout, while this article has nine occurrences of them.
> notice how those 3 previous articles you linked don't contain "The Blahbity Blah" style headers throughout, while this article has nine occurrences of them.
The post https://hey.paris/posts/cba/ has five bold "And..." headers, which is even worse than "The..." headers.
Would AI do that? The more plausible explanation is that the writer just has a somewhat annoying blogging style, or lack of style.
To me those "And..." headers read as intentional repetition to drive home a point. That isn't bad writing in my opinion. Notice each header varies the syntax/phrasing there. They aren't like "And [adjective] [noun]".
We're clearly not going to agree here, but I just ask that as you read various articles over the next few weeks, please pay attention to headers especially of the form "The ___ Trap", "The ___ Problem", "The ___ Solution".
> I just ask that as you read various articles over the next few weeks, please pay attention to headers especially of the form "The ___ Trap", "The ___ Problem", "The ___ Solution".
No, I'm going to try very hard to forget that I ever engaged in this discussion. I think your evidence is minimal at best, your argument self-contradictory at worst. The issue is not even whether you and I agree but whether it's justifiable to make a public accusation of AI authorship. Unless there's an open-and-shut case—which is definitely not the case here—it's best to err on the side of not making such accusations, and I think this approach is recommended by the HN guidelines.
I would also note that your empirical claim is inaccurate. A number of the headers are just "The [noun]". In fact, there's a correspondence between the headers and subheaders, where the subheaders follow the pattern of the main header:
> The Situation • The Trigger • The Consequence • The Damage
> The "New Account" Trap • The Legal Catch • The Technical Trap • The Developer Risk
This correspondence could be considered evidence of intention, a human mind behind the words, perhaps even a clever mind.
By the way, the liberal use of headers and subheaders may feel superfluous to you, but it's reminiscent of textbook writing, which is the author's specialty.
My original comment wasn't just about AI, so please don't make it out like a throwaway "AI bad" argument.
As for the section headers, my general point was that AI output includes an excessive number of these, and they are often generally of the form "The [noun phrase]". Many times there's an adjective in there, but not always. If you think this is good writing then you're welcome to your opinion, but most writing instructors feel otherwise.
Textbooks don't contain section headers every few paragraphs.
> please don't make it out like a throwaway "AI bad" argument.
The issue isn't whether AI is good or bad or neither or both. The issue is whether the author used AI or not. And you were actually the one who suggested that the author's alleged use of AI made the article less trustworthy. The only reason you mentioned it was to malign the author; you would never say, for example, "The author obviously used a spellchecker, which affects how trustworthy I find the article."
> If you think this is good writing then you're welcome to your opinion
I didn't say it's good writing. To the contrary, I said, "the writer just has a somewhat annoying blogging style, or lack of style."
The debate was never about the author's style but rather about the author's identity, i.e., human or machine.
> Textbooks don't contain section headers every few paragraphs.
Of course they do. I just pulled some off my shelves to look.
I said it affects how trustworthy I find the article, when considered in combination with other aspects of this situation that don't add up to me.
After going through my technical bookshelf I can't find a single example that follows this header/bullet style. And meanwhile I have seen countless posts that are known to be AI-assisted which do.
Apparently we exist in different realities, and are never going to agree on this, so there is no point in discussing further.
Did you even read the article? "The only recent activity on my account was a recent attempt to redeem a $500 Apple Gift Card to pay for my 6TB iCloud+ storage plan" a 6TB plan is $29.99 monthly.. It's not farfetched to assume he purchased a $500 gift card so he could keep the subscription without worrying about it!
"The card was purchased from a major brick-and-mortar retailer (Australians, think Woolworths scale; Americans, think Walmart scale)" There's not much of a reason to assume someone else unaffiliated with the author bought this card, he mentions talking to the vendor and getting a replacement which means he has the receipt
Yes, I read the article and it simply does not directly address who purchased the card.
It certainly implies the author bought the card for himself, yes; but that seems rather unusual to me, especially in such a high amount.
Why would you purchase a $500 gift card for yourself to "keep a subscription without worrying about it" as opposed to just paying the small monthly amount? Honest question, I literally don't understand that motivation at all. In my mind a gift card is more problematic than a normal credit card in this scenario since it eventually runs out.
Second question: why did you create an HN account just to write this comment?
> Why would you purchase a $500 gift card for yourself to "keep a subscription without worrying about it" as opposed to just paying the small monthly amount? Honest question, I literally don't understand that motivation at all. In my mind a gift card is more problematic than a normal credit card in this scenario since it eventually runs out.
Asides from the promotional bonuses that other users have mentioned, if you have an Apple Family Sharing group you can only use a single credit card tied to the main account for any payments to Apple, but individual accounts will draw down from their Apple Account balance before using that credit card - so gift cards let individuals pay for their own Apple things (subscriptions or otherwise).
I wonder if you can prepay using a card ? But otherwise to answer your potential question, I understand OP as I like to prepay things like my phone operator. I put 500 USD there, and come back one year later. This way it can free-up my limit of 10 virtual cards I have, and most of all, can keep their limits as close as possible to the minimum. If you have a mix of services on the same card it is much more difficult and more risky. If you have 100 USD + 50 USD + 25 USD + 75 USD + 60 USD in monthly spend. Then you have 310 USD at risk, when your risk could be way lower.
“Please don't comment on whether someone read an article. "Did you even read the article? It mentions that" can be shortened to "The article mentions that". ” --https://news.ycombinator.com/newsguidelines.html
Did you read the comment you're responding to? Where in the article does it explain why an adult is buying a $500 gift card to pay their apple subscription instead of just paying for it directly?
I went to Uni with this person (though I doubt they remember me.) They have a very high reputation. If anyone should be able to resolve this, it’s them — that they can’t, and they have to go public, is absolutely terrifying and should make Apple execs pay attention.
I mean that. Exec level. This story and that this specific person cannot get it fixed indicates absolute failure.
This reminds of a joke we have in Russia which roughly translates into English as follows: "Comrade Stalin, it has been a terrible mistake!" The phrase could belong to one of Stalin's own sycophants who unluckily for themselves got imprisoned and executed during the big purge in the 1930s. They didn't understand why it happened to them.
I have a feeling that this guy also doesn't get why this happened to him and that he himself contributed towards it with the work of his life.
I back up regularly using Google Takeout and similar tools, but I don’t think it’s fair to shame this author . Even if you have backups , your recent and essential content and credentials will be locked out . 1% of your content is the most important
We all depend heavily on cloud storage and sso . Everything works fine until you are locked out .
And using them isn’t fully voluntary. They are necessary for collaboration . You end up using what your team uses .
You can try to be that “own cloud” snob but it only works if you live in a basement
Every normal person has content in Google , iCloud , OneDrive , Dropbox and maybe more. That’s 4+ single points of failure
You’re just not imaginative enough if you think you’re safe .
Lot of arrogant people here who think they are safe and better than anybody and blame OP.
It is totally normal in today’s world to depend on cloud services and reasonably difficult to do without it. In China: no WeChat you are practically dead. Here try to join meetings without account, try to send a message on WhatsApp without account, etc… a lot can go wrong very fast. What if you used your Apple account as SSO to other services ?
> Lot of arrogant people here who think they are safe and better than anybody and blame OP.
You see this a lot in the Apple "community". Apple can _never_ do wrong. Apple can _never_ make a mistake. Apple's choices are _always_ the best choices.
I don't understand why people put corporations on pedestals.
it's not just about cloud service dependency, or his loyalty to Apple, or things like that. for important data you _have_ to have backups, 3-2-1 rule and all that. the fact he put all the eggs in Apple's bucket is beyond me.
sure i am dependent to cloud services as much as he is, much to my own chagrin, but at least i have all my data backed up??
The root issue/risk is from cascading service dependencies, and I'm 99% sure this is done unintentionally at Apple et al.
Team builds service. Service depends on first party identity/authentication because it's easier.
... Fast forward 20 years, and no one at platform company even understands the dependency graph from a customer perspective anymore. Especially in the case of rare events like account locks.
Consequently, those customers face a sudden Kafkaesque maze of edge cases that don't line up, as the customer service processes people are funneled through are literally incapable of solving the problem.
Which means the entire "normal" customer support apparatus is unavailable to them. (The same apparatus companies aggressive shove all support through)
This is why there should be regulatory requirements for identity platforms mandating the ability to speak to a human who's empowered to fix your issue + an option for customer-choice decision arbitration + continuous random sample audits with penalties for falling below KPIs (timeliness, correctness, etc).
It should literally be illegal for a company to have their banning system 'oops' and then pretend they don't know you.
Because it's only going to get worse as more AI / probably correct methods infuse account security functions.
Honestly it seems like nobody under this entire post has actually fully read the TOS for any Apple service.
I have once for iCloud... and the impression I got was that they must think close to 100% of the population on Earth are potential scoundrels for them to put in so many clauses and escape hatches.
I don’t think it’s possible to fully read any modern TOS from a bigco and not get an inkling of that.
The real issue is why are people signing up to TOS they haven’t fully read, and if they have… why are they signing up for something that directly spells out they are possible scoundrels who need to be dominated.
It’s like some kind of mass self humilitation ritual.
Wasn’t them finally implementing competent (if overly annoying) iCloud MFA the result of this kind of thing, with social engineering/photo leaks from celebrities or something?
So let me try to understand you. You have 200 friends on whatsapp and FB locks you out . Now you can start sending them letters ? And how do you get their number .
WhatsApp,WeChat , messenger , telegram all use private addressing
Reminds me of a story:
When Facebook was launched I created an account.
Fast forward 10 years, account got permanently locked for suspicious activity.
Unsuccessful appeal. So permanently lost contact with some of my childhood friends and no way to recover them as they are in private mode.
If you hope on Instagram to find a girlfriend, it can also have a serious impact on your life to not have access to it. No instagram + no WhatsApp = paranoid weirdo = not dating material
Facebook's actually the only company I've heard of that will ban you for inactivity. Gmail will delete addresses if you don't log in for a while though I think they probably scan for 'one and done' things, and not things that look like critical infrastructure, but that's just a guess
I’ve interpreted it as a sort of head-in-sand coping mechanism for those low-likelihood, high-consequence events people feel powerless over. It’s less distressing to be powerless if you decide that the real issue was a fault by the victim and not a powerlessness you have in common with the victim.
Oh I doubt it was his fault. I had something similar happen setting up a phone for a neighbor. Apple decided it was fraudulent after I added her address to the account. It was now dead with no recourse. At least I didn’t spend much on a used phone. Picked up an android and said it’s time to adapt.
You’re right that nearly all responses are emotional , to maintain internal consistency. Even purchasing large gift cards is a common discounting approach when paying for cloud .
The sad news is when important people get locked out they can call dedicated support . This case was of someone who wasn’t celebrity enough to have that access
I love your comment and I could not just upvote it because it is true with so many things. The technocracy/corpocracy is trying to sell you things that mnake you believe you can have power over everything, even your life. Anyone who "fails" at anything, it is all your fault. I have literally been told my mental illness, and my current homelessness, is my fault because I did not do the right thing. The power and control people think they have over their lives is a paper thin delusion.
Our shared powerlessness should bring us in communion with others, but the technocracy/corpocracy wants to rip that apart and make us dependent on them for profit.
Commentators here presumably work in the industry, possibly even for 'the big companies' (I'd say FAANG but any big, life-depending, big-architecture corp, but you know what I mean, basically)
They should be tripping over themselves of "How can we fix our corporate incentives to actually deal with customer problems". Not "lol OP, sux"
It is possible to suggest preventative/corrective action without blaming OP. I find it kind of sad that you can't make helpful suggestions (to future potential victims) without someone saying you're "victim blaming."
Using a separate email address for each site is smart, but creating a separate email account for each site is going to be very tedious, and I imagine Google, Yahoo, etc are going to stop you very quickly after you've opened 20+ accounts with the same phone number.
(Use a catch-all to have different email addresses for different sites, because when one gets hacked, then the damage is limited.)
Only if you are not locked out of the registrar. Then your only hope is what nobody would squat your domain when it lapses.
Eg: Dynadot decided what my birthdate is a secure pin two years ago. No combination of it works and I'm not even sure if I'm not shadowbanned for the attempts.
I tried this for a little while but quickly stopped as a critical mass of websites broke when I tried using it to sign in. Special characters in your email address is an edge case that produces inconsistent results even within a single product
This has worked for me for nearly 20 years (when I made the account I didn’t know that the dots are ignored). The only time it’s been a problem was with one company whose system stripped the dots out.
You need to send them an email to cancel. When I tried they said “you need to cancel from the same email you signed up with.” :/
I have content on Google and Dropbox but I have live backups. It would be very annoying to be locked out of Google, but I would not lose any data. Anyone can have a NAS, you don't need a while basement or to live inside of one (??!?)
Yes, those companies should absolutely be forbidden to behave like this, and punished heavily when they do. But until it happens (which doesn't look like it will), your data is your responsibility.
You can run rclone every couple minutes on your NAS, it checks mtimes like rsync so it is reasonably efficient for most cases, though you may run into ratelimits with bigger data.
First of all, you don't have to care about this, unless you are wanting something from others and you depend on others and their opinion about your writing significantly.
That said, it does make your writing seem very odd. A little bit like the people, who apparently don't know what the shift key does, or how to trigger capital letters on their phones or something, and write only in lowercase letters.
Just because your phone does something silly, and it is not you doing it intentionally, that doesn't mean, that other people will not get a weird impression from you writing like that. In a way, you are letting your phone change the impression others are getting from your writing. And that impression is for many people that they wonder, whether you know the conventions of writing.
Now, like I said, you don't have to care about this. But if you want your texts to not come across like teenager written texts or low effort texts, it would be a good idea to fix your phone's silly settings, so that it doesn't do that to your writing.
For what it’s worth, I remember having this issue with Samsung OneUI keyboard when it was in French. In French there is this rule there that you should put a space before “?” and “!”, so perhaps their developers understood “all punctuation” or something.
I am not depending on cloud storage at all. What do I need to upload onto some cloud? And when I need to sync between devices, or rather want to sync, then I have a Syncthing setup on my server running. No cloud. And copies on participating devices.
Sure, it is not directly their fault, when they are treated badly by big tech. Though of course they could have been more careful, and rely less on big tech and cloud. We can all learn from this example, like many others before this one.
How do you collaborate ? Do you have friends ? A job ? I’m not being rhetorical —- it’s very rare to have friends or a job and not have some ties to the cloud. Even my tiny HOA manages its record in the cloud
Presumably, as the GP said, you're not a normal person and you live in a basement. >sigh< (I'm with a lot of what the GP said but they didn't need to be insulting.)
The solutions self-hosting storage for non-technical people are terrible. Presumably there's no market for selling a solution that gives individuals data sovereignty. I would guess the margin isn't there and a recurring subscription for something you own is probably unpalatable to a lot of consumers. So this is what we get.
The main side-effect is the lack of trust and integration. For example, if you self-host your email (or more realistically push it on a VPS), then the moment you want to send an e-mail you are going to be marked as spam.
To register on some websites you may sometimes receive: “please use real email from gmail/outlook/etc”.
When you have a business meeting with a customer: “oh just install Jitsi on your mobile phone” is the best way to lose a sale.
Or no way to pay train tickets because you cannot install the app because your Apple / Play Store account is locked.
I get what you are saying, but the examples are not great:
I've rarely seen (if ever?) a website so stupid and user hostile, to claim that there are no other "real" e-mail service providers out there, other than gmail, outlook, or a maybe a few others. There are services, which reject things like tempmail, that much I have seen, definitely.
Jitsi Meet runs in the browser. Does it not on a mobile phone? Perhaps there is something to this one, if it is the case, that customers in some areas don't even own any working machines any longer and only have phones.
Train tickets, at least where I am from and living, one can always buy, by going to a service center, or online via browser. I never had to use an app to buy train tickets. Even when traveling in China, which is arguably much further in terms of digitization than Germany, I was able to buy train tickets via a website comfortably, upon which the ticket was registered to my passport.
But I get it, there can be such examples.
Though I don't think this really matches the "depend on the cloud" thing. It's more like depending on services, that make use of "the cloud", and not directly using cloud services oneself.
I agree with you, and I think your reasoning is totally understandable. Just that I see additional friction, and friction in a business world is risk :/
(side-note, with Jitsi, it feels like I have a fireplace log in the hands when I use it)
I think Samsung rejected non-"Big Emails", but pretty sure we can find exceptions both ways.
Fun stuff I found while searching:
> https://transportation.ucsc.edu/buses-shuttles/dvs/
>
> The Disability Van Service (DVS) is a shared-ride service that provides on-campus wheelchair ramp–equipped transportation for those unable to use the regular Campus Transit system due to disability
>
> If you are a visitor, please use a Gmail address to complete the form or email dvs@ucsc.edu if that is not possible
and then, the form is behind... a Google login wall
Concert and theatre venues in the US, mostly locked into exclusive agreements with Ticketmaster, practically require a smartphone running the Ticketmaster app. You can load the tickets into the Apple and Google "wallet" apps but you have to have the Ticketmaster app to do that. In the past year I've had to pretend to be a confused elderly person and beg box offices to get me printed tickets because I don't want to load the Ticketmaster app. Eventually I'll have to buy a burner device, assuming I still want to attend live events.
Ah, perfect! One question: is Ticketmaster rejecting non-"Big email providers" ? I suspect they do, due to bots (wouldn't it be the same with Tinder, etc ?)
Sovereignty also means responsibility. Either you have to keep your network secure, or you pay someone else do it (not always very well), otherwise you get security problems. Same goes for redundants backups, hardware maintenance, etc.
> there's no market for selling a solution that gives individuals data sovereignty
Theres no turnkey solution (of course not, it is prohibitively complex to architect one), but the bits and pieces are there, built on tried and tested software. For example, SMB and rsync and their clients, are practically enough to do backups.
Not saying this in a derogatory way, but that pretty much means you are not a "normal" user but someone who is tech savvy enough to not rely on someone else's cloud.
"all it takes" is a very naive simplification of how to accomplish this solution and is much more complicated for a non tech savvy person than just hitting "yes" on a backup option their phone prompts them for.
Nonsense. Many hard drive manufacurers make products specifically designed for "normal" people to easily backup their data. If you can't be bothered with that then I'd say you aren't "normal" either, and likely developmentally challenged.
I feel like you must be in a social bubble if you think this is a task the average Walmart American views as easy. These devices also are typically marketed for PC backup and don't usually make backing up their phones "easy". It also is something they'd have to regularly remember to do. It's substantially easier for a user to have their photos immediately and automatically backed up to icloud or Google Photos, and you're being intentionally obtuse if you're suggesting otherwise.
It's also not at all appropriate to claim people are "developmentally challenged" simply because they don't feel comfortable backing up their own data regularly to an external device. As such I have also flagged your comment.
The legal Deparment runs most companies . They are the only way to get something bespoke done (like unlocking an account ). And companies are terrified of discovery.
Any lawyer can file a complaint in small claims . OP has paid for a service and has a contract
> Every normal person has content in Google , iCloud , OneDrive , Dropbox and maybe more. That’s 4+ single points of failure
It only means that the content is not valuable for them. I know people who created Google Account only because the phone required them to and they do not even remember the password or username, and do not use Gmail (why use email when there is Telegram). If they lose the phone, they would just probably make a new account.
If you were an investor or trader, managing millions of dollars, would you keep the only copy of critical information in a cloud? I don't think so if you are a reasonable person. Would you keep the only copy of a cryptowallet key in a cloud?
> If you were an investor or trader, managing millions of dollars, would you keep the only copy of critical information in a cloud?
I don't think the idea that they could lose access to their accounts occurs to most people. I've done enough business continuity and disaster recovery work with small business to be confident in saying it doesn't occur to small business owners. I'm not sure why individuals would be any different.
It's very hard to put yourself in the mindset of a non-technical person.
> I don't think the idea that they could lose access to their accounts occurs to most people
Most people do not store anything valuable in the cloud anyway. The only problem is that they won't be able to login into Windows if MS bans the account, and they won't be able to install apps if Google bans their account along with phone serial number.
I don't get the mostly black/white "Self-host" vs. "Mega-Corp" discussions as there is a middle ground: smaller managed service providers (even: per-service).
You don't have to self-host everything in your basement, and you don't have to hand your entire digital life to Google or Apple either. Mail, CalDAV/CardDAV, Immich, Nextcloud, OpenCloud, OpenTalk, web hosting, Kubernetes, simple VMs.. whatever ... fully managed, run by local or independent providers or by the company behind projects, without Big Tech lock-in. If chosen wisely, you can migrate, take over, or bring it in-house when you want. Just spend a few bucks and do some company research. Same as you would when choosing craftsmen, lawyers or something else.
For example, that's actually how we operate as a company for some of our customers and even a few single persons: we provide SaaS AND setup documentation. Customers can transparently take over at any time. We even help separate domains, credentials, and administration from us. Convenience without captivity. I am sure there are hundreds of shops like ours, providing comparable services for people in their wider neighborhood.
There was a time when I accidentally deleted some photos of which I had only one copy. I blamed myself for being stupid not having a copy but also money was tight for additional drives.
Then there is this: depending on a service provider and then blaming them for something like this. The problem is that now you are losing trust in service providers (of which there should be little to begin with) and on top of that you are also blaming yourself for depending on them. However you have to create a trust model where your fault allows you to have a service helping you with it while a fault at the service provider will allow you to restore data from your end too, getting the best of both worlds.
MacOS and Windows / Google with always logged in systems that lock you out completely at their will is an example of how your devices are not owned by you to begin with and then trusting them with your data as well means your digital life is basically owned by them completely.
Now imagine that there are no humans to solve this but endless LLM bots that respond with generic responses because the LLM has never seen a problem like this. I want to point out that owning your data and hardware is really important if you depend on it and your business especially does.
I think this argument conflates “what’s possible” with “what’s reasonable”.
In a complex modern society, we can’t all be expected to have backup plans to the Nth degree.
Is it possible to bore for my own water supply, install solar+inverter/battery backup for electricity, get a medical degree to treat my own wounds? Sure but most would say it’s not reasonable.
It’s why we have regulations and ombudsmans for healthcare, transport, finance, water provider, electricity providers, communications providers etc.
Oddly missing from that list is critical technical infrastructure providers like Microsoft, Apple and Google.
I actually really like the idea of a Digital Services Provider Ombudsman, who you can go to if you feel like you've been wronged by a big tech corp. They have a "way in" that consumers potentially don't, and they have the capacity to levy fines in certain circumstances. I love this! What's preventing this from happening, other than no governmental pressure to make it happen? I might write to my MP...
> However you have to create a trust model where your fault allows you to have a service helping you with it while a fault at the service provider will allow you to restore data from your end too, getting the best of both worlds.
This is why I suggested to have a dual model. Leveraging the cloud and services is really a good choice as long as you have backup systems running independently as well. Your backups may not be as powerful and full fledged as the main provider but in case of emergencies like these, you still own your data and hardware and don’t panic.
In this example a weekly backup of iCloud to a drive connected to a pi with rsync could be a simple solution. 6tb is not even that much given that 500$ gift cards are being used by the author. The backup is not great but it is easy to see why it’s also necessary to own your data.
That is in no way a reasonable suggestion. You’re suggesting a raspberry pi (first red flag) along with a command line program. This is not reasonable in any sense of the word. Imagine me suggesting that everyone should be set up their own unraid server to make sure they can still stream movies and videos if Netflix goes down. Imagine me telling you you should set up a foundry to build your own engines because you can’t trust big car manufacturers. This is the case with everything in your life
Regulations exist because it’s impossible for any one person to handle everything that needs to be handled.
>That is in no way a reasonable suggestion. You’re suggesting a raspberry pi (first red flag) along with a command line program. This is not reasonable in any sense of the word.
Uh, the guy writes programming books for a living.
But since he's all-in Apple he could just use Time Machine to some sort of NAS and get a more streamlined version of the above.
It’s not reasonable because you’re assuming that 1) they have the time to set up that network infrastructure 2) their skills align with that 3) they have the knowledge to do so 4) they live in a country without strong regulations that would make such a thing unnecessary.
Just because you know objective-c doesn’t mean you know a damn thing about raspberry pis, backup programs, NASes, or anything else. It doesn’t mean you know or want to manage your own network infrastructure. They’re a Mac app programmer, not a Linux professional, not a micro-computer professional, not a network engineer, not a sys admin.
Time Machine wouldn’t work here, because it needs the files locally and he’s already stated he doesn’t have a 6tb drive.
1. I am pretty sure OP could manage to plug in an ethernet cable.
2. Again, he should be able to manage to set up a computer and plug in a USB drive, even if not familiar with the particular OS. People are not that narrow
3. I am pretty sure he could manage to install and run some backup software on his devices
4. I assuming you are missing a not there, but regulations have clearly not solved the problem, in fact its likely AML regulations caused it.
> he’s already stated he doesn’t have a 6tb drive
Someone who uses a $500 gift card to renew subscriptions could afford one
So that solves it for OP, but not for every single other person out there who's not as tech proficient and relies on iCloud for backups.
Which is not an unreasonable thing at all considering it's literally marketed as a storage solution for your photos, and a top of that even encourages users to store originals only in the cloud.
It won't solve for people that only own an iOS device but setting up a Time Machine backup is aggressively recommended by OS level notifications for every macOS users.
A simple usb hard drive will actually do, no need for a NAS. The only action required to implement proposed solution is to check "Keep all data on this Mac" in both photos and iCloud Drive settings. And to be extra cautious add a second backup drive from another vendor (to be extra extra cautious don't use Time Machine for the second drive).
For the specific case of thoses that don't have a big enough internal drive they might need to store data on an external drive. But if you do have 6TB of pictures you normally should ask yourself if a RAID1 or RAID6 is not warranted at this stage.
In conclusion it's not a binary decision there is lot of room between "I solely rely on the cloud" and "never trust the cloud".
> Is it possible to bore for my own water supply, install solar+inverter/battery backup for electricity, get a medical degree to treat my own wounds? Sure but most would say it’s not reasonable.
Bad analogy. A better one would be having a torch in case of power cuts (done that) having some extra food in the house in case the grocery delivery fails, having some basic medical supplies in the house, having mobile internet connection in case your broadband fails etc.
Having backups of your stuff is an emergency fallback
Ordinary backups don't aim to replace the full service. When you have a stock of food, you don't have enough to last you a lifetime. You have enough to weather a storm. The equivalent for tech would probably be having an offline copy of your "essential" data, but not of every photo you ever took. It would protect you from temporary internet disruption, or if a provider suspended you for a few days, but not if they banned you completely with no recourse.
> Is it possible to bore for my own water supply, install solar+inverter/battery backup for electricity, get a medical degree to treat my own wounds? Sure but most would say it’s not reasonable.
I’m feeling attacked. Here I was thinking my lifelong work of self sufficiency for my family was completely reasonable until you came along. Thanks a lot!
This is one of the worst stories I’ve seen yet. It sounds like they were “all in” on Apple with zero backups, which shows some questionable judgment, but still, this sort of thing shouldn’t be possible any more than a bank deciding to take all your money with no recourse. (They can close your account, but they can’t keep your money.) Maybe hosts should be required to mail you a hard drive with your data on it when they close your account. Regardless, never assume cloud data is in safe hands.
> this sort of thing shouldn’t be possible any more than a bank deciding to take all your money with no recourse. (They can close your account, but they can’t keep your money.)
I once had to help a relative sue a bank who had closed his account after he refused to answer their very intrusive questions (they wanted to know details about distant relatives living in another country). They also refused to return his money (tens of thousands) and refused to explain why. No amount of complaining or escalating made any difference, although we did manage to get a nice recording of an employee saying that he thought the bank was in the wrong.
It took me issuing court proceedings, plus several more months of negotiating with their lawyer, before they finally settled out of court. Even then they tried to not pay the court fee, and they tried to get us to sign an NDA (I refused to budge on both). Altogether, it took 6 months to get the money.
Similar to how people in this thread are talking about mitigating reliance on cloud providers (e.g. with offline backups), I now do not trust any bank. I avoid being in a position where any one bank can ruin my life. That means having multiple accounts and spreading my money around.
Luckily for me I have a legal background so when a corp (big or small) does this sort of thing to me I don't hesitate to sue them. In almost all cases this causes them to "wake up" and start taking your issue seriously, in a way that the front line customer support reps never do. I recommend this to the author of the original post.
all banks. Any bank that can indefinitely freeze your money and get away with it will do it. And now that everyone is doing it, the reputation damage is minimized.
Some banks do things that make you never want to do any business with them. Wells Fargo would open checking/savings/credit card accounts without their customers knowing, then Wells Fargo fired thousands of employees as a result of being caught. I will do everything possible to never to business with them.
It baffles me how much this community is opposed to Bitcoin (and fails to delimit it from the rest of the crypto-scams on going) when, for me, it is existential. When you go through 1-2 experiences of bank-freezing and you realize your life is literally at stake here, the abstract debates about energy consumption or speculative bubbles feel like they come from completely misinformed individuals.
It's like watching someone on a rail track arguing not knowing what is about to hit them.
Self custody of cryptocurrency, for the vast majority of people, is riskier than putting their money in the bank. Most people lack the technical competence to keep their crypto secure, and the downside of losing access is much more significant. Notice that the stories regarding banks go "I had to sue them to get it back". With cryptocurrency, in the vast majority of cases, it would instead be "the money was gone for good".
> It sounds like they were “all in” on Apple with zero backups, which shows some questionable judgment
iCloud literally encourages users to opt for storing originals only in the cloud. It's marketed as such, it nags you about this every now and then, and iCloud is the preinstalled default cloud storage on every iPhone. Consider non-techies dealing with this too.
I do have backups of most data, including photos, but there are things you can't backup like shared actively edited iWork documents, and things like that. I can rebuild from it, but it's still a shitshow and my very expensive devices are bricked.
Concerning all those 'bricked' devices it would be really nice to get some more details concerning the 'block'.
Can you use your iPhone to call someone, can you use your MacBook overall? Login, use Apple Passwords(!), looking at photos within photos app and so on...
> this sort of thing shouldn’t be possible any more than a bank deciding to take all your money with no recourse. (They can close your account, but they can’t keep your money.)
To me this is the biggest problem. Just like a bank can decide to close your account at any time, it's reasonable that Apple (or any business) could do the same. But they can't keep your stuff.
You can say "don't be naive and assume your cloud data is safe", but in today's world that's like saying "don't keep your money in a bank". The reason I pay for iCloud storage is because it's supposed to be safe (safer than my local HDD going bust or getting lost).
To what extent is the victim their own perpetrator? They allow the status quo to succeed by endorsing it. They voted for this with $30,000 of their own money, and they will likely vote again.
So taking a wrong turn should result in you being mugged, raped and subsequently killed because apparently there was some "safe", but less convenient, passage?
You're not helping OSS by making claims like these.
Obviously you're being facetious, that is not at all what that poster is claiming.
While I agree that entering a dark alley shouldn't result in ill effects, if ill effects happen in said dark alley it is still worth the discussion to remind people to stay out of dark alleys in today's day and age (or until the root problem, whatever it is, is improved).
Pretending that it is OK to enter dark alleys and forcing blame elsewhere will continue to have people unwittingly enter dark alleys.
> While I agree that entering a dark alley shouldn't result in ill effects, if ill effects happen in said dark alley it is still worth the discussion to remind people to stay out of dark alleys in today's day and age (or until the root problem, whatever it is, is improved).
This is not a dark alley. It's the main street. It's the world we live in. iPhone has more than half the market share in the US and well over a billion users worldwide. Moreover, Apple, Google, and Microsoft collectively monopolize consumer operating systems on both mobile and desktop. Try going into a retail store and buying a computing device that is not running iOS, Android, macOS, or Windows. That's the reality for most people.
The dark alleys are the non-mainstream options that hardly anyone knows about.
To further stretch the analogy: the main street is now full of potholes, sinkholes, and even landmines. The root problem is that, in exchange for convenience, we as a society have ceded too much power to these large businesses and we are now paying the price for it. We have bought the proverbial monorail [1] and now we are stuck with it.
> The root problem is that, in exchange for convenience, we as a society have ceded too much power to these large businesses and we are now paying the price for it.
I don't know why some people have made "convenience" into a dirty word. Almost everything we do is for convenience. You could live in a remote log cabin with no electricity and grow/hunt your own food, separating yourself from most of society, but that wouldn't be convenient or pleasant.
Individual consumers have very little power over the market. There's a collective action problem, which is why governments and regulation exist... or should exist. The way I see it, the root problem is a massive failure by (corrupt) governments to protect consumer rights.
How do governments become corrupt in the first place though, if they don't start that way? It's collective action problems all the way down.
Perhaps the root problem is that we've blown too far past Dunbar's number to be able to deal with the societies we live in. All of these systems we've contrived to mitigate the trust problem are full of holes.
As for convenience, that carries a tradeoff. All of the technology and all of the revolutions we've had (agricultural, industrial, information technology) have come with these tradeoffs. Even the log cabin has downsides compared to the nomadic hunter-gatherer lifestyle.
> How do governments become corrupt in the first place though, if they don't start that way?
I think the US government did start that way. Maybe not "corrupt" as such, but the United States was founded by plutocrats and was clearly designed to protect the minority of plutocrats against mass democracy.
> Even the log cabin has downsides compared to the nomadic hunter-gatherer lifestyle.
Yes, but I'd say the nomadic hunter-gatherer lifestyle has even greater downsides, and our current state of convenience is in many ways a vast improvement over the precarious existence of our distant ancestors.
So many asslickers of Apple here, blaming the victim when clearly anyone could be the next victim. The same issue with clouds like Google Cloud that can charge you 100k USD tomorrow just because of someone doing a loop of wget on a cdn endpoint.
The real solution is to have a neutral, efficient and formal process under supervision of regulators to have such case escalated and handled.
I already see all the tech-bros coming: “you see it was not an issue, they reinstated the account after you posted” while ignoring there are silent victims.
LLMs actually do a good job at reading legalese, this may finally reverse the trend of corporations using inpenetrable language to screw over customers.
Of course, that doesn't help in the US with its vicious Supreme Court endorsing the most blatant abuses under cover of binding aritration.
Every single cloud storage provider has a generic cop-out clause in their TOS that allows them to lock you out of your account for no reason at all, with no legal obligation to provide any proper justification.
This leaves you with just about zero cloud storage solutions that you can use.
Yes, yes, you can rsync your files to your NAS. Now explain that to your non tech-savvy neighbors.
Here is how the gift card scam works (in Australia)
[Quote]
Yes they do still get activated at the checkout. But when you go to redeem, the code is missing the last digit or two so it doesn't work. People take the unactivated gift card, tamper with it to get inside carefully so it's not detectable, scratch and get the code, remove the last digit or two, replace the scratch off layer, put the unactivated gift card back on the shelf.
Then after you activate the gift card at the checkout, they redeem it.
This is why Target doesn't have the activation code on their gift cards anymore, you have to have it added with a sticker when it is being activated now, and then scratch it off.
Since your money is gone, I would file a complaint here:
ACCC (Australian Competition and Consumer Commission): The primary enforcer of gift card laws, ensuring businesses comply with the three-year minimum expiry, clear terms, and fair practices.
It's baffling that gift cards are so popular. You're essentially paying to decrease the value of your own money by restricting its use and adding an expiration date (and handing to someone as a gift as if it's a thoughtful alternative to cash).
An even more egregious case is the corporate credit card. The company dictates its use exclusively for business expenses, yet pushes all the liability onto the employee. The business gets a massive, interest-free credit line with absolutely no risk. The company gets the float, and the employee gets the bill and the potential credit damage if anything goes wrong.
tbf 95% of the time when I get a gift card these days it's Amazon or a big retail chain, that ain't exactly a deep cut in the gift department either.
We should probably normalize Chinese Red envelopes because honestly I'd take a nice envelope with a hand written note and some crisp bills over the annoying gift cards (https://en.wikipedia.org/wiki/Red_envelope)
Same reason they gift you a book instead of a can of petrol. By giving you a gift card, they're forcing you to buy something sold at a specific store chain, not to buy more petrol.
It can also be a way to make sure e.g. “fun money” gifts are actually spent as intended, getting around things like sense of responsibility, overbearing spouses, etc making the recipient feel obligated or pressured to spend it some other way.
It seems OP bought the gift card themselves as a means to top up their account balance (https://news.ycombinator.com/item?id=46252989). They basically used the gift card as an alternative payment option.
Gift cards are great for companies you don't trust with (up-to-date) payment details. Amazon, Google, Apple, whatever evil megacorp you can think of, they all have made the news with stories like these, and they have proven time and again that they will stand by and defend their arbitrary decisions in court if they have to, because involving basic human intellect in the chain is too much of a fraud risk.
Even if you like their services, who knows what they'll do when they have access to your credit card information directly. I can completely understand why someone would pay for their services with gift cards bought from a well-known, respectable store instead.
This story proves that none of it matters if your money along with your account vanish because the megacorp doesn't like your gift card for whatever reason.
In fact, it is far worse than paying with a credit card directly in terms of risk. At least, when something goes wrong (which rarely ever happens), the bank has your back. On the other hand, I have seen too many cases where people find their gift card codes invalid.
Book a date with TASCAT. I haven't used the Tasmanian one but in NSW it cost me a couple tens of dollars from memory and I got a response in days. Once the case lands with the _LAWYERS_ who are expensive, it'll get resolved.
Civil tribunals in Australia (an equivalent of small claim courts in other countries) do not involve lawyers in vast majority of cases and encourage self-representation instead.
In fact, the NSW Civil Administrative Tribunal explicitly requires the Tribunal’s explicit permission for a person to be represented by somebody else, including a lawyer.
But tribunal's decision is binding on the commercial entity, should it be found at fault and incurs penalties for avoidance or non-compliance with the decision.
> do not involve lawyers in vast majority of cases and encourage self-representation instead.
Sure, but if it's a corporation, who is going to represent the corporation besides a lawyer? In the US, some states explicitly do not allow a lawyer and require a different officer of the company represent them, but plenty do allow lawyers.
If Paris is taking Apple to the tribunal, there's no single human equivalent to Paris on Apple's side. This seems like the exact sort of situation where a lawyer is approved to represent somebody else.
You also get things like Stripe with mandatory arbitration. The arbitrator is chosen by Stripe. Naturally arbitrator wants to keep Stripe as a client.
Stripe terms allow them to hold the funds until 'investigation' is concluded but while held, they have the right to invest the funds and keep the profit.
> Sure, but if it's a corporation, who is going to represent the corporation besides a lawyer?
Under common law, lawyers (in the US sense) are not required on either side in the case of handling a dispute or a small claim.
Specifically in Australia, the company would have a complaint department, and the case would be dealt with by a complaint officer, not a lawyer.
If the scope of the case exceeds the tribunal's authority, the case is handled in the state's district court or in a federal court for cross-jurisdictional matters. The official title of the person representing the defendant (e.g. a company) in a courtroom is the barrister, but the case documentation and legal advice are provided by a solicitor.
Hi, I’m closely involved in xCAT cases for my Australian organisation.
We send an in-house lawyer to represent us at every mediation and hearing.
Every complaint that goes to an official body is dealt with by the lawyers at that point. Only if they complain directly to us does our “complaints department” handle it.
There are escalative methods to employ in such situations.
In many legal jurisdictions, a 'demand letter' holds weight. These can be served by courier, with proof of delivery as valid. One aspect of such a letter is a hard, specific time by which you will start legal action, along with associated additional costs.
You have two paths after the letter. The first is small claims court, or normal court. In many places, small claims court does not allow lawyers, and the judge will even have to explain any confusing terms.
Which means the playing is leveled, including reduced or no disclosure requirements, and legal cost assignments. Where I am, it's $100 to file.
The goal is to force a fix, at threat of legal consequences.
It is saturday! Guy had a trouble during non-business times and advice to make a complaint to ACCC?
People who unlock accounts do not work on weekends, it is not front line of support who works all the time.
What happened with giving a chance to people (which is Apple consists of) to actually do something before complaining to 4 letter agency?
Also ACCC will not deal with such complaints. It says right on their home page.
I didn't see a timeline but there were indications that the author has been trying to resolve this for much longer than one day.
Regulatory agencies can forward complaints to other authorities and act based on them even if they can't resolve the particular issue for the complainant.
1. This is a total nightmare, the author has my deepest sympathy.
2. Last time there was a post where this happened to someone, I looked into what you can do if you're locked out of your Apple ID or Google Account.
I know people will say "just self host", but all of the self-hosting solutions are not friendly to families or non-tech people. Telling my extended family to tailscale into my server to look at family photos from vacation is a total non-starter. All of the self-hosted solutions are also just way less smooth to use than the built-in integration iCloud or Google Drive gives with devices.
That said, there are straightforward options to deal with this (at least the data part), if you plan ahead. The high level strategy is to setup backups that let you get _a copy_ of your data not tied to any login you don't control. It's a bummer to have to go through these hoops, but again pragmatically, I'm stuck using these services to participate in modern life.
For Google Drive, you can rclone your data to a computer of your choice to get a copy of your data not tied to Google Account. It will even convert G-Suite files to Microsoft Office format, so you have a copy of the data offline.
For Google Photos, I'm not aware of a great way to get the data - rclone only gets low quality copies of photos. I'm an Apple user, so I didn't dive too deep here, perhaps the HN hivemind knows.
For iCloud and Apple Photos, you have a lot of options. You can use Parachute backup or the PhotoSync App to get a copy of your data not tied to your Apple ID. If you have a mac, you can also setup your mac to download everything offline, and do time machine backups - they are not tied to your Apple ID.
I will also add Synology NASes have a super, super easy to setup way to do all of this stuff (HyperBackup plus Synology Photos app) that's borderline worth the cost of admission on it's own, even with Synology's recent turn to the dark side. If you have non-technical family, you should strongly consider pointing them in this direction, if you can use a smartphone you can probably get this working.
> All of the self-hosted solutions are also just way less smooth to use than the built-in integration iCloud or Google Drive gives with devices.
The built-in integrations (iCloud, Google Drive) are smooth right up until you’re locked out or forced into changes you can't control. Obviously.
There is a middle ground though: managed service providers (per-service). You don't have to self-host everything in your basement, and you don't have to hand your entire digital life to Google or Apple either.
All of the options outside of the big ones (iCloud, Google Drive, OneDrive) seem vastly more fiddly and difficult to share with non-technical people. e.x. sharing a budget spreadsheet with my wife, shared photo albums, and so on.
If there are other options out there that work as well as iCloud or Google Drive, I'd love to learn about them.
The best I've been able to land on is making a local copy of the data under my absolute control, while using one of the top tier providers for my "live" copy.
Can you give an example? I am looking for a way out.
I kind of self hosted for decades on a virtual server until I couldn’t keep up with it. So much stuff broke something in the stack, bringing the server down. Often, I had to initiate a full lock down on everything before going up again, consuming a day’s effort or two.
I'm not the biggest advocate of the EU DMA, but account and device access is one item we should actually be regulating very heavily, where potential penalties for (suspected) abuse or incompliance must be much more granular than full-on account bans.
It's hard to believe EU governments are actually considering mandating iOS and Android as gateways to access government services. It's a level of ignorance that's unfathomable.
This story is also exactly why I invest precious time running a Linux machine in the basement that rclones my cloud drives locally, as well as having full local copies of my webmail contents.
> It's hard to believe EU governments are actually considering mandating iOS and Android as gateways to access government services. It's a level of ignorance that's unfathomable.
While I agree in principle, it's not so bad. If you get hit with an account ban, you just get another device to work with the government.
> It's hard to believe EU governments are actually considering mandating iOS and Android as gateways to access government services. It's a level of ignorance that's unfathomable.
There's a good reason behind this approach, even though I don't think the benefits outweigh the downsides. These apps are supposed to be the phone equivalent of the NFC chips inside of passports and ID cards, which have all kinds of encryption and verification inside of them. They have to be protected against malicious data extraction, manipulation, and other fakery.
Phones do have the ability to do that, even free ones, and even regular desktops and laptops. How they do it kind of depends on the implementation (whether you call it a "secure element", a "TPM", or a "trusted execution environment"), but they all come down to "hardware proof shows that this digital signature is not extractable or alterable". The data isn't supposed to be something you can access, like a password, but something you can only do signed reads from, like the physical ID chips.
In iOS, that part runs entirely on dedicated hardware which will refuse to run non-Apple code, which is probably the best approach. On Android, there are more options and many phones run a software version of that concept in a dedicated separate virtual machine to save cost on physical hardware. The security of that virtual mechanism relies squarely on the early boot process having been verified not to be altered by malware. That's what the Google verification library is for in this case.
This approach can work just as well on other hardware with dedicated TPMs (although a lot of free software enthusiasts will tell you those are evil contraptions designed by Microsoft to turn your unborn children into little versions of Clippy) or dedicated encryption modules. However, you'd need a common enough, accessible API for those to function. That's actually quite easy on Windows and macOS, but Linux TPM support is rather woeful at the moment, especially with how uncommon things like secure boot (even self-signed secure boot) are.
In practice, nobody is going to buy a special sort of yubikey to log into their government's tax portal. Dragging people into basic multi-factor security has been a challenge that lasted decades.
However, pretty much all citizens already have phones capable of top-of-the-line security verification. Developing a free app is a lot easier than implementing cross-platform HSM support for a novel authentication mechanism.
All of this comes at the cost of having to run vendor-approved software. That's a huge problem for a lot of HN visitors, but those people form a sliver of a fraction of the population. I'm willing to bet the EU's digital access is inhibited more by the amount of old people without cell phones than the number of people who care about free software.
I personally feel like outsourcing this kind of trust to closed source implementations of vendor blobs is a terrible idea, but it's hard to find an accessible alternative that provides even the lax security properties those blobs provide.
Something I do find lacking in discussions about these technologies is how much the EU is relying specifically on American vendors here. America has been shown to be an unreliable ally that will gladly force the EU's hand with whatever mechanism comes to mind for extremely arbitrary reasons. There is a distinct lack of European alternatives when it comes to accessible secure computing, and I'd rather see the EU invest in local alternatives than go all-in on the security promises from Apple and Google.
We must have regulation, and I support that fully. It also seems healthy to me to have an independent view on the specifics of said regulations. I mostly agree with the vision and direction of the DMA, but in my opinion it lacks specificity and clear unacceptable boundaries.
That lack of specificity, to me, is why Apple has been able to implement malicious compliance. At the same time the lack of specifics risks companies leaving the EU market in its entirety due to regulatory unclarity with high fines.
There's a difference between malicious compliance and noncompliance. The EU has generally ruled that the lack of specificity you allude to does not exist; Apple has misinterpreted things that provide specific requirements to mean something other than what they legally mean. Fines have been levied and it seems that the situation has not yet been resolved; the fines will likely grow if Apple doesn't comply.
Wow. This is a cautionary tale. I don't think I'd be as devastated as this poor chap, but as it grew I realize I've allowed my iCloud photo library to become a single copy.
How are people handling this these days? If i wanted to ensure a full backup of everything on my iCloud to a NAS, what's the best way these days? Seems like they make it difficult by design..
I'd like to give a special shoutout to the PhotoSync app. It has one killer feature that Immich does not (at least last time I looked): encryption at rest. I think someone breaking into my house and stealing my NAS is a real possibility (unlikely, but I'd give it higher odds that getting locked out of my account like what happened in the article), so this is super important to me.
You could put Immich data on a LUKS volume I suppose, but then you have to fiddle with your server every time it reboots.
I did PhotoSync for a while, but now I just set up my Mac to download my whole photos library, and do Time Machine backups of my Mac. This gets two copies of the data not tied to my Apple ID (the one on my Mac's local disk, and the one on my NAS on the time machine volume).
I self host an Immich [1] instance to backup photos on my iPhone. It’s OSS and has a level of polish I’ve rarely seen in free software. Really, it’s shockingly good. The iOS app whisks my photo off to my home server several times per day.
What I’m not sure about is how to backup things like iMessages, Notes, and my Contacts. Every time I’ve looked, it appears the only options are random GitHub scripts that have reverse engineered the iMessage database.
The imessage db is literally just a sqlite db. If you have a Mac you can read the entire thing with an applescript. It’s really easy from what I remember from years ago
I use Nextcloud for files/contacts/calendar/etc. as well, but for photos I use PhotopPrism [1].
The reason is simple: photos require much more processing and focus on performance. In addition, photos take up much more space, so while my Nextcloud instance runs on an SSD, the photos reside on an HDD, mostly in sleep mode.
I run a separate Mac Mini that has the full iCloud Photos library on a massive external drive, set to "Download originals". I then rsync that filesystem to a separate Linux box. This works but you must not ever disconnect the external drive.
I don't have a solution for iCloud Drive, as there wasn't a keep offline setting last time I checked. So use it only ephemerally.
Time Machine backups to a samba share on the Linux box would get you both the Photos library database and the iCloud Drive stuff. It also means you don't need to bother with the external drive.
There is a keep all files offline setting for iCloud Drive (turn off "Optimize Mac Storage" in Systems Settings).
Arq [1] has an option to "materialize" dataless files, basically forcing them to be locally available. The only issue is if it's a large file and it gets pushed off device often, you can burn a lot of bandwidth re-downloading it over and over again.
At least as of Sequoia, the Settings > iCloud > Drive > Optimize Mac Storage option enables iCloud Drive files to be stored offline. Likewise, right clicking any iCloud Drive files in the Finder includes a Keep Downloaded option. Since I minimally use iCloud Drive, in the past (older OSes) I also had Hazel make copies of iCloud Drive files so they were certain to be in backups.
I'm not familiar with the "Photos Library.app", but I have an m4 mini with my photos in a Photo's Library. I'd love to know your script to rsync the photos into a separate drive/directory
(note: tested with brew rsync, IIRC the default rsync is outdated on macOS)
Somewhere in the directory structure is a folder /originals/ which has all the actual files.
Note that this is only a last resort backup. Restoring the library as a whole requires a Mac with a compatible OS version. Restoring without a Mac would only get you the originals, so only the out-of-camera files (jpg, heic, raw), with no edits or metadata changes from Apple Photos applied (Apple Photos doesn't touch the EXIF data). You'd probably also lose the video part of all live photos, as the live video files stored as separate files and not part of the .heic files. They're there, but not very usable.
An alternative to this workflow is to export all photos (with edits applied) from the Photos app, but honestly I'm not sure if that even works and how long it would take for multi-TB libraries.
The issue with OneDrive is that it doesn’t store metadata like the photo location, its damn near useless. But I do pay for storage for Google Photos and iCloud.
If you take all of your photos from your phone, you don’t need your Mac at all. Google Photos will sync directly.
I wouldn’t use BackBlaze (the $7 a month service). It doesn’t support NAS at all and it has to phone home every 30 days or it will erase anything that is stored on external drive.
I would use an app that backs up to their B2 service.
I personally just use my personal AWS account to back up my Plex media and just use the AWS s3 sync command using the AWS CLI and store everything in S3 Deep Archive. It’s less than $2 a month for 2TB.
Backblaze doesn’t erase after 30 days… I’ve had a computer be offline from it for several months and it still retained all data. And you can use the backblaze docker container to run on a NAS, much much much cheaper than B2.
Wasabi is much cheaper than AWS as well.
Finally the best solution for backing up your iCloud Photos is definitely Immich. Set it up on your own NAS or a VPS, back up to that, and then back up that server to an S3 storage using rsync or restic. I’ll note that I still backup to Backblaze because its so dang cheap.
I spent months trying to find the best setup a few months ago and this is by far the cheapest.
But still, this shouldn’t be required for normal people. They should get what they pay for.
> It has to phone home every 30 days or it will erase anything that is stored on an external drive
It’s actually more nuanced. It will back up files on a USB attached drive. If it doesn’t see the drive attached for 30 days, it will erase the backup.
If you have your computer off for more than 30 days and you bring your computer back on and the USB drive isn’t attached when it connects to BackBlaze, it will erase it.
Only if you’re backing up nothing and using non-encrypted files and making sure you don’t delete anything (rsync with delete turned off). I tested this not even three months ago. I hit $30 with only 3 tb of data with deep archive while wasabi AND backblaze cost less than that. No need to even trust a single provider. If you’re never changing your files AND you don’t care about encrypting them then yes GDA is fine and pretty cheap. Otherwise wasabi and backblaze get more done for less cost.
I understood what you meant about GDA. It just doesn’t come out to that unless you put stuff in and never touch it, which is a valid use case! Don’t get me wrong, I planned on doing the same but with restic it would cost so so much more than wasabi and backblaze that it was a massive waste of money and really revealed amazon’s strategy, which is lock your data away and charge you to access it.
I wasn’t talking about B2 though, I was talking about Backblaze personal, which you can run on a NAS with a docker container.
yeah that's the thing. When my iPhotos library exceeded 1TB I lost the ability to store the full local copies. Since then, iCloud itself has been the sole source.
I recently rebuilt my home server as an unraid machine. Currently it’s mainly torrents and a Minecraft server but it’s got 10tb of locally redundant storage with a sightline to scale that to around 24tb, so it would be a logical place to store a full gphotos copy.
Thanks, I have the same problem and need to do something about it.
I wonder if it can calculate (estimate) how big of an external disk I'll need. My wife and I each have 40-50k photos and a few thousand videos in iCloud Photos.
If you want to truly save your photos, make backups of the locals and put it in your safe deposit box at the bank. Or alternatively, at a trusted friend/relative's house.
Even doing this yearly can save the immense sadness of lost memories. And of course, this works for emails, and everything else.
If you encrypt it, make sure you use a method not tied to any external service, or the machine you're on. I don't use Apple, yet I suspect that an encrypted external backup might be tied to your Apple ID, or some such, because that's how the world flies today.
Yeah, the plan would be external disk -> offsite storage.
I wouldn't bother to encrypt, it's just family photos and I wouldn't want to complicate restores. Especially if it was my wife who eventually needed to use it.
immich is an extremely polished, FOSS alternative to google/apple photos. It's an investment, but a 4 bay NAS running immich should do nicely. Additionally I backup snapshots to Backblaze B2 via restic which runs another $5/TB
Why would you need it to be end to end encrypted anyway? You’re running it. Set it to only upload photos when you’re on your home network and you’re fine. Or fork it and make a PR and make it e2e encrypted.
You can’t just “fork it and make a PR and make it e2e encrypted”. All the features run serverside, e2ee is fundamentally impossible because of its design, of which you seem to know fuck all.
I’m being dismissed by I run a rather large homelab and I still want my photos iCloud like, where end devices decrypt and run ML. Immich is a Google Photos clone where you give it everything and some server does all the magic.
Syncthing is wonderful, and does a great job of syncing between an Android phone's photos/videos and a laptop. And if you have regular automated backups of the laptop, you'll have backups of the photos/videos too.
For an iPhone, perhaps you could use iTunes to sync to a computer and back up that computer.
sushtrain seems like the best option for syncthing at the moment. its a bit more polished than mobius. neither of them sync in the background but i think i remember seeing someone using shortcuts to open the sushitrain app every now and again to wake it up so it would sync
Sync to Dropbox -> Dropbox hourly & monthly backups to my NAS using Bvckup2.
(One of these days I’ll setup my NAS to backup offsite fo a #3 backup).
I know that others with Macbooks sync their whole library to their Macbook and then Time Machine to a NAS as their copy #2. Is this vulnerable to the problem in TFA?
I simply manually periodically download everything to disk/software raid. Really important/sentimental stuff like baby photos and videos I have on DVD with par2s.
I treat apple ID and google ID like throwaway accounts. I would never trust anything valuable to either. The problem is that it is very hard for "usual people" to do that.
I will also never have an electronic ID. We (Switzerland) were dumb enough to vote yes for it but we are giving away our freedoms eventually.
We need regulations to ensure vendor cannot lock in users and cannot threaten them. Everything should work like if you have your own domain and use email. If your provider go nuts, move your hosting and change your MX and point your local copy to it.
This should not be reserved to some nerd like me, it should be an universal right.
It is already late, but it can be reversed. We need for more sotires like this one to errupt, so people understand.
The digital ID in Switzerland [1] is literally the best case scenario from a privacy standpoint. It is basically an ID that is stored on your phone that can send a signed copy of your data to someone verifying it. But instead of sharing all your data everytime it can also only share part of your data or only verify that you are above a certain age.
I personally prefer this to sending a copy of your ID and a video with my face to someone verifying service provider that verifies my identity for a bank or some website.
> I will also never have an electronic ID. We (Switzerland) were dumb enough to vote yes for it but we are giving away our freedoms eventually.
What's the link with the rest though? Your government already knows you, whether your id has your information printed with ink or stored on a chip.
Belgium has had electronic id for decades now and I fail to see how it has taken away any freedom, but it has enabled people to get their official documents online without having to make appointments in person in most cases.
I think the fear many people have is that digital ID will be required for non-government services as well. I can easily see that happen in the USA and Switzerland is the kind of weird that may also let that sort of thing happen.
With things like age verification becoming mandatory just about everywhere and actual privacy-conscious digital age verification being very difficult, there's definitely a risk towards abuse and badly designed authorization mechanisms (although the EU's open source backend and frontends should make it easy for other countries if they do actually care about privacy).
The kinds of things you want here, and that I think we all do, are hard.
Yes, ideally a trusted intermediary would do something like… read your digital ID (which stiLL doesn’t guarantee it’s you providing it, up to a point), examine a birthdate, and sign an attestation to a liquor store that “this user is 21 or older” without you ever having to fork over your name, address, or biometric details.
The will to enforce such measures, at least in the US, seems low.
It seems to me as if it would get used by the same services that already require an id, except they would now not require a physical check of the id anymore.
You don't? Google already requires ID for developers in Belgium [0], and it's complying with regional laws for age verification [1]. The EU is also starting to look at age verification [2]. I don't see how it's such a stretch that Google may want to expand this further even in the absence of government demands, considering the huge ad/data incentive for them to directly link accounts to IRL identities.
> The problem is that it is very hard for "usual people" to do that.
Exactly, for all the victim blaming in other comments, try to explain 3-2-1 backup to non-technical people and you'll be met with glazed eyes.
Sadly I think it's going to take more people losing their irreplaceable data and for the network effect of having it happen to someone close to actually see any change.
There's a surge of people losing their Google accounts with hackers abusing parental controls at the moment, although I suspect a lot of those people will just move to Microsoft or Apple thinking they're safer until they get burnt there too.
As more non-deterministic AI is built into abuse systems it's inevitable that there'll be more false positives, couple that with impossible to access human support to override the decisions, it's a risky time to trust your irreplaceable data with anyone but yourself.
You could do everything right and still get locked out.
Same experience with Google. I was setting up SSO for a new web application and set off some AI flag on a sub domain for our company website. For 2 weeks every visitor saw a warning that out site was a phishing scam. Nightmare. With no recourse. No number to call. No person to talk to. No actual explanation of the error (I still don't know exactly what I got wrong). I just took it down, waited, and prayed.
You may want to consider filling a small claims lawsuit against Apple for the maximum amount of damages your state permits in small claims.
It's not really about winning the claim. It's about getting them to acknowledge you and hopefully resolve it before the court case comes up. That is, you want them to "settle" by restoring your account.
The OP is in Australia, but I'd like to add some advice which would apply in the US: Apple is one of the few organizations which does not use an arbitration clause, which means suing in court really is an option.
(With the exception of some services like their credit card, but you can opt out of that more easily than any other arbitration clause I've seen.)
Send this in an e-mail to tcook@apple.com. He has a team that reads for stuff like this and can magically fix issues.
I've had to do it before, also for a gift-card-related problem (different from yours), and I was contacted by a member of the Apple executive escalations team a couple days later.
That's an unhelpful and unnecessarily nasty comment. Millions and millions and millions of people trust Apple. Whether you agree or not, to say they "deserve" something like this for doing what any normal person on this earth would do (and is marketed-at to do) is obnoxious.
I don't see stories anymore from this working. Back when it was under Jobs, there were more concessions from his team operating the account. And maybe in the early Cook years. Apple has trimmed a lot of fat.
I did read about part of the product development org having a standup about trending social media cases, and prioritizing followup on items that were under public scrutiny.
I have a friend who did this last year after he had a poor support experience with AppleCare for his Apple Watch and he got a call from Executive support early the next morning
This just makes me extremely concerned for the iCloud transition I’ve been making. It shouldn’t be this easy to perform a user-disruptive action from the support/ops side. I would think they’d have visibility to some sort of “reputation” metric, given the age/purchase history etc even if anonymized.
I can understand this happening if it was a freshly created account topped up with a sus gift card but it’s unacceptable that the first action is to completely block an account with history.
Even more concerning is the nonchalant support response to “go create a new one” with emojis. C’mon Apple — this is just a terrible way to respond to this situation.
A lot of fraud bans are just automated in my company. Apple probably outsources Customer service to the lowest salary places they could dump it to, and call it a day.
If I were the person at Apple in charge of this kind of matter, I would ignore this case, just as I do for other regular people. Everyone should be equally not cared for by Apple. That's how Apple sucks in a way I can accept myself still using their product.
If the only way to get your digital property back is a public plea to your Lord, that's called feudalism. Everyone should be treated fairly, not only those who can get their public pleas heard.
You just made it clear to me why I felt not resonated and a bit uncomfortable reading that article, despite I thought I should be. Because what I want to see is something straight like "fuck you Apple", not a begging and emphasis on how much the author has contributed to the megacorp.
"fuck you Apple" is not a correct response either. Bad Apple, good Apple, is just more of the same. Asking Lords to be benevolent is not what we should want.
Just like landlord can't just lock you out of your house, with all your property inside, but has to go trough legal process, we need to have legislation and regulation for the same with digital property.
This is horrible and a big reason why I refuse to go “all in” on Apple, Google, or Microsoft (among other reasons). Apple is the one I’m closest to given my hardware, though.
Given how invested you are in the Apple ecosystem I can’t fathom why you would go get an Apple Gift Card from a store to do this kind of transaction, though. It wouldn’t even cross my mind to do it that way.
OP is in Australia. Most stores that sell gift cards have loyalty cards that give points for gift card purchases. And a few times a year they give bonus points (e.g. 10x) on gift cards, that can result in an equivilent 10-15% saving.
You can even use this to get an effective discount on hardware, as you can use your Apple account balance to buy from Apple.
Yeah it seems odd, and if Apple won't tell him or do anything, it might be because they can't: such as circumstances of an active police investigation.
We are obviously not going to get a fuller idea about this situation from a blog post, and while I won't assume that the author has done anything wrong, there have been similar stories in the past where the affected individual was deliberately withholding the whole, much more illegal, story.
Presuming his innocence: What could have happened here is that the gift card he's purchased has been marked as part of a scam operation. Apple gift cards are frequently used for "tax bill" and "police fine" scams in Australia (where they are sold there is often signage informing people of that.) So potentially this person is accidentally roped into that.
Also it's not entirely unheard of to purchase gift cards for long-time users (who would normally just use their linked credit card), as the cards are often sold in the retail space with a 10% discount, or can be redeemed as rewards through points/loyalty schemes.
With all that said, at this point if he's not getting anywhere, he should approach a lawyer, as they'd be able to petition on his behalf (whether that is to Apple or to the state of Tasmania.)
I just want to point that buying gift cards in order to participate in gift-card arbitrage violates both apple rules and payment provider rules.
If you are buying large amounts of gift cards and then redeeming them, it is critical that your purchasing patterns do not look suspicious, such as buying more things that a normal user might need: multiple iphone wallets, multiple iPhones, or similar items.
There have been so many cases of Apple, Google, etc. doing this that it's hard to have any sympathy for them at this point. If it was some grandma who didn't know better that would be another story, but the author was surely aware
- that Apple *can* always *just* disable their account
- that Apple regularly *does* do that
- that Apple does not care about them at all
and they chose to bet their entire digital life on Apple's benevolence anyway. They lost that bet.
We need more stories like this hitting the mainstream news until even a non-technical person's reaction to this is "well, what did you expect?"
My grandfather’s Apple account was blacklisted too but I was less sympathetic to him because he genuinely sends spam email from his personal account (it’s politically motivated).
One day he was bricked from his accounts because he ran afoul of Apple’s ToS. The problem then was I couldn’t feel sure that he hadn’t actually done something which a reasonable person would say should result in account closure.
Paris’s case is much more strange, because it feels more likely to be a false-positive.
There is no legal right to have an account with Apple or Google, and I’m not sure I want there to be. But so much of our lives are built on these services and these stories erode our trust that the services themselves can handle the responsibility of adjudicating acceptable use. We need our digital accounts to be robust in the very long-term, even when there are bad actors who want to do all manner of bad things. And we need to feel confident that a properly empowered human reviewed the case and can articulate the reasons for a ban. When we charge a person with a crime, we tell them what the crime was and give them due process to fight it. I’m not sure I want the courts to decide these questions but we need some more due process when it comes to account termination.
> There is no legal right to have an account with Apple or Google, and I’m not sure I want there to be.
There shouldn’t be a legal right to an account, but there absolutely should be a legal right to sit down with someone from the company to plead your case, understand why the account was locked, and at least be given the opportunity to gather your things if they decide not give you a second chance.
If you get evicted from an apartment they don’t just change the locks and keep all your stuff…
There should be a legal right to a clear explanation and a mechanism of appealing these decisions with an external organisation. I think it’s unreasonable to expect that they should be able to delete users this casually with everything that is tied to your devices.
You could make it so costs for arbitration could be paid up front by the person appealing and then if the account deletion was deemed wrong the company refunds said user. Could probably apply to monetisation on YouTube that I see withdrawn for very dubious reasons too.
>arbitration could be paid up front by the person appealing
We need a constitutional amendment that prevents binding arbitration agreements, which removes judicial review from public accessibility.
There absolutely should be a legal right to pursue this through the courts (which require a response from the company, to avoid default judgment).
----
My main PiHole blocks all of *.google.* & *.apple.* for many reasons. My exploration into PiHoles began a decade ago, after Google pulled a similar response-less account termination (without explanation). This left me unable to update a blog (with several million annual impressions), with no recourse [0].
[0] Unlike OP's situation, I was able to download most of my writing/photos, only because they were public-facing (website).
My partner was locked out by Apple last year during a password/device change gone awry. Two weeks and we finally got through to someone competent who fixed it. At one point it looked as though we would lose many of the videos of our son growing up.
Since then I have been removing myself from the ecosystem - my email is from hey, file sync on Dropbox, obsidian for notes, whatsapp for messages. Sometimes it doesn’t feel as joined up, mostly it is way better.
Moved to framework computers + omarchy last month and am not looking back.
It sounds like the gift card # is included as part of a police investigation (as you already know scams often use gift cards as payment) - which would explain Apple's inability to help you or provide information (because they would be required by the state not to.)
You should approach a lawyer to petition Apple and the Tasmanian police on your behalf.
This seems to happen quite often. Not just with Apple, but also with Google. In spite of this obviously insane behaviour, EU governments want to rely on Apple and Google for smartphone-based electronic government IDs.
Apple clearly has a problem. In recent months there have been a number of reports online of people getting locked out of their Apple ID/iCloud, the appeal getting denied, and Apple refusing to disclose why or reverse it. Generally those reports don’t relate to gift cards or developer accounts.
My father passed many moons ago, and the family wanted access to his icloud account and they did not have the password. This was a huge struggle. Finally, after weeks, we were able to reset the password, but only because we had access to the email he used. In retrospect, perhaps it is a good thing that Apple restricts access like this for privacy and security. But in this digital age there should be other mechanisms in scenarios like this. What if i wake up from a coma, and forgot all my passwords and have not recorded them physically anywhere ?
There is part of me that sort of wishes this would happen to me. I wonder if getting locked out of my cloud identities + bricking all my devices would actually be a great blessing in disguise from the Machine?
if you pay for service you should receive some guarantees it is your money, it is crazy that there is no cool-off period where you get banned like this even by mistake or by Apple deciding they do not want to offer a service anymore and allow you to take out your stuff before fully shutting down.
This sucks Paris. What hope does the normal joe have to get a fair shake if you can't even get this resolved? The layers of click through contracts, opaque terms, LLM customer service, un-empowered customer service, and arbitration agreements make this a crazy relationship we get into with big tech. If we have a problem like this, we should be able to talk to a person at the company that can resolve this right without threatening a lawsuit. It's nuts.
I'm curious about the apple's passwords app. Where you able to use it? What about passkeys?
Out of curiosity, why did you buy and redeem such a large gift card instead of paying directly? And was this a form of payment that was unusual in light of your account history?
I have similar questions. At the scale Apple operates I'm sure mistakes are made all the time, but often it feels like there is something missing when these types of stories pop up. I have had support from Apple before and they went out of their way to help me, supervisors doing research and calling me back for example. How Apple stonewalled here makes it seem like it was more than a single large gift card that caused the issue.
Back in 2015, I traveled to the US and wanted to buy a Macbook Pro at the Apple Store. The configuration I wanted wasn’t available in Apple Stores, and I couldn’t buy it online because at that point there was some limitation in the online store like they only took US credit cards, or something.
At the Apple Store, the employees suggestion (a more senior one, who was consulted) was to buy a gift card for the computer’s cost (~$1500) and pay at the online store with that. I didn’t do it because buying “virtual stuff” for that amount seemed crazy (this was a huge amount of money for me, at the time).
Big tech giants locking unsuspecting users out of their digital lives is nothing new. What would it take for our society to stop relying on these closed, walled gardens for critical stuff?
How many account lockouts must occur before we accept that digital life built on permission rather than ownership is inherently fragile?
This sucks, I hope you can somehow reach Apple and get them to unfuck your account.
My own experience with big tech account bans was much milder, so I learned my lesson without much pain. I got a "free Azure credit to learn cloud computing" email from MS, redeemed the credit, created a VM, started clicking around the settings and got locked out. Raised a support ticket, asked what I did wrong, told my account was flagged for suspicious activity. I asked what I did wrong again and got a reply that my case had been reviewed by a human and that my Azure account wouldn't be reactivated. Thankfully, my primary MS account didn't get banned for that.
Conclusion #1: it's frankly insane that a big tech company can fully terminate your account with no means of recourse. People like to mock the EU and its lawfare, but I think it is the best candidate to force the tech firms to implement some sort of firewall between their various services, so they can't terminate your access without prior notice or without compensation.
Conclusion #2: those who are reading this, don't put all your eggs into one basket and teach your friends and relatives to do so as well. That is, if you have to use the services of various big tech companies, spread them around. Have a boring account with one company that you use for free stuff, a boring account with another company that you use for paid services (if you can purchase services X and Y from two different companies, do so), a boring account with a third company that you use for getting paid, a fourth account that you use for shitposting and getting into arguments with internet strangers.
Yup. They did the same thing to me a few years back. Not sure why. Had to re-apply as a developer with a different email address. I don't use Apple products anymore.
I upvoted this for visibility but if you put your entire digital life in the hands of any of these tech companies and store all your shit in the cloud with no local backups, you are at least as blameworthy as they are. I’m less surprised that Apple would do this than I am that somebody who is clearly tech savvy could be this stupid about tech.
I hope OP can get his account unlocked. This is a good reminder for everyone else, backup your cloud data to a local drive. But thats just one part, the social / email OAUTH side of things, phone accounts etc..., terrible situation. It should be easy enough to walk in a HQ / office and show credible ID and get your account unlocked.
My son was just scammed out of $1000 using some gift card scam. Typically these gift cards cannot be revoked once issued and anyone using the gift cards (like the people who scammed my son) would be able to reap the rewards without any consequences. I’m hopeful that Apple has found a way to track fraudulent Apple Gift cards and are now locking people’s Apple ID who use them. I suspect there’s more to the story than is being shared. What’s the provenance of the original gift card? Could it have been obtained through some not 100% above board means?
From other comments explaining the kind of scams running at the moment, one possible scenario is that the card may have been taken, tampered with by a scammer (and the code recorded), and then placed back in the supermarket, with the scammer waiting until the OP purchased it and it was activated at the checkout.
Perhaps between the scammer redeeming it and the poster then trying to redeem by entering the same code, the scammer’s account was flagged and then the OP’s account terminated along with the scammer for using the same code (even though the OP had done nothing wrong).
"Many of the reps I’ve spoken to have suggested strange things, one of the strangest was telling me that I could physically go to Apple’s Australian HQ at Level 3, 20 Martin Place, Sydney, and plead my case."
This does not seem strange to me and could be a course of action. When I moved my domains off Google because of this type of "banned without recourse" possibility, I found a registrar that had a physical address, small office, and people listed on the company website (porkbun) so in the worse case I could fly to the office and straighten things out.
No mention of even going to an Apple store. Maybe the nearest one is very far away from him?
This happened to me really early on when my original Apple ID had an invalid format, as it was an ID made prior to the current version of Apple ID everyone uses, and Apple refused to port what I owned to the ID that I was forced to generate to sign into my newer device. My old ID had software no longer available in App Store, so this wasn’t just a matter of needing to repurchase apps- they were taking away my ability to use applications I bought from them. Since then, I’ve been incredibly wary of losing my Apple ID. I have a lot of respect for Apple, but I would bet that it’s easier to deal with ID related problems for someone with Q level clearance in the U.S. government or even a non-existent Men In Black ID problem than to resolve a problem with an Apple ID. They probably would tell the almighty to get a new ID.
Off-topic and a stupid question: why does anything related to Apple attract so much attention on HN? As a newcomer, I assumed HN focused mostly on reverse engineering,retro computing, and deep technical topics.
Tech stopped being full of tech nerds when 10 weeks in a JavaScript boot camp and a few thousand lines of code in your personal GitHub would land you a $140k remote job.
Maybe now we will start seeing a reversion to the people in it for the passion.
I would not say your list is anything like complete, although those topics are often discussed here. Apple is a huge player in the general computing ecosystem, and probably a majority of front- and back-end developers these days work on macbooks, so it isn't surprising that the things they do resonate in this community.
Apple offers the most convenient computing experience available to mankind as of right now. That's why I care, at least. I love their products and services, but not so much when it fails (as in the authors case). That shit is scary.
HN hasn't focused on those topics in a long time, they rarely are on the front page. Skip the top 20 articles and you'll start to see some interesting content instead of all the VC & AI drivel.
Hackaday is a content aggregator site that usually has more content on these topics - https://hackaday.com
If local backups were not so hard...
It is sometimes impossible to back up an iPhone to a computer; yet seamless to backup to iCloud... Infer what you will. I am skeptical of over reliance and dependance on Apple more than ever. Unfortunately, interoperability is something we can wish for rather than expect.
I dump photos and videos I want to preserve into a WeChat/Whatsapp chat and use their desktop apps to download to an external HD. It’s a bit of trouble but still easier than doing this natively in Android or Iphone.
Maybe events like this will be a wake up call to our community. Virtually everyone around me uses Apple everything - colleagues, friends, family. And they find it weird when I say I don't use Apple out of principle and I even have to justify it.
This happened to me as well with a secondary iCloud account, and I still have no idea what triggered the ban. Apple support said they couldn't reverse it. The account was on an old iPhone, and after the ban, it became impossible to log out, rendering the device e-waste overnight. I at least didn't have any valuable data in icloud. But that experience prompted me to stop using Apple products or any other device that requires an online account to function. Fortunately, since recent AMD APUs are quite capable, I sold my MacBook M2 Max and have happily returned to using x86_64 Linux. No more Apple in my life, ever.
You do not own your apple account, and you never did. I would take this as a chance to learn about digital sovereignty and self hosting where you control your own data so this never happens again.
Google and Apple can and will delete your content at any time for any reason and there is no appeals court.
This is really sad that some people are in ways blaming it on the author. While I do advocate zero to almost zero usage of services by these OEMs or big corps, in today's world everything, or almost everything, is linked to your email and/or phone number and in turn with a computing device, which, for me, makes these OEMs essentially public service providers for a cost. Locking a user out literally casts that person out of today's society — communication, dating, groceries, transport, hell, in some cases maybe even health care and emergency services — you name it. So it's very ingenuous and unkind of us not to raise hell and shout for extreme accountability on these corps' part instead of reminding a victim of T&C and not having diversified the online services usage enough across providers.
Any company or entity ought not to be allowed to wield power over our lives, like locking someone out arbitrarily, let alone via some asinine, half-baked algorithm.
Why do people still do this, why??!? This is not an ignorant user! The author (and victim) has written several books about Apple tech, how do they not know that these "platforms" cannot be trusted with anything -- especially data that isn't backed up somewhere else!
Companies don't care about people, and the bigger they are the more evil they behave. They need to be treated like hostile business partners because that's what they are. They're only after money and absolutely nothing else.
This is not some radical leftist manifesto, it's the plain reality. And it's not new either. It's always been like this.
I do have an Apple ID, which was banned due to fraud and customer support couldn’t do anything about.
The thing is, that account was just used for dev. things for the US company, which builds/sells software for the US federal government (among the other US entities).
This is why I self host my blog. My email. This is why i try to stay away from the convenience of big tech. It is not the first time this happens and it will not be the last.
This kind of Kafkaesque behaviour is what I've come to expect from any kind of online services. It's also why I won't use anything that cannot be setup offline.
While I understand the attraction of doing so, I’m not sure I like the implication in the post that the reason this needs to be reviewed is because of how loyal of a customer this person is, or the fact that they have written books on developing for Apple devices.
Wen thinking about risks from depending on the cloud, people fixate on the risk of losing data, when this kind of denial of access is a much more likely occurrence.
I've started on my de-appleification plan in earnest this year:
I used to have an eBay account, and at some point, despite not having used it for a year or so, I got an email saying I was permanently banned from eBay.
No appeal, no reasons given, no possible way to create another account.
Just. Banned.
The companies need to be big enough to provide the amazing services they do, but once they are large enough they will never care about individuals.
My internal model of large companies is that they are intelligent, psychopathic aliens. The people in them are like cells in our body, important for the function, but with no agency, and they are not who you are dealing with.
You're dealing with the company, and it's an inhuman, psychopathic alien.
PayPal permanently blocked my account and all of its connected cards and bank accounts after I sent them my passport for some verification (I don't remember why). It was because a lifetime ago I had opened my PayPal account as a minor.
The broken logic is that it will expose why the account was flagged, and thus, allow 'bad actors' to better navigate and bypass such flags.
Of course, this is absolutely silly and beyond absurd, for bad actors share information of forums, can deduce fairly easily, and even have help from people on staff.
Such actors typically know about detection and flagging methods within days of implementation. There's literally zero benefit to secrecy. None. Security through obscurity can be a beneficial additional layer, but it simply never helps here.
We really should pass a law requiring full disclosure of the precise method of banning. I can even see a 'trial' period, where accounts activated (and used!) for 3 months receive this benefit, but new accounts, or new + dormant accounts do not.
This should likely be coupled with mandated full refunds of phones or computers, as an example.
Note that this isn't a 'free' account we're talking about here. An Apple account, or a Google account is required to use an iphone or pixel in its default config, and all the features it entails. These accounts aren't free, they're part of purchase cost, and core-required.
(Even if it's a, for example, Samsung phone? It comes pre-installed, with uninstallable Google Play cruft, as part of an agreement with Samsung. Same conditions need apply here)
Not for long. Android phones (with Google Play Services) will soon require some degree of authentication to sideload applications, once that happens then those phones will only have the barest of features available without a Google account.
For the average person, including buying apps, this simply isn't a reality.
And Google will now be throwing up massive "OMG! You're going to install an app that isn't from the Play Store?!" warnings to anyone that tries, including requiring some degree of technical skill to do so.
> That‘s always the most kafkaesque part of these problems and should be illegal
it is very likely illegal to tell him. it was triggered by the use of a gift card, and therefore very likely to be AML, and in many places (I am not sure about Australia specifically) it is illegal to provide information in the circumstances.
I went back to an MacBook pro M5, after being away from Apple for a year or 5 (Lenovo etc).
I tried to re-enable my apple account but I had to wait 5(!) days to change the password. I ended up making another account.
It's a defence mechanism against account hijacking if someone has access to your phone number, linked to your account. Went through the same procedure to recover an account I haven't been using for a few years.
This is a good post and I wish all the best to the author that someone from Apple can help resolve this. I will personally never use iCloud ever again because of this.
Companies like apple should be liable to pay many millions in damages for this kind of shit. The people should make it hurt so much for them that they think twice before doing it without having a clear and working appeal process where you are clearly explained what happened and guided through it.
It's really difficult to give up the convenience of cloud-based accounts. It would be nice for regulators to step up and protect consumers when it comes to this kind of thing.
As someone using Linux to build web applications, I wonder what about the Apple ecosystem could make it worth to have such a Damocles’ sword hanging over me my whole life.
Am I missing something? My current perspective is that not only am I free of all the hassle that comes with building for a closed ecosystem, such as managing a developer account and using proprietary tools, it also comes with much harder distribution. I can put up a website with no wait time and everybody on planet earth can use it right away. So much nicer than having to go through all the hoops and limitations of an app store.
Honest question: Am I missing something? What would I get in return if I invested all the work to build for iOS or Mac?
Plenty of things do work better as a native application. Packaging is a pain across the board nowadays. Apple is pretty good, you pay a yearly fee if you want your executable signed and notorized, but they make it very hard to run without that (for the lay person). Windows can run apps without them being signed but it gives you hell and the signing process is awful and expensive. Linux can be a packaging nightmare.
If you're full in Apple ecosystem, like my GF, you get:
- Shared clipboard across devices
- Shared documents
- Shared browser
- Shared passwords
- Free, quality office suite
- Interoperable devices (use iPhone as camera on Mac, for example)
- Payments across different devices (use clock to pay, for example, shared with your iPhone)
All of this with just one account without any third-party service.
And billion of things more, probably, I'm not a full Apple head.
In the rare case (maybe once per month or so) where that happens, I start a script on my laptop that starts a webapp both the phone and the laptop can open in their browser and send text to each other.
The overhead of starting it and typing "laptop.tekmol" into the browser on both machines is only a few seconds.
That seems mich saner to me than to constantly have some interaction between the two devices going on.
And that website is hosted somewhere, you’re using several layers of network providers, the registrar has control over your domain, the copper in the ground most likely has an easement controlling access to it so your internet provider literally can just cut off access to you whenever they want, if you publish your apps to a registry the registry controls your apps as well.
There are so many companies that control access to every part of your life. Your argument is meaningless because it applies to _everything_.
A trustless society is not one that anyone should want to be a part of. Regulations exist for a reason.
Not wanting centralization under one company does not equal advocating for "trustless society".
All the things you mentioned (registrars, ISPs, registries, etc) have multiple alternative providers you can choose from. Get cut off from GCP, move to AWS. Get banned in Germany, VPS in Sweden. Domain registration revoked, get another domain.
Lose your Apple ID, and you're locked out of the entire Apple ecosystem, permanently, period.
Even if a US federal court ordered that you could never again legally access the internet, that would only be valid within the US, and you could legally and freely access it by going to any other country.
So in fact, rather than everything being equivalent to Apple's singular control, almost nothing is equivalent (really, only another company with a similarly closed ecosystem).
If aws decided to block your access to their ecosystem you would lose so so so much more than Apple blocking your access to theirs. If the US decided what you said, t1 networks would restrict your access across much of the planet.
Your logic makes no sense since you can easily switch to Google or whatever other smartphone providers there are (China has a bunch).
But of course those providers can also cut you off, so what I said still applies.
I have had an apple id problem myself, for the past N years. Mine is an old mac.com account, which has my Gmail address as the backup email (and the primary one now that mac.com isn't doing email anymore). Because of this, I cannot sign up for a new account with my Gmail (it is tied to the older mac.com account).
I've managed to reset the password, but I must answer a security question to log in. I mean, I answered those security questions probably a decade ago and I do not know what they are anymore. You can reset your security questions, but to do that you need to use an iPhone (last one I owned was a 4) that is still logged in, or, answer a security question. Which is as we established, the problem.
So every couple of months I log in, try a few other possible answers, get them wrong, and get locked out for a bit.
Anyway, I need to get this fixed my march, due to apple being the formula one streamer in my country now, so I have to actually solve the problem of logging in to my apple account. Or, I guess, making another random email just so I can watch f1. Sigh.
But if anyone knows how to reset security questions, I'd love to know. I would way rather pay apple actual money than go back to torrenting the races.
It sounds like you unfortunately have gotten yourself kinda stuck, but I very much sympathize. I too have an account dating back to iTools, and for a long time it was a major frustration that I was stuck with that original email address as unchangeable for the Apple ID, unlike newer accounts. However, some time in the last, I dunno 3-5 years maybe? I can't remember now the exact time I noticed, but after over a decade of requests and fading hope Apple actually did allow me to change the email address for that Apple ID, which I shifted to my own domain. So for anyone else who hasn't checked in a long time, worth noting situation might be marginally better now.
Re: "mac.com isn't doing email anymore", all the original mac.com email addresses still work fine. Apple has played around with various domains (mac.com/me.com/icloud.com) over their decades of bumbling with online services but they made them all interchangeable for older users, mails to the original @mac.com emails still go through. Even originally made aliases (they allowed 5 with iTools) still work. Not sure what your issue was on that one.
Finally yeah, ""security"" questions are one of those horrible legacy anti-patterns that I will cheer to see finally be dead and buried. If you try to answer them honestly probably anyone can learn it with a bit of online searching, if you go for more obscure stuff they're easy to forget defeating the purpose. It's really best just to treat them as extra passwords, use random alphanumeric values and keep them in your password manager same as the password. Apple has also fumbled around with recovery over the years, at one point you had options to have a manual recovery key you could save but I think that's dead and can't set it up after already forgetting. Maybe if you go in person to a store with physical ID and evidence, if you had payment associated with the account and have that credit card for example that might do it.
If you have nothing of value tied to the account though probably no reason not to just abandon it.
youremail+anystring@gmail.com will always redirect to youremail@gmail.com Before making a random email address, try using youremail+f1@gmail.com or something similar.
Yeah literally the exact same thing can happen on android and windows. The solution is regulation, not ridiculous solutions like telling billions of people to back up their own stuff.
How do you that with Apple hardware that requires an AppleID to operate?
Is your advise to avoid all Apple hardware?
Or buy backup hardware none of which will run MacOS / iOS, so you still couldn't access things like your Apple Developer account, or any shared documents?
The stories of online-only service failures are legion. And yet if you can get face to face support, even one person can do so much. The gap is infuriating.
I didn’t notice, do you have a Brick and Mortar Apple Store you can visit? I can’t help thinking this as I read the post.
Of course this is not a physical hardware issue. Where a store employee could just hand you, say, a new phone. This is on the level of getting a slot on Tim Cook’s day planner, though I imagine the person with the ability to fix this is an underling many levels down Cook on the org chart.
Sounds like something triggered a suspicious activity report. Not sure if it also applies to the likes of Apple but they’re forbidden from revealing any information about what caused it, etc with the customer or anyone.
Perhaps the most annoying thing about this, certainly after getting traction on HN, is that his account will be reinstated....
...and then nothing. No sorry, no "here's what went wrong", no blog post to address the angry masses, no recognition, reconciliation, or reformation. Just things working again and silence.
Getting a special "notice me on social media (like HN)" fix won't actually fix the problem with using Apple's systems. It's just a temporary reprieve until some other aspect of their control of one's life breaks (by accident or indent).
Same story here. I'll never go back to Apple Music, even if only for streaming. I had hundreds of tracks and albums just demolished by something related to iTunes Match, didn't realize for months, and didn't have a solid backup system at the time.
oh man, I started with iTunes Match because that's the only service that I could use to backup all my MP3s, and now it's all messed up and so much music has just disappeared from my playlist... so sad.
Unfortunately I still don't know a service I can use that will allow me to sync my current MP3s / what I have in Apple Music, and export it if I need it. There's really an issue of owning data and being able to take it elsewhere :/
fwiw: when I've uploaded tracks I've purchased, it almost immediately locks them because they're copyrighted... because AFAICT it's a feature for independent musicians to upload their own stuff, not a library backup. all the text around it seems to support that interpretation.
oh that's interesting. i'd tried it several years ago but had not tried uploading anything like you did, so had not noticed that deficiency (randomly).
yea - in retrospect I think it's pretty clear about it from the text on the screens... but it surprised me too, because the initial UX is designed exactly like every other "upload your own music library so you can stream it anywhere" feature elsewhere. which is rather strangely blind to their own ecosystem, and tbh I don't see the purpose of a lightweight "upload your recordings from your phone!" feature, artists generally like a bit more control? afaict? or they just stream it somewhere without any metadata, neither of which seems viable with what Tidal's UI supports... but it's pushed in a prominent location for every listener on Tidal. surely there isn't anywhere near enough use to justify that... right?
I'm relatively happy with Tidal, but there are definitely a number of moments with it that make me sigh and internally say "see, this is why Spotify is winning". so much of it would be easy to change too, they just don't do it.
Does anyone know if in the USA you could simply use small claims court on every individual device and service to get likely default judgements against Apple and then when they are unlikely to pay up, get a judgement against Apple and make a big deal about strolling into a store or even HQ to take Cook’s own devices out of his office or maybe just seize his corporate jet and auction it off?
What I've learned from all these disaster stories: have backups for everythig. I have an iCloud+ subscription but also a OneDrive subscription, photos are sync'ed to both storages. On gmail, I set up fwd for all emails to another email address (non-Google related) just in case. Of course you can't do this for every service but do it for the ones you can.
On a meta note, Fuck Apple, I'm so glad I didn't pursue an iOS developer career 10 years ago.
This is disgusting and unconscionable conduct by Apple. Your whole life is locked into your account (digital data and physical devices), and they either don't care or don't have the processes in place to fix it.
This is the kind of thing they need to be sued on a massive scale for to solve but it's too rare and too expensive for anything to ever happen to them for it.
hopefully he’ll get resolution by bringing his case to the “media”. Still, for someone who heavily presents the argument that he’s a professional writer and even says “I am asking for a human at Apple to review this case.” , I find it odd that he tries to make his case via an obviously ai-written post.
I mean, isn't writing what you said you do for a living?
It's one thing to lock someone's account so they can't make payments or whatever. It's another altogether to lock them out of accessing their own documents / photos / etc. That's just 100% unacceptable regardless of what triggered it. And even if they did have a valid reason to lock your account, at the very least it should be, "you have 7 days to download / clear out your documents".
Absolutely horrible black mark on Apple.
I'll be buying an external HDD to download all my photos / iCloud docs to. I've been too trusting.
This kind of thing happens more often than people think. You trade convenience for blind trust and sometimes that trust gets revoked without warning. Whether it's Apple, Google or whoever’s "ecosystem" you live in if you don’t own your keys and data, you’re just a tenant who forgot the landlord doesn’t take calls.
I've been locked from my apple id for two *months*.
Even though I:
- had my recovery password
- re-confirmed the email
- re-confirmed my phone
They just kept telling me "we'll contact you in two weeks", and kept not following.
Then after the 4th recovery they sent me my recovery link on email (in any case weeks later).
Worst of all? Their privacy and security they keep repeating like propaganda are beyond bogus. Sure, they de-logged me from all of my accounts, that I appreciate, but I had 0 issues accessing all of the contents on my hard drive if I was a thief with a simple script in recovery mode I could still access everything. Where's the security? Propaganda only non-technical normies believe and then repeat.
I'm never ever buying Apple products ever in my life, I've got MBPs that my clients send me, but that's it.
I know this might sound cynical... But the author should really understand that Apple gives less than zero fcks about them. Apple is known (and, weirdly, loved) for being tyrannical in this sense. Apple is known for their "my way or the highway" approach to anything, without much explanation and with self-attributed "we're always right" attitude.
> The Damage: I effectively have over $30,000 worth of previously-active “bricked" hardware. My iPhone, iPad, Watch, and Macs cannot sync, update, or function properly. I have lost access to thousands of dollars in purchased software and media.
And that's why people complain about Apple's walled garden. Given the size of the damage I'd look into getting a lawyer involved, and possibly try and get Apple to court (in coerce them into being reasonable).
Frankly, I'm taking note of the archived page (https://archive.is/jrsLV) that I will reference to anybody that will ask why not to trust Apple in the future. Note that Google is also known for having a similar approach (there is no way to get support if something like this happens UNLESS you happen to know somebody inside google). Amazon on the other hand has made customer support one of its defining traits.
Btw if you are doing any decent amount of tech stuff, you should REALLY get off walled gardens and at the very least have an on-premise backup solution (an off-the-shelf nas with spinning disks could be a good starter solution).
These online storage services like iCloud and Google Drive are, and always have been, a trap.
They feel convenient, but they will keep changing their TOS to disadvantage you further and further as time goes on.
Everything you upload is scanned into their AI to create a profile about you that they can then exploit (once again, to your disadvantage). They do it despite regulations against it (Who's to say what they're complying with, deep in their complex data centers? Who's gonna even check? And how?) This is why online services that take control of your data are such gold mines (subscription fees, analytics, profiling, etc). They get you coming and going.
And of course, the account terminations: The earthquakes and "natural disasters" of the online world that destroy lives with no consequence or care.
When your data is not in your sole possession, you own nothing.
While I can't help with extricating your data from the fruit factory's claws I do have a suggestion what to do next: get a 10-foot or 3 m pole and use it to distance yourself from them in the future. Self-host your data if possible, find a friend you trust who already self-hosts and see if you can hitch a ride, use some commercial service if necessary but don't allow yourself to get trapped within an 'ecosystem' again. If a company makes it extra hard to use things outside of their own control you should understand that they're not doing this for their users but to remain in control and maximise their chances of extracting as much from their captives as possible.
Don´t check in to Hotel Cupertino or soon you'll be singing along:
Mirrors on the ceiling
The pink champagne on ice, and she said
"We are all just prisoners here
Of our own device"
And in the master's chambers
They gathered for the feast
They stab it with their steely knives
But they just can't kill the beast
Last thing I remember, I was
Running for the door
I had to find the passage back
To the place I was before
"Relax," said the night man
"We are programmed to receive
You can check out any time you like
But you can never leave"
I hope you get it back. I always had the mindset that if I am a paying customer that this type of situation is very unlikely. But you are literally a massive paying customer and you got hit. The truth is you are just a nobody even as a customer who has dumped thousands of dollars as a loyal supporter. Showing up on HackerNews is a positive thing as the only way to get any traction in these situations is either be famous and complain or your story going viral and someone with power seeing your plea.
I worried about only having a physical copy of my family photos so started paying apple for some storage. This type of event worries me. Good reminder to have multiple backup solutions.
Oh yeah and it absolutely does away with bullshit of "If you're not paying you're the product" I'm sorry it doesn't work when these services, even free, are monopolies
You can have free services, you can have paid services but they ALL absolutely have to be answerable to the consumer
I always knew Google and Facebook did this (let's make Oculus a Facebook requirement! oops now you're banned - genius, brilliant, all the people working there have an IQ of 600) but now the trifecta is complete
Seriously can we fucking have any products that work, in the 21st century
The real, foundational problem here is that we have abandoned the principles that made the internet. We don't care about open protocols, we accept walled gardens. Every day those walls get a little higher until eventually someone wins and the only thing that exists is the garden.
I don't know what the solution is, but I think part of it is deliberately divorcing yourself from the big players as much as you can, which isn't much for some people, and encouraging government efforts to break them up and pull down garden walls whenever the opportunity arises.
This is what government is for even if we've forgotten it in some places.
No idea if this has ever been tried, but a GDPR "subject access request" requires a company to hand over all the data they hold on you, which technically should include all your photos, media, messages and everything.
I would like to think you're wrong, but if they fix this, you're possibly right. My career is built on Apple technologies. I don't love that I'm captured by a vendor, but I have a lot of knowledge, and building to that level elsewhere is hard.
I just want to keep using my stuff, and getting on with the fun things I get to work on. I don't have a strong attachment to Apple, I have a strong attachment to the familiar productivity I normally have.
Even if you helped and this is fixed, consider the privileged situation you are in to even get this fixed. Most "normal" people would be doomed to lose their entire digital life. Evangelizing for a Megacorp is dooming more people into willing incompetence and dependency.
Reconsider at least that part. You can work with and use their products (as I do at work with the GSuite or AWS) but I will never recommend or evangelize for them or rely on them with things I care about.
Being a "loyal customer" to any giant corp is just making it extra convenient for them when they fuck you.. You need your stuff as files on a computer you actually control.
That emoji in the last pic felt like passive aggressiveness. I don’t have anything to say but it’s why I never put my eggs in one basket, and essential stuff are always backed up, but if your job is developing in an apple eco system and this scenario happens, it’s basically like getting fired and banned from working ever again!
That applies for any device you buy, yes even if you plan on putting graphene on it. So you’re getting downvoted because your comments are pointless and disingenuous. Also, you can jailbreak an iphone so no it’s not bricked.
There are a few physical Google stores. They aren't really very helpful at anything, and even don't have phones in stock often.
I went to one, wanted a Pixel Fold in the spring, and was told "we'll get one". Some guy left to do so, and 20 minutes later I just walked out. Just as with everything else, when Google does it, it's half-assed.
I have spoken verbally to multiple members of Apple's support teams. Apologies if that was unclear. I didn't record this calls, as they did not permit me to.
Then continue that. It’s definitely a fraud detection lockout due to probably the retailer not properly registering the gift cards or something similar.
If you can’t iforgot.apple.com, then support is your only option. No one else has access. Only Apple Support.
You have a case number, keep calling every 12 hours asking for an update.
I would love to feel sorry, but seems you’re technically capable of preventing this (unlike most people), just chose “convenience.”
Well, this is the downside of “convenience.”
If you manage to recover your belongings, I hope you stop preaching around how living in a normal apartment in society is good and everyone should accept the risk of home invasion instead of living in an underground bunker with biometric access controls and armed security.
living in an apartment sucks for security. You can't really own a gun and practice castle doctrine. Your landlord has a key to your home and can lock you out at any time, or can go through your mail.
There are other options like living in your own property, living in an RV, etc. that are better if you are worried about security.
If I was living in an apartment, I wouldn't be stashing all of my money under my mattress. I wouldn't run a business out of my apartment such that I would lose all of my equipment if I got evicted.
Similarly, I wouldn't do anything of importance on an apple computer. I wouldn't stash cryptocurrency on it, I wouldn't save my bank account details on it, I wouldn't run an important business that depends on their platforms. Because you're just renting and your lord can change the keys tomorrow.
Where do you live? You are implicitly assuming a rented property. Where I live you can buy a flat. however, even assuming rented, its not that bad, atleast here in the UK.
> our landlord has a key to your home and can lock you out at any time
Illegal to do without notice and permission. You can change the locks as long as you change them back or pay for cost of doing so when you leave.
> I wouldn't run a business out of my apartment such that I would lose all of my equipment if I got evicted.
Eviction requires a legal process that takes months.
> I wouldn't run an important business that depends on their platforms.
That implies no one should develop software for Apple, MS or Google platforms.
> You can't really own a gun and practice castle doctrine. Your landlord has a key to your home and can lock you out at any time, or can go through your mail.
None of this is true in the US.
Castle doctrine applies to your domicile, and is not based on property ownership. If you have a lease, it is your home as far as CD is concerned. WRT gun restriction rules for rental properties, they vary by state, but in states where they can be prohibited, it would require a clause in the lease for a landlord to prohibit a tenant from having them (and these are nearly unheard of in practice because of enforceability issues). And that still would not affect their legality in a defensive shooting.
Landlords usually require written notice to enter the premises, in advance, and cannot "lock you out at any time" without going through an eviction process if you have a lease.
Landlords opening your mail is a federal crime. Mail can only be opened by the named recipient, it's not based on who owns the address of a building it's delivered to.
>Landlords usually require written notice to enter the premises, in advance, and cannot "lock you out at any time" without going through an eviction process if you have a lease.
Sure, in the same way that landlords aren't able to unfairly keep security deposits - they can and often do do it because it takes a lot of time and effort to attempt to get recompense after the fact, and the consequences even in that case are not significant enough to disincentivize them.
I will empathize with you then and with your inability to empathize with the fact that people are different. Some people don't want to admit to themselves that this world is a wolf eat sheep world, trust that if you're a law abiding citizen, you shouldn't expect to be unfairly treated. Some people have more priorities and no time to dwell on harshness. They also would love it if everything just worked and you didn't need to spend 2 months of your life to configure things and always have to DIY everything.
They're not like me and I accept that. I will never use Apple & Google Cloud for my personal things. But I will empathize for those who get unfair treatement from these companies.
The whole meaning of a society is that we look out for each other, these big corpos have lost the plot, but I will not.
It is supposed to be : I buy a service from you, I did nothing wrong, please treat me fairly and do actually deliver on what I paid for.
That we don't trust them isn't how it's supposed to be, I wish I didn't have to do all of these things I do to keep away from big corpos, but this isn't how it is supposed to be. We're supposed to have the ability to trust each other in a society.
I qualified with "technically-inclined". You can't avoid seeing stories like this (about Apple and Google) on a monthly basis if you read tech websites. It is a known risk, which needs to be managed. Failing to manage it to this extent, while also writing tech books, is just baffling.
Apple is clearly in the wrong, and I'm certain that there are thousands of similar cases that are less public. The author is one of the best-positioned people to know and understand that. I'm sure they'll also get their account back, unlike many others.
(I can empathize with the difficult decision they'll face after that: do they continue to promote Apple, or try to reinvent their career somehow?)
"Looking out for each other", in this case, implies telling the people you care about to have backups, and helping them set up. I do that, a lot. I'd try to also help with this plea, if I had any pull with Apple.
I don't understand the sections of your comment with the word "supposed" in them. Supposed by who, and on what basis? What paid-for service are Apple not delivering? I assume they don't charge the author anymore.
If Apple engineers read this: I can't sign in into my iCloud account from my android phone, it just doesn't work, meaning I can't manage my subscription like HBO now that I switched to an android phone.
PS: My plan is to wait for Apple to release a folding iPhone to move back!
But reading horror stories like this is is why I only use the very bare minimum of any of these cloud services. Keep local copies of everything. For developer accounts, I always create them under a separate email so they're not tied to my personal. At least it can minimize the damage somewhat.
It sucks that I have to take all these extra precautions though. It's definitely made me develop a do not trust any big corp mindset.
It's also the buying of gift cards that can get Apple accounts locked: https://old.reddit.com/r/apple/comments/r8b1lu/apple_will_pe...
If enough of these horror stories are publicized, people will learn to never buy/redeem Apple gift cards because of the real possibility of account bans.
- Don't give Apple gift cards to family and friends: You're potentially ruining the recipient's digital life if they redeem it.
- Don't buy Apple gift cards: You risk ruining your own digital life.
If you've been given an Apple gc for Christmas -- and you have paranoia of the risks -- don't buy anything online that's tied to your Apple ID. Instead, go to the physical Apple store to redeem it. And don't buy an iPhone with it because that will eventually get assigned to an Apple ID. Instead, get a non-AppleID item such as the $249 ISSEY MIYAKE knit sock.
I have thousands of credit-card reward points that could be traded in for Apple gift cards but I don't do it because Apple's over-aggressive fraud tracking means Apple's store currency is too dangerous to use.
Otherwise? Yeah. Gift / prepaid credit cards are a horrible scam, because they tend to have a percentage or, worse, flat fee to activate. $4 extra on a $50 card as a gift means you just paid 8 percent just to GET the card.
To add context, your reddit post also mentioned: >, I purchased eleven Apple Gift cards from [...], and apple.com, and added the amounts to my Apple account.
I'm not saying the following applies to you but one can buy Apple Gift Cards using their Apple ID. After adding gift cards to the ecommerce shopping bag on Apple.com, it offers the option : "Check out with your Apple Account"
So Apple would know the exact AppleID at the time-of-sale instead of waiting until redemption. If for some reason Apple's fraud detection system doesn't like the transaction (e.g. unusual ip address from Mexico instead of USA, or too many high-value cards in a certain time period, or other black-box opaque heuristic) ... then the buyer puts their Apple account at risk.
Fraud prevention heuristics are insanely aggresive these days...
Last week, I bought a Netflix subscription and 5 days later, Netflix cancelled the membership for no apparent reason. I got on a customer support chat with Netflix and the agent said it was cancelled because of the credit-card #. It didn't pass their fraud prevention system and to try using another card. At least Netflix automatically refunded the entire amount back to me -- whereas Apple keeps the gift card balance for itself after locking accounts.
In another incident, I used a Chase credit-card at a physical Apple store to buy 2 iPhones on 2 separate receipts. The first iPhone sale was a success. The 2nd iPhone transaction just 1 minute later was denied and Chase locked the entire account. I had to call Chase customer service and recite the make & model of a car I had 20 years ago to prove my identity for them to re-activate the credit card!
So they constantly congratulate themselves for not going to the nearest city, look down upon people who spend time in cities, warn us that we're at risk of the bad things happening, and never miss an opportunity to talk about how bad cities are in conversations.
Now replace big cities with big tech and that's exactly how a lot of these Hacker News comments read.
* My liberal relatives won't own guns because they keep hearing stories about how guns are deadly, even though I own guns and nobody's died yet
* My friend's kid won't pet puppies because he heard they bite sometimes
* My aunt in Moscow didn't want to vote for Putin because he's "authoritarian", but my life is going great
How do you distinguish between things that are actually bad vs overreactions? Maybe it's just based on individual risk tolerance? I don't see the need to put my digital life in the hands of some unresponsive corporation, but the risk is worth it to you and we just have to agree to disagree?
I just pay Apple with my credit card when I want to buy something. Is this some kind of weird credit card rewards churning thing? Are you unbanked? I don’t understand why you’d voluntarily add unnecessary extra steps.
A credit card offers far more protections to consumers than a gift card.
Given the amount of false positives, Apple should have an appeal process for innocent users to regain access to their accounts. It would be nice if this applied to all big tech companies, losing an email address can make other accounts difficult or impossible to access.
I do this all the time and I've done it for years.
I once bought thousands of dollars of Apple gift cards, $500 at a time, by redeeming credit card reward points that could be spent like cash at a couple of select retail stores for 2X their points value.
It's a common practice. The edge cases are scary when you see them reported on Reddit, but they really are rare and generally get resolved after follow up (however inconvenient).
Some people go to extremes to do things like buy Apple gift cards at stores that give them a small discount on gas purchases or something. I'm not nearly extreme enough to do that entire process, though. Having the money loaded on to a Gift Card is inherently risky and I need some significant upside before I'll do it.
I was looking forward to getting $160 gift card for my old iPhone 11 but after reading all this I think I’ll just leave it in a drawer.
https://www.reddit.com/r/CreditCards/comments/1hb6rnj/rumors...
You'd think so. Yet, the stories of PayPal locking up payouts to surprised people keep coming every year - and people still use them.
Commenters here talk about PayPal account closures as if everyone who uses the service will eventually lose their money. Now we're talking about gift cards as if everyone using gift cards will have their account locked.
These stories, while frustrating and sad, are rare occurrences. The majority of people who use these services will not have any experience like these stories you read.
To be honest, I think the average person is probably better at estimating their risk of using these services than a lot of these HN commenters.
At least in Europe, PayPal is a regulated bank which means you can hand the case over to the authorities and they can and will help you out.
Do the bank regulators in Europe typically help effectively when PayPal freezes an account?
[1] https://www.onlinehaendler-news.de/recht/urteile-entscheidun...
[2] https://www.sbs-legal.de/blog/update-sbs-legal-erwirkt-zwei-...
[3] https://www.test.de/Leserfall-Wenn-Paypal-ein-Kundenkonto-ei...
The most money I have ever had on my PayPal account was 100 bucks from a reversed transaction (like, double booking of a hotel room or wrong item sent), otherwise it's just a gateway. It would be annoying if my PayPal account was locked, because I use it a lot to order pizza online and a few small purchases. I could just use my credit card or something else but it's more clicks. And I know a lot of people who do it like this. The only thing lost is convenience. No past purchases, no digital identities.
Maybe you meant the merchants who really amass thousands but I suppose they are a small minority of active users.
It's quite easy to build up a few hundred or thousand USD worth. It feels just enough like a bank account that you think you're safe. Then...well, the internet is full of PayPal horror stories, I won't bore you with my own.
You have a fee for transferring from PayPal to your bank account?
It’s always been free for me, as long as I don’t opt for the instant transfer option.
the number of people commenting like “well I don’t do/use/…” is mind-boggling
Neither the people creating the legislations nor the people at Apple responsible for these flows care very much about collateral damage.
That said, if buying and redeeming gift cards are such an indicator of fraud that people are legitimately afraid of getting their accounts permanently locked, why doesn't Apple just stop selling them?
If you are trying to be a bad person you could weaponize that approach. You do not like person x, send them some Apple gift cards... :o
99.999% chance they happily redeem them and go about their lives.
These stories, while frustrating, are clearly edge cases. Yes I know you can find more if you search social media, but I don’t think a lot of these HN commenters realize the volume of gift cards Apple sells and redeems without problem every day.
I don't like you too.
> Zion serves as a living space for humans who have chosen to be disconnected from the Matrix
https://en.wikipedia.org/wiki/Zion_(The_Matrix)
Does the iPhone require an Apple ID? I don't even log into my Google account with my Android device. If the phone requires an Apple ID, then obviously I'm not buying one.
In the EU, the requirement to support alternative app stores would probably mostly fix that, but those of you in the US are kinda…
One commonality among the stories in that thread from people who had problems was either switching their App Store country or using their App Store account primarily from a different country than the setting.
And in fact, a prohibition is never a solution, it is a reduction in solution options
And this advice takes into account exactly zero aspects of the particular problems a given person may have to solve, besides “problems with Apple”, in a world where most people have “problems with X” for each of the few large ecosystems.
Freedom of choice would mean for N choices, being able to make, well, N indepointed choices. N may be a very large number given how many things people do.
For an ideal world of compatible modular technologies, N choices is easy.
But our technology world is highly non-modular, centralized at many levels, and full of incompatibilities and dependencies of various kinds and costs. Including important dependencies involving the choices of other people we interact with, or very specific tools or resources.
So no, “Don’t buy Apple” is not better advice, it is just bad random generic advice, without knowing a lot more about any particular situation.
Like what someone writes books about.
Apple's ToS should be readily indicative of anyone using any of their products that Apple's perspective is that you don't own anything and they can do whatever they want with anything you do with their products. As the author points out you clearly don't own free access to what you've purchased.
The last thing I'll say is that it is fantastic advice to not purchase Apple in 2025. You can only be certain that this won't happen if you avoid them. I actually own a MPB, with receipts from purchase, that I had to purchase a bypass for when the device was enrolled in MDM by a family member that Apple has MDM locked and refuses to remove from iCloud.
Avoid Apple, that's the best advice. If you can't avoid Apple, minimize your footprint and make sure you're a good boy or girl else Tim Cook will steal from you and hide behind some bullshit first line support tar pit and an army of lawyers if you do happen to decide to threaten them.
But, at least with Google you can use hardware without the binding software requirement. You can use an Android device with GrapheneOS and have the phone entirely de-Googled, yet still use Android apps.
If the implication was that there's no other option outside of Apple and Google then that is unfortunate.
If I want to participate it modern life, where I live, I need an Android (Google blessed) or Apple device.
Many of us have expensive professional software tools that require Mac or Windows.
So it wouldn't be "slightly inconvenient". It would be the end of our professional work in those domains.
The alternative to Apple is…Google? How is that in any way better other than not being Apple? Sure, there are de-Googlefied versions of Android and today they work . But Google is actively working on ending the ability of those alternative operating systems to work.
As an example of one.
Banks requiring device attestation may be a pain in the ass, but it’s not a “requirement”; they (for now) still have websites and, usually, a physical branch.
Other examples probably exist.
Some banks are even app-only.
IRL events where you have to open the app at the gate.
Probably no charging for your EV.
No bus tickets. No Uber. No scooters. No food delivery. More tedious flying / immigration. No Tinder (requires live face verification on your phone) Some modern cars you are going to have troubles.
Impossible to setup a lot of smart appliances (like home WiFi routers). Many examples.
It’s like: can you live without a bank card ? Probably but not everywhere and you will not be able to go to all shops.
Essentially it’s great if you plan to stay at home. Becomes a great problem once you want to interact with anyone further than 1 meter from you.
Expect this to be the norm going forward due to hardware attestation being normalized on phones.
(1) Unbanked population in Uganda or india don't have options. Funnily, it's become the same with everyone, banked or unbanked, in the USA. The USA a third world dictatorship now, so expect that and more. Please vote for the orange buffoon a third time! He will most surely try to get on a third term.
(2) No bank in the EU requires a smartphone; it's banned by law (you know, law that protects people, the type you lost). "Banks" that are app-only are not banks but financial casinos. No bus driver in the EU can refuse small coins. In some countries they cannot refuse that you get on the bus without paying. No shop in the EU can refuse cash. No EV charging requires any app; you can pay right at the charging station with a credit card. Uber is not a universal right but a trinket. Same with tinder/food delivery and all the impoverishing tech for the disowned.
Enjoy the USA.
If you want to use the Tesla supercharger network (one of, if not, the largest in Europe, so rather useful), you need the app. https://www.reddit.com/r/Polestar/comments/1hrzidy/do_i_need...
In Northern Europe it's very common not to have cash at all or to have it rejected. In Estonia, you can choose to login to services using... your mobile phone OR (if you are lucky and this is supported) a physical ID card reader, so realistically you want to have a mobile phone. Some services don't even have alternative. It's more like a German / Swiss thing to have cash everywhere.
They may not require one, but good luck getting transactions done without one. My EU bank branches are now only open 3 hours a day, and to approve an online transaction without the app means phoning the bank during business hours…
This is the first I’ve heard of Apple locking someone out of their account for no reason. Google does it all the time. So, yeah, can’t leave Apple over this.
I mean that is a problem in itself :D
To say nothing of the fact that well-adjusted humans need to communicate with friends and family, and many times that also practically requires being on these platforms as well.
E-stim addicts will rationalize their slavery to a small rock in their pocket and sing grand songs about how it’s a curse but they need it. Like all addicts, they are not capable of rationally assessing the utility of the dependence object, and they’ll start carting out all sorts of silly things and gesturing vaguely “See this washing machine? Yep, it needs the rock, that’s why I keep my rock on me and charged at all times”
Time is the most precious thing in life, you’ll never be able to buy it back so you may want to reconsider long-term.
And the workaround is always far more work than I want to do, for virtually no upside for me.
Plus nothing ensures the bank you switch to won't up their "defenses" in a week.
At least around here, I can walk into a bank, sign a few papers, then that bank coordinates with my old bank to transfer all my direct debits, move all my money and notify all my periodic creditors (employer, social security, tax office...). Peer-to-peer payments (like splitting bills with friends) are usually done by alias (phone number or email) on our instant payment scheme, not by IBAN, and my new bank will take care of rerouting that too. And if for whatever reason someone has my old IBAN and tries to send me money in the future, they'll get a rejection and will just have to ask me for my new one, no big deal.
As for "in a week", come on, you're just being intentionally annoying. Obviously there's no guarantee. If they don't have root detection now, after everyone has had it for a decade, there's probably a reason and they won't implement it any time soon. And if you're just supremely unlucky and they actually do it right after you switch, oh well, you wasted and afternoon. Definitely less time wasted than trying all the million different root hiding techniques that probably don't work anymore.
Think of it like a car key. You wouldn’t have a crusade against car keys right ?
Which is good, right? One less thing to lose.
Having all your emails on Gmail and used for external services (bank, insurances, etc) is a different story though. I prefer to pay my email provider, at least they will care a bit more than they do for a free account...
Stay as far away from BigIT as you can. Linux or BSD are there for many good reasons. This is another one.
I proved them who I am, that the new payment method (virtual card from a well-known organization) is mine, everything.
After lots of back-forth I've been informed their decision is final.
I HAVE NOT BREACHED TOS. I wish I has a major law company behind me to force them to admit that.
Very happy it was my almost unused account, heavily went down with my purchases in mt main account (in my usual country of residence) as well.
And yes, I use login-with-companyName as sparingly as possible. We are not the users, we're beggars.
It happened - fake again. Now the customer support flow is: you upload images of the product (max. three), and the system approves the verification or rejects it, and then you have a way to contact customer care. System rejected. The trick is - they do not know why the rejection happened, they are not able to tell me, they are confirming the images are very clear and crisp, but they can't do anything to help me because the system leaves them with zero options to move forward - in fact, there is no further escalation matrix either. Nada!
The bank (credit card issuer) refused to raise the chargeback because "but the merchant 'delivered' the item". But it was fake, so? No, no, it "delivered" - that is what counts, so you have to sort it out with the merchant. But they are refusing any further help. You have to sort it out with them. And so on... in a loop.
Can I take them to court? Sure. It may take weeks, months, and maybe years, and even then, in the end (if I win), the court may just instruct them to refund and possibly (possibly!) compensate a trivial amount for legal expenses, which is never even remotely close to the actual legal expenses in this country's courts.
Just stonewalled. It almost feels Kafkaesque.
No option to contest the receipt....until the "would you recommend a friend visit amazon Go" survey popped up. I responded negatively, then the "why?" question had a "My receipt was incorrect" option.
Suddenly I was able to go through the "contest receipt" workflow.
100% completely automated.
(Fwiw, i never bought anything from Amazon again after receiving one fake item. If i want to gamble I'll pay Aliexpress prices)
That’s simply the actual cost of living in your jurisdiction.
I don’t think any large retailer or bank on Earth guarantees there will be a viable escalation pathway for all possible combination of scenarios either.
Maybe a very high end private bank but even that’s iffy.
So, when my mom passed, our family had to deal with DB. I have never, ever hand such a bad experience with a bank. The bank overseas was so courteous and efficient that I asked if I could open a bank account with them but I couldn't since I don't live in the country, just a frequent visitor. The IRS and government were easy. The will was as easy as it gets. Do things by the book, you'll be fine.
The NY DB office, to which I would have to go frequently and sit in some luxurious waiting room with nice art, was insane. My lawyer and accountant could not understand how they could repeatedly ask for the same information, deny they had received it, ask for information that literally the US government does not give out to anyone and on and on and on. And no there was nothing shady or shifty about my parents' lives. My lawyer started sending meaner and meaner letters to them, the kind that talk about making my client whole and litigation.
And yet, a few years later it turned out that same bank was often in the news for, among other things catering to Jeffrey Epstein. Who knows, maybe he spent his last hours complaining about them too. I could only hope he had that experience to add to his all-too-brief punishment. Actually, I have often wondered if we got raked over the coals because they had genuinely fishy clients and thus all the clients, especially the ones overseas, were on some kind of government watch list.
Of course it'd have been nicer to tell them to fuck off, but living without Amazon would simply be far too inconvenient.
I'm just always a little surprised to read things like "i couldn't live without Amazon," and i wonder if there are no other alternatives for two day shipping on other countries or what it is that keeps people stuck on Amazon instead of using other next-day deliveries
I'm in Austria (not Australia) and local retail prices are infamous for being 25% to 100% higher than in neighboring Germany for the same stuff because of cartel behavior of local retail industry.
Buying from amazon Germany means I can get the same prices as Germans (with +1% extra for higher Austrian VAT) for the same goods.
I'd love to give up Amazon in favor of local stores but local cartels are just as bad or even worse.
So to fix the Amazon problem you need to fix the competition problem first, which is caused by players other than Amazon too.
But still, most people go to the shop to buy toilet paper. Once you get used to Amazon, it just saves so much time and effort. The prices aren't bad either, I just checked toilet paper on amazon.com and 30 rolls of good quality amazonbasics toilet paper costs $0.22 more than the equivalent kirkland product on costco.com
You can order almost everything you need in the same app, whenever you feel like it. Just a couple of clicks, no need to fill in delivery information or anything.
The only part where YMMV is receiving the parcels obviously.
Sure, for every individual item there might be a better better local option. I'd have to spend time finding that, then go through the terrible order process and hope their delivery service isn't utter shit. Oh, and yeah, half the time they'll probably block my order because I'm using a non-european card.
Just being able to use Amazon for almost everything starting from bottled water and toilet paper saves me immense amounts of time. I can generally trust that the stuff I order reliably arrives at the concierge, which isn't a given.
And FWIW, most of the time I've shopped around, Amazon has been cheaper or essentially the same price. Doesn't really matter to me, but it is a plus. I'd happily pay more for a more convenient service, but in this case it seems I'm usually paying less.
In addition, I always suggest people to:
- Not use big tech's cloud services - ever
- But if you must, do not use many cloud services from just one provider (i.e no Google everything, no iCloud everything) i.e stop using "one account gateways".
- Needless to say, it's time you had a domain and start paying for mail hosting (at least for critical stuff - you can actually buy a very cheap plan; and use that gmail/live-hotmail/yahoo/iCloud/whatever everywhere else) [0]
- Keep an offline (but safe) copy of your "most" important data [1] and ways to remember (i.e cryptic hints) for your "most" important passwords
- Gain some experience in fighting in consumer courts/forums (depending upon your country) - start early, start with e-com companies. A lot many times we don't put up a fight because we have never done it before and we give up always because every time it's a first time. Apple and Google make a mockery of consumers everywhere because we have allowed them to. In fact sometimes when we talk of lack of accessible support at Google and Apple (yes, Apple) we speak in a disdainful appreciation or awe :)
[0] Some might disagree but disabling (or dev/nulling in a way) mail@, hi@, contact@, sales@ etc on your domain (esp. if you have catch-all enabled) goes a long way in terms of avoiding spam
[1] It's also very important to have a tiered approach to data storage and backup strategies. There should be a very, very, very small subset of your personal data, including some of your photos and videos, that is really, really small in storage footprint that you can back up/sync to multiple locations and actually pay the full price for it at storage costs via your own setup, preferably using FOSS tools (which are becoming too good these days) out there.
“You’re giving these companies your data and then dare to be angry when you lose it? Just get a degree in computer science and host it yourself!!1! I am very smart”
1. You don’t need too much time to set this up.
2. All this doesn’t have to be in one sitting - with meds and coffee that keeps you awake through the sleeping hours
3. In fact it’s better if you do this over the weeks, months, years. For me it took years and I am still kind of doing it. Once in a while, here and there.
4. I am not very smart. If I was I’d have just ignored your comment.
Those are the steps the commenter suggests you take to use these services safely.
It’s not that these steps are reasonable.
The question is: will you roll over and die without a fight for your rights?
At least you have time you are spending on HN that could be devoted to learning to fight. The fewer people that fight, the faster your rights disappear.
- Have a local backup (simple giving the storage prices)
- Pay for one email provider (less chance to ignore you)
- For important services (bank, etc.) always register also a telephone number / second email if possible (there is a low chance that both primary and secondary thing will be blocked at the same time)
I've been reading about Lovecraft's Old Ones. Apparently they have no ill will towards humans. They just sometimes cause harm without realizing it, while going about their business.
I'm not sure if I like that take because of how horrifying it is, but I found it very interesting that harm can be caused so nonchalantly by more powerful entities, since humans already view themselves as the most powerful entity.
At the same time, AML solutions tend to be a closely guarded black box which simply tells you to block a customer, finding out why is pretty difficult.
To add more to the problem, some anti money Landry solutions are … AI powered.
For a good reason! You, as a rule, really don't want to tell the customer why you're blocking them. What will happen in the end is that you will be facing federal charges for assisting the money launderers because you kept telling them what they're doing wrong.
> This is the same failure mode of all security-through-obscurity. Secrecy means that bad guys are privy to defects in systems, while the people who those systems are supposed to defend are in the dark, and can have their defenses weaponized against them.
This concept is used to argue that obscurity shouldn’t be used at all as a defense mechanism, when really all it means is it shouldn’t be your only line of defense.
Obscuring aspects of a system can contribute to its overall functioning: it’s a filter for the laziest of adversaries, and it creates an imperative for more motivated ones to probe and explore to understand the obfuscation, creating signal and therefore opportunities to notice their behavior and intervene.
I think for anyone who has dealt firsthand with mitigating online fraud, hackers, spam, trolls, cheating etc, the idea of having completely transparent defense mechanisms is pretty much ludicrous.
Yes, in many countries they are, but I don't think the laws are dictating Apple to completely turn off the accounts, but instead dictate that Apple should take measures against it.
They could disable those gift card features + Apple wallet/pay if they suspect fraud, and if no one complains within a month, then disable the entire account, rather than start with disabling the account. Would give them space/time to investigate, and wouldn't be a huge pain in the ass when the inevitable false-positives happen, like in this case.
You misunderstand the nature of financial regulation. The laws on things like money laundering are intentionally vague, they say things like "Apple should take measures against it". And financial regulators will not come out and say (especially in writing) that you MUST do any particular thing (like ban customers entirely on suspicion).
What they WILL do is ask probing questions, frown a lot, and make suggestions. Which the company had better take seriously. Because the financial regulators have the ability to simply close down your business, and if you cross enough of the unclear lines they will do so.
So instead they censor the company from telling you the reason, because everyone whose account is locked is guilty of Terrorism, obviously, and the people actually committing fraud would be unable to discern that they've tripped the detection system from the fact that their account is locked unless you told them that was why. Certainly not because it would make people unsympathetic to what the government is doing.
You misunderstand how business regulation works in free countries. Financial regulators can't just "simply close down your business" however they want, unless you live in a country that is primarily authoritarian.
Again, I'm not saying closing down accounts isn't easier than turning of functionality, but companies could chose the "harder route" if they did care about the users themselves. Alas, most companies priority remains "make more money above all".
And don't think for a second the US federal government couldn't do a huge amount of damage to anyone it feels like by way of its financial regulators. In general it's better for the US government if Apple continues to exist, though.
Maybe that's true where you live, but it's definitely not true all over the world, many economies have a free economy yet companies exist for public benefit, not shareholder value generation. It's out there, wouldn't be impossible to implement where you live either.
> And don't think for a second the US federal government couldn't do a huge amount of damage to anyone it feels like by way of its financial regulators
Right, I agree. But I also qualified my statement to not be valid in authoritarian countries, so maybe not the greatest example to use.
Particular airline like United makes your life hell, or even behaves sloppily and heavily inconvenienced you? You not only hate them, you actively go out of your way to tell your friends, family, and anyone who asks your opinion that you hate them. And why you hate them. (Lost one/only bag, for longer than an entire trip, over ten years ago.) And go out of your way, even at higher cost, to avoid them. (Have never flown United afterwards.)
Aside: We know this can be done competently; see Japan. They’ll even fail sometimes, but I suspect that nearly-always, someone from the airline would be delivering the bag personally after they obsessively located it, as opposed to the “meh” attitude US carriers take.
On the other hand, some company like Valve: for an out-of-warranty product (just time, current-model Steam Deck) that was purchased outside the country and gray-market imported (consumer level, just carried out to another country)… and which they don’t sell in your country… they demurred a bit then agreed to ship a replacement part to the original purchaser. At zero cost. Dealing with product issues isn’t fun, but we all know issues arise sometimes, and they killed the “delight the customer” goal.
Some companies still care, and I’d argue that treating your customers like crap while attempting to extract maximum “short term value” doesn’t actually work. Not in the long term, and in the short term, well… it depends on your definition of “short term”. One bad incident can go viral and wreck your quarterly earnings.
The cards were to family members that I normally send gift cards to at Christmas, and the activity was counted as "sus" even though I was asked to validate my card number and expiration date before being allowed to make the purchase.
On that note[1] is a good read (Cmd+F: "suspicious activity report"), although this specific case is about gift cards, but the AML/T&S etc. space is remarkably similar.
[1] https://www.bitsaboutmoney.com/archive/debanking-and-debunki...
(edit) Ah, right, anti-money-laundering, found it in your last sentence.
Most likely stolen cards. Stolen credit cards are used to purchase gift cards which are then resold to unsuspecting buyers. Think of it as stolen money laundering.
A lot of things are clicking into place for me in this thread.
A very usual scenario is that the scammer pretends to be a technician doing some remote support and for example pretends to provide some refund. Then they pretend that they've mistakenly sent out e.g. 10x the amount and they ask for the difference back, claiming that their job is on the line.
Crypto would work, but since they target old and tech-illiterate people, the easiest way is usually to ask the victim to go to a store, buy gift cards and read out the codes.
Google kitboga (a known scam baiter) for the videos.
They’re great entertainment pieces, and almost a commentary on the state of the world through the lens of microeconomics, with both sides behaving in a way they think is best for them.
For the baiters, they get engagement and, sometimes, the feeling of revenge for a scam visited upon an elderly relative; for the scammer, maybe it’s worse, as we know some people are trafficked into places then forced to scam people (or maybe they just want money). Still, kinda paints the world in a sad light.
Of course Support should be able to resolve this if proves are given
Whats coming?
Gift cards are often used for money laundering or scams, because they allow to transfer monetary value in small increments and without tracking: there's no link between the person who bought a gift card (anonymously with cash) and a person who used its code to put money onto an account.
AML = Anti Money Laundering
Their mega high risk - high value gift cards are effective for laundering stolen/fraudulent credit cards. Buy a $500 gift card with a stolen CC and sell it on FB marketplace for $400 - you’re up $400, the buyer saves $100, Apple get paid by the retailer and the CC company are (likely) on the hook.
Of course the actual solution here is _don’t sell high value gift cards_, or require the Apple ID email at time of purchase/activation of the card
Not in all situations. Because of various cross promotions between car insurance, supermarket and airlines, by using gift cards for groceries I get an effective ~9% discount every time. That really adds up over a year.
For Apple and others, you can use secondary gift card market to get some discounts too, if you wanna risk it.
I regularly see people in line at the supermarket, buying gift cards. I notice, because it’s a discrete workflow, that stands out.
I doubt they are all feeding scammers.
I think that charities often solicit gift cards.
It's the same premise as buying someone any gift instead of just giving them the money so they can buy whatever they want.
Edit to add: kids often don't have bank accounts, i mostly received gift cards as a child, from relatives who wouldn't want to mail cash and couldn't give me cash in person. On a dark note, giving a kid a gift card to a toy store makes it harder for the parents to steal it for themselves.
The whole practice originates from "gift certificates" where you'd maybe go to your favorite spa and get a gift certificate to give someone, so that the spa treatment is the gift you're giving, but the recipient redeems it whenever they want. That just got abstracted to non-service gifts as well, with the same idea ("treat yourself to a new video game, whichever and whenever you feel like it" -- that's the gift, facilitated by the card)
Additionally the inverse is true. Sometimes kids choices are restrained, and they really would like to do a thing they are not allowed to, and gift cards offered them away to do that. Case in point: my tween figured out that we don’t let him buy in game currency for any the games that we do let him play, however, when a relative gives him a gift card, we let him redeem it, making gift cards incredibly popular gifts.
GCs are valuable to brands because they are marketing tools. Recipients are prompted to go to the merchant to spend money, and they usually spend about 40% more than the face value of the card.
Also, GCs are valuable to merchants for breakage. This is when a card (or partial balance) goes unused. Starbucks, as an imperfect example, recognizes about 10% of their total outstanding GC balance as revenue every year, due to breakage. This amounts to hundreds of millions of dollars.
I've never had my $100 GC be worth $104 a year later, but for the issuer it is. They just keep the $4.
Maybe it is more accurate this way?
If they had to reimburse you for the cost of all your lost files, then we'd see the real impact on finances.
Gift cards are used by phishers. In our institution, we routinely get personalized spam mails (in the name of the corresponding group lead of the recipient, sent via GMail -- this is not low-effort) that ask whether they are available and, when (accidentally) responding, ask for Apple gift cards.
> Hey, it’s me, your CEO. I’m in a meeting with our big customer and I need an urgent favor. Thanks! You’re a life saver.
> - Mr. CEO
If I need to guess, gift cards are sold online in money laundering schemes, also on some platforms they are used to let you buy apps from a lower priced country
Enough that I am very wary of buying or redeeming gift cards now, especially more than one in a row.
Apparently there's some sort of scam with gift cards, which must affect any platform which allows them, and legit uses often get flagged by automated systems.
If they are so much trouble for Amazon/Apple I wonder why not disallow gift cards, instead of randomly banning users?
I remember I went through some automated process which asked me for some account details, and after a few hours (fewer than one day, I remember as much) my account was unlocked. It was scary!
What I remember puzzled me is that it was only two low-value cards. I would have understood the system being triggered by a lot of low value transactions, or a few large ones... but these were few and low value! Go figure.
Sorry I don't remember more details. All I know is it made me scared of gift cards.
And some of them don't even have that!
Even if in the T&Cs say Apple can do this, which it probably does, now they would have to prove it in front of a judge.
If Apple doesn’t show up, they’ll lose and the filer will get a default judgement, for which they hopefully asked/made the case for $10k. I’m sure they can arrange to have it enforced against a local Apple Store to seize not product, but operational working assets, if they’re creative a bit. If Apple has anyone competent in Legal they won’t let it get that far, though.
Then again, if they do show up, they’ll pay a lawyer well more than an hour of time, probably by a lot, and still have to argue against a likely well-prepared person, with proof of purchase, etc., (legitimate) sob story of lost time, digital assets, and the like, and likely won’t endear themselves to the court.
And of course for a business, an actual court filing (or arbitration if it gets forced on them, with competent counsel) could be even worse.
That's a big ask.
Justice is dead when nearly everybody just makes backroom deals with no admissions of guilt and nondisclosure of terms if they even defend themselves at all.
A person who is capable of defending themselves owes it to those who aren't as able; if even the most resourced people won't defend themselves, what chance to the rest of us have?
After nearly 30 years as a loyal customer
I've heard others say this (and was a "loyal advocate" of Windows for around 2 decades myself), but the reality is they simply do not care. You are merely a single user out of several billion.
Many of the reps I’ve spoken to have suggested strange things
That almost sounds like some sort of AI, not a human. But if I were in your situation I'd be inclined to print out that response as evidence, and then actually go there physically to see what happens.
macOS doesn't require this. My Apple account has a handful of apps purchased over the years, and that's it. I could've bought them directly from the vendors, but the store makes it easier to update.
Technically true but I tried using a mac without creating an Apple ID and gave up. You can't access the store without it so you are locked out of Mac apps that aren't installed by default, and all apps that only distribute through the store now.
I think you’re missing the point here, which is we need regulations to protect consumers against big tech.
Of course this is not for average people, but neither is making backups.
I’ve had Clone Hero running badly on an ancient MacBook for my drums, so I decided to swap it out for an M1 Mini that was collecting dust on a shelf. I did a full erase, but I couldn’t get past its activation lock. At all.
This is a piece of hardware I purchased on my credit card, for my company, (luckily) linked to a phone number I control and an email address on a domain I can control, but Apple in their infinite wisdom are still locking me out of my own hardware because I don’t know the password the last employee used on the computer! I don’t want any data off it, thats gone, I just want the computer I spent money on to actually be usable!
I initiated a “recovery” process to unlock it (at Apples discretion?) and they’ve sent me an automated email saying the initial checks are passed and they will contact me again in 7 calendar days. Kafka-esque doesnt even begin to describe it. So for the next week I have to whistle Dixie!
I’ve been a massive Apple fanboy since I swore off Windows a couple of decades ago, giving them a decent high 6 figure spend over that time and influencing countless others to buy Apple devices. Well that very much ended this week & going forwards without Apple will be painful, but the message they sent me couldn’t have been any louder & clearer. The writing has been slowly creeping on to the wall for the last few years, between buckling to UK government pressure, the CSAM photo scanning nonsense, the absolute UI abomination of this new glass crap, this was my final straw.
I’m also going to be relaying their “message” very clearly and loudly now to any friend or family member considering another Apple device.
[1] https://news.ycombinator.com/item?id=26482635
A few years passed, and a couple of weeks ago my phone broke, so I wanted to use that one until I bought a new one. It turned out that Apple had permanently deactivated the iCloud account on that phone. I could make calls, but I couldn’t install or update any apps, even though I still controlled the email address that was used to create the Apple account. Not that 5S is very useful these days but still.
I've unlocked some old Thinkpads that were similarly left locked with a BIOS password by departed employees, officially not possible, but actually possible if you reflash the BIOS and EC ROMs.
I was looking for the flashing hardware around here, but i should probably peek on AliExpress :)
If you need to recover the EC, then I believe anything that can work as a generic JTAG device, like an FX2LP dongle (~$5 or less, and useful for other things like a logic analyser) will also be needed.
It’s almost certainly not, it’s just humans being human and going off script. I worked in a place where we dealt with an enormous number of customer service requests, and one of our measured support metrics was “how often do the agents deviate from what they’re allowed to offer”.
AIs are RLHF'd to have a corporate-pleasing interface w.r.t. metrics.
What changed your outlook? Did you get burned by Microsoft?
It always seemed to me the people who deride Linux's desktop GUI are those who actually never bothered to use it, especially not seriously in the past decade.
My Member of Parliament represents about 130,000 people, does regular door knocking to talk to people, and has a staffed office a few km away the I can walk into anytime I want.
None of that applies to a multinational corporation.
In my Parliament MPs seem to represent primarily the interests of their donors, not those of their country, not even constituents. It still better than it used to be, the corr...., er lobbying is not as blatant, but its still obvious.
Seeing the MP? Yeah. Maybe if someone lives in the "unsafe seat" area and the MP is trying to get reelected:)
And don't tell me to "vote with my wallet". We're talking about Big Tech, not your next door kebab shop.
And yes. Don’t give them money. Buy something else. We are not short on phone or laptop brands.
I am surprised that with such a pedigree, the author doesn't already have contacts at Apple they could reach out to for that personal touch.
At that point, it doesn’t matter how many friends you have on the inside, unless you’ve got one that’s ignorant of the law or willing to risk the penalties.
This could happen to anyone. It can happen to people trusting Apple with their data, to people using Google, Microsoft, Amazon, or any other big cloud platform.
This deserves everybody's attention, and also a massive lawsuit to force these corporations to treat our data more responsibly.
If you don't have root access to the machine your data is on, it's not your data.
If he doesn’t think like that, then why does he act like it?
I'm more curious how/why the author ended up with a $500 gift card. That's a large amount, and the author never shares how this was obtained, which seems like a key missing detail. Did the author buy the gift card for himself (why?) or did someone give him a very large gift (why not mention that?)
Even if it feels sus, remember that AI is trained on what it sees: even the posts here will make it more and more effective at “writing like a human”.
As for the OP, the claims to exist and have published books, etc. are relatively easily publicly verifiable.
No, $500 isn’t a large amount, doubly so anymore. I consistently have to try to re-anchor, but $100 is the new $20 (sadly).
I never claimed the author doesn't exist.
$500 is objectively a large amount for a gift card. Off-the-shelf gift cards with predetermined amounts are almost always substantially less than this.
If you receive them as a gift, use them only in a situation unconnected with your cloud ID, such as to pay for new hardware at an Apple store.
The author mentions a big store (names it similar to Walmart for US based readers).
I would assume this was an accepted form of "return a product without a receipt" or "we want to accept your complain about this product we sold going crazy 1 day after it's warranty but we cannot give you cash back" etc
I don't want to speculate more, but one of the use cases for them is for people that choose to not use cards online (or even don't have credit cards at all) to be able to buy digital goods with cash.
Either way, if we're questioning buying/using the gift card, we're blaming the victim
People are fast to pull out pitchforks in response to outrage-bait posts like this, but (generally speaking) a nontrivial percentage of such posts are intentionally omitting details which can help explain the other side's actions.
Also I genuinely wasn't familiar with this specific use-case for gift cards. At least in the US, you can buy general-purpose prepaid debit cards for this type of thing instead, or use various services which generate virtual cards e.g. privacy.com. To me that seems infinitely more normal than buying a large-value "gift card" for yourself, but I'm admittedly not familiar with the options in other countries.
2. I didn't see the prepaid cards in stores outside the US, so they are probably not that popular outside.
Sometimes you also want to shift your spending, like if you spend 500 USD this month at this store, you'll get some good % cashback. So you end up buying a gift card that you know you'll definitely use next month.
I think this is irrelevant, TBH.
The author has been a professional writer since long before LLMs were invented: https://hey.paris/books-and-events/books/
LLMs were trained on books like the ones written by the author, which is why AI writing "smells" like professional writing. The reason that AI is notorious for using em dashes, for example, is that professional authors use em dashes, whereas amateur writers tend not to use em dashes.
It's becoming absurd that we're now accusing professional writers of being AI.
If this isn't AI writing, why say "The “New Account” Trap" with then further sub-headers "The Legal Catch", "The Technical Trap", "The Developer Risk"... I have done a lot of copyreading in my life and humans simply didn't write this way prior to recent years.
Regardless of whether AI wrote that line he published it and we can safely assume it is what he thinks.
There's the further detail of multiple commenters here saying their various contacts at Apple all cannot solve this particular case, which seems odd.
Now that said, given the OP is a published author, it's more likely he is trustworthy on that basis, but personally I still get a "something doesn't add up here" vibe from all this. Entirely likely I'm wrong though, who knows.
Aren’t LLMs evidence that humans did write this way? They’re literally trained to copy humans on vast swaths of human written content. What evidence do you have to back up your claim?
The problem is they were trained on everything, yet the common style for a blog post previously differed from the common style of a technical book, which differed from the common style of a throwaway Reddit post, etc.
There's a weird baseline assumption of AI outputting "good" or "professional" style, but this simply isn't the case. Good writing doesn't repeat the same basic phrasing for every section header, and insert tons of unnecessary headers in the first place.
That’s a subjective statement, but generally speaking, not true. If it were, LLMs would produce unintelligible text & images. The way neural networks function is fundamentally to produce data that is statistically similar to the training data. Context, prompts, and training data are what drive the style. Whatever trends you believe you’re seeing in AI can be explained by context, prompts, and training data, and isn’t an inherent part of AI.
Extra fingers are known as hallucination, so if it’s a different phenomenon, then nobody knows what you’re talking about, and you are saying your analogy to fingers doesn’t work. In the case of images, the tokens are pixels, while in the case of LLMs, the tokens are approximately syllables. Finger hallucinations are lack of larger structural understanding, but they statistically mimic the inputs and are not examples of frequency differences.
Your accusation on the other hand is based on far-fetched speculation.
If this is a published author known to write books before LLMs, why automatically decide "humans don't write like this". He's human and he does write like this!
I know. I just mentioned them as another silly but common reason why people unjustly accuse professional writers of being AI.
> I have done a lot of copyreading in my life and humans simply didn't write this way prior to recent years.
What would you have written instead?
The difference is that using em dashes is good, whereas the cringe headings should die in a fire whether they’re written by an LLM or a human.
In cases where it makes sense to divide an article into sections, the phrasing should be varied so that they aren't mostly of the same format ("The Blahbity Blah", in the case of what AI commonly spews out).
This is fairly basic writing advice!
To be clear, I'm not accusing his books as being written like this or using AI. I'm simply responding to the writing style of this article. For me, it reduces the trustworthiness of the claims in the article, especially combined with the key missing detail of why/how exactly such a large gift card was being purchased.
It's unlikely that the article had the benefit of professional, external editing, unlike the books. Moreover, it's likely that this article was written in a relatively short amount of time, so maybe give the author a break that it's not formatted the way you would prefer if you were copyediting? I think you're just nitpicking here. It's a blog post, not a book.
Look at the last line of the article: "No permission granted to any AI/LLM/ML-powered system (or similar)." The author has also written several previous articles that appear to be anti-AI: https://hey.paris/posts/govai/ https://hey.paris/posts/cba/ https://hey.paris/posts/genai/
So again, I think it's ridiculous to claim that the article was written by AI.
The post https://hey.paris/posts/cba/ has five bold "And..." headers, which is even worse than "The..." headers.
Would AI do that? The more plausible explanation is that the writer just has a somewhat annoying blogging style, or lack of style.
We're clearly not going to agree here, but I just ask that as you read various articles over the next few weeks, please pay attention to headers especially of the form "The ___ Trap", "The ___ Problem", "The ___ Solution".
No, I'm going to try very hard to forget that I ever engaged in this discussion. I think your evidence is minimal at best, your argument self-contradictory at worst. The issue is not even whether you and I agree but whether it's justifiable to make a public accusation of AI authorship. Unless there's an open-and-shut case—which is definitely not the case here—it's best to err on the side of not making such accusations, and I think this approach is recommended by the HN guidelines.
I would also note that your empirical claim is inaccurate. A number of the headers are just "The [noun]". In fact, there's a correspondence between the headers and subheaders, where the subheaders follow the pattern of the main header:
> The Situation • The Trigger • The Consequence • The Damage
> The "New Account" Trap • The Legal Catch • The Technical Trap • The Developer Risk
This correspondence could be considered evidence of intention, a human mind behind the words, perhaps even a clever mind.
By the way, the liberal use of headers and subheaders may feel superfluous to you, but it's reminiscent of textbook writing, which is the author's specialty.
As for the section headers, my general point was that AI output includes an excessive number of these, and they are often generally of the form "The [noun phrase]". Many times there's an adjective in there, but not always. If you think this is good writing then you're welcome to your opinion, but most writing instructors feel otherwise.
Textbooks don't contain section headers every few paragraphs.
The issue isn't whether AI is good or bad or neither or both. The issue is whether the author used AI or not. And you were actually the one who suggested that the author's alleged use of AI made the article less trustworthy. The only reason you mentioned it was to malign the author; you would never say, for example, "The author obviously used a spellchecker, which affects how trustworthy I find the article."
> If you think this is good writing then you're welcome to your opinion
I didn't say it's good writing. To the contrary, I said, "the writer just has a somewhat annoying blogging style, or lack of style."
The debate was never about the author's style but rather about the author's identity, i.e., human or machine.
> Textbooks don't contain section headers every few paragraphs.
Of course they do. I just pulled some off my shelves to look.
Not all textbooks do, but some definitely do.
After going through my technical bookshelf I can't find a single example that follows this header/bullet style. And meanwhile I have seen countless posts that are known to be AI-assisted which do.
Apparently we exist in different realities, and are never going to agree on this, so there is no point in discussing further.
"The card was purchased from a major brick-and-mortar retailer (Australians, think Woolworths scale; Americans, think Walmart scale)" There's not much of a reason to assume someone else unaffiliated with the author bought this card, he mentions talking to the vendor and getting a replacement which means he has the receipt
It certainly implies the author bought the card for himself, yes; but that seems rather unusual to me, especially in such a high amount.
Why would you purchase a $500 gift card for yourself to "keep a subscription without worrying about it" as opposed to just paying the small monthly amount? Honest question, I literally don't understand that motivation at all. In my mind a gift card is more problematic than a normal credit card in this scenario since it eventually runs out.
Second question: why did you create an HN account just to write this comment?
Asides from the promotional bonuses that other users have mentioned, if you have an Apple Family Sharing group you can only use a single credit card tied to the main account for any payments to Apple, but individual accounts will draw down from their Apple Account balance before using that credit card - so gift cards let individuals pay for their own Apple things (subscriptions or otherwise).
there is a number of services that I pay for with either their gift cards or generic gift cards
I mean that. Exec level. This story and that this specific person cannot get it fixed indicates absolute failure.
I have a feeling that this guy also doesn't get why this happened to him and that he himself contributed towards it with the work of his life.
We all depend heavily on cloud storage and sso . Everything works fine until you are locked out .
And using them isn’t fully voluntary. They are necessary for collaboration . You end up using what your team uses .
You can try to be that “own cloud” snob but it only works if you live in a basement
Every normal person has content in Google , iCloud , OneDrive , Dropbox and maybe more. That’s 4+ single points of failure
You’re just not imaginative enough if you think you’re safe .
OPs only recourse is an insider or a lawyer
It is totally normal in today’s world to depend on cloud services and reasonably difficult to do without it. In China: no WeChat you are practically dead. Here try to join meetings without account, try to send a message on WhatsApp without account, etc… a lot can go wrong very fast. What if you used your Apple account as SSO to other services ?
You see this a lot in the Apple "community". Apple can _never_ do wrong. Apple can _never_ make a mistake. Apple's choices are _always_ the best choices.
I don't understand why people put corporations on pedestals.
edit: about the same role as Greek or Roman gods.
sure i am dependent to cloud services as much as he is, much to my own chagrin, but at least i have all my data backed up??
One of 20 of your services could lock you out tomorrow and that means you’re blocked from coworkers and family
Team builds service. Service depends on first party identity/authentication because it's easier.
... Fast forward 20 years, and no one at platform company even understands the dependency graph from a customer perspective anymore. Especially in the case of rare events like account locks.
Consequently, those customers face a sudden Kafkaesque maze of edge cases that don't line up, as the customer service processes people are funneled through are literally incapable of solving the problem.
Which means the entire "normal" customer support apparatus is unavailable to them. (The same apparatus companies aggressive shove all support through)
This is why there should be regulatory requirements for identity platforms mandating the ability to speak to a human who's empowered to fix your issue + an option for customer-choice decision arbitration + continuous random sample audits with penalties for falling below KPIs (timeliness, correctness, etc).
It should literally be illegal for a company to have their banning system 'oops' and then pretend they don't know you.
Because it's only going to get worse as more AI / probably correct methods infuse account security functions.
I have once for iCloud... and the impression I got was that they must think close to 100% of the population on Earth are potential scoundrels for them to put in so many clauses and escape hatches.
I don’t think it’s possible to fully read any modern TOS from a bigco and not get an inkling of that.
The real issue is why are people signing up to TOS they haven’t fully read, and if they have… why are they signing up for something that directly spells out they are possible scoundrels who need to be dominated.
It’s like some kind of mass self humilitation ritual.
It takes a public scandal, and all.
A direct, on the record, formal agreement to be an inferior.
And then people wonder why they get humilitated and mistreated in complex edge cases.
WhatsApp,WeChat , messenger , telegram all use private addressing
Fast forward 10 years, account got permanently locked for suspicious activity.
Unsuccessful appeal. So permanently lost contact with some of my childhood friends and no way to recover them as they are in private mode.
If you hope on Instagram to find a girlfriend, it can also have a serious impact on your life to not have access to it. No instagram + no WhatsApp = paranoid weirdo = not dating material
Seems very hand in hand with https://news.ycombinator.com/item?id=15222240
See, this is why IT MATTERS when we have confirmed emails of Zuckerberg going "...dumb fucks". https://news.ycombinator.com/item?id=1692122 You get all kinds of excuses https://news.ycombinator.com/item?id=38560321 Sounds good until you can't see any posts https://news.ycombinator.com/item?id=14147719 or they lock you out of your contacts https://news.ycombinator.com/item?id=4151433 Some people are just malicious and should be avoided at all costs and if their feet were held to the fire early they would've never been allowed to take over people's lives in the way they have. It matters.
The sad news is when important people get locked out they can call dedicated support . This case was of someone who wasn’t celebrity enough to have that access
Our shared powerlessness should bring us in communion with others, but the technocracy/corpocracy wants to rip that apart and make us dependent on them for profit.
Good insight - that people dunk on the author as a cope to help the dunker feel less powerless
They should be tripping over themselves of "How can we fix our corporate incentives to actually deal with customer problems". Not "lol OP, sux"
Your own wrongdoing. Always use a site-specific auth method, i.e. by email. And a separate email for each site.
(Use a catch-all to have different email addresses for different sites, because when one gets hacked, then the damage is limited.)
Hopefully, domain registrars are less prone to locking people out compared to Apple, given cause of the lockout is caused by Apple itself.
Reminds me of the time Namecheap stopped doing business with Russian accounts, even then they still gave some time for them to transfer their domains.
Eg: Dynadot decided what my birthdate is a secure pin two years ago. No combination of it works and I'm not even sure if I'm not shadowbanned for the attempts.
"But I use my addresses on my own domain" ok your domain registrar, then.
So you can use different email addresses for different accounts while having only one Gmail account.
You need to send them an email to cancel. When I tried they said “you need to cancel from the same email you signed up with.” :/
I like using company initials & random numbers @ my domain .tld
Yes, those companies should absolutely be forbidden to behave like this, and punished heavily when they do. But until it happens (which doesn't look like it will), your data is your responsibility.
That said, it does make your writing seem very odd. A little bit like the people, who apparently don't know what the shift key does, or how to trigger capital letters on their phones or something, and write only in lowercase letters.
Just because your phone does something silly, and it is not you doing it intentionally, that doesn't mean, that other people will not get a weird impression from you writing like that. In a way, you are letting your phone change the impression others are getting from your writing. And that impression is for many people that they wonder, whether you know the conventions of writing.
Now, like I said, you don't have to care about this. But if you want your texts to not come across like teenager written texts or low effort texts, it would be a good idea to fix your phone's silly settings, so that it doesn't do that to your writing.
If missing, these spaces are automatically added which various autocorrect features of localised OSes or otherwise.
If you are launching a startup, it’s very worthy to push your product on the HN homepage.
I wonder what is his case.
Sure, it is not directly their fault, when they are treated badly by big tech. Though of course they could have been more careful, and rely less on big tech and cloud. We can all learn from this example, like many others before this one.
The solutions self-hosting storage for non-technical people are terrible. Presumably there's no market for selling a solution that gives individuals data sovereignty. I would guess the margin isn't there and a recurring subscription for something you own is probably unpalatable to a lot of consumers. So this is what we get.
To register on some websites you may sometimes receive: “please use real email from gmail/outlook/etc”.
When you have a business meeting with a customer: “oh just install Jitsi on your mobile phone” is the best way to lose a sale.
Or no way to pay train tickets because you cannot install the app because your Apple / Play Store account is locked.
I've rarely seen (if ever?) a website so stupid and user hostile, to claim that there are no other "real" e-mail service providers out there, other than gmail, outlook, or a maybe a few others. There are services, which reject things like tempmail, that much I have seen, definitely.
Jitsi Meet runs in the browser. Does it not on a mobile phone? Perhaps there is something to this one, if it is the case, that customers in some areas don't even own any working machines any longer and only have phones.
Train tickets, at least where I am from and living, one can always buy, by going to a service center, or online via browser. I never had to use an app to buy train tickets. Even when traveling in China, which is arguably much further in terms of digitization than Germany, I was able to buy train tickets via a website comfortably, upon which the ticket was registered to my passport.
But I get it, there can be such examples.
Though I don't think this really matches the "depend on the cloud" thing. It's more like depending on services, that make use of "the cloud", and not directly using cloud services oneself.
(side-note, with Jitsi, it feels like I have a fireplace log in the hands when I use it)
I think Samsung rejected non-"Big Emails", but pretty sure we can find exceptions both ways.
Fun stuff I found while searching: > https://transportation.ucsc.edu/buses-shuttles/dvs/ > > The Disability Van Service (DVS) is a shared-ride service that provides on-campus wheelchair ramp–equipped transportation for those unable to use the regular Campus Transit system due to disability > > If you are a visitor, please use a Gmail address to complete the form or email dvs@ucsc.edu if that is not possible
and then, the form is behind... a Google login wall
Theres no turnkey solution (of course not, it is prohibitively complex to architect one), but the bits and pieces are there, built on tried and tested software. For example, SMB and rsync and their clients, are practically enough to do backups.
Well, i don't. I have my local file storage. Contacts and Calendar get synched, thats it. These get lcal backups, but aren't important so or so.
It's also not at all appropriate to claim people are "developmentally challenged" simply because they don't feel comfortable backing up their own data regularly to an external device. As such I have also flagged your comment.
Not an average or "normal" computer user? Granted. Not a normal person? No.
Any lawyer can file a complaint in small claims . OP has paid for a service and has a contract
TOS is binding to both parties .
WTF is this about? So you think anyone proficient in hardware/software lives in a basement? This kind of derogatory statement does not belong on HN.
It’s the snobby part that I’m critical of
It only means that the content is not valuable for them. I know people who created Google Account only because the phone required them to and they do not even remember the password or username, and do not use Gmail (why use email when there is Telegram). If they lose the phone, they would just probably make a new account.
If you were an investor or trader, managing millions of dollars, would you keep the only copy of critical information in a cloud? I don't think so if you are a reasonable person. Would you keep the only copy of a cryptowallet key in a cloud?
Seeing how Microsoft is doing, they’re going to learn this lesson sooner or later.
I don't think the idea that they could lose access to their accounts occurs to most people. I've done enough business continuity and disaster recovery work with small business to be confident in saying it doesn't occur to small business owners. I'm not sure why individuals would be any different.
It's very hard to put yourself in the mindset of a non-technical person.
Most people do not store anything valuable in the cloud anyway. The only problem is that they won't be able to login into Windows if MS bans the account, and they won't be able to install apps if Google bans their account along with phone serial number.
"It just works" was practically a mantra for Steve Jobs, now we turn around and blame users for thinking that it will work
Backup sounds nice and is necessary but is always out of date and recovery is totally impractical .
Many/most of the assets like indexes , references & creds can’t be reasonably backed up and recovered .
You don't have to self-host everything in your basement, and you don't have to hand your entire digital life to Google or Apple either. Mail, CalDAV/CardDAV, Immich, Nextcloud, OpenCloud, OpenTalk, web hosting, Kubernetes, simple VMs.. whatever ... fully managed, run by local or independent providers or by the company behind projects, without Big Tech lock-in. If chosen wisely, you can migrate, take over, or bring it in-house when you want. Just spend a few bucks and do some company research. Same as you would when choosing craftsmen, lawyers or something else.
For example, that's actually how we operate as a company for some of our customers and even a few single persons: we provide SaaS AND setup documentation. Customers can transparently take over at any time. We even help separate domains, credentials, and administration from us. Convenience without captivity. I am sure there are hundreds of shops like ours, providing comparable services for people in their wider neighborhood.
There was a time when I accidentally deleted some photos of which I had only one copy. I blamed myself for being stupid not having a copy but also money was tight for additional drives.
Then there is this: depending on a service provider and then blaming them for something like this. The problem is that now you are losing trust in service providers (of which there should be little to begin with) and on top of that you are also blaming yourself for depending on them. However you have to create a trust model where your fault allows you to have a service helping you with it while a fault at the service provider will allow you to restore data from your end too, getting the best of both worlds.
MacOS and Windows / Google with always logged in systems that lock you out completely at their will is an example of how your devices are not owned by you to begin with and then trusting them with your data as well means your digital life is basically owned by them completely.
Now imagine that there are no humans to solve this but endless LLM bots that respond with generic responses because the LLM has never seen a problem like this. I want to point out that owning your data and hardware is really important if you depend on it and your business especially does.
In a complex modern society, we can’t all be expected to have backup plans to the Nth degree.
Is it possible to bore for my own water supply, install solar+inverter/battery backup for electricity, get a medical degree to treat my own wounds? Sure but most would say it’s not reasonable.
It’s why we have regulations and ombudsmans for healthcare, transport, finance, water provider, electricity providers, communications providers etc.
Oddly missing from that list is critical technical infrastructure providers like Microsoft, Apple and Google.
This is why I suggested to have a dual model. Leveraging the cloud and services is really a good choice as long as you have backup systems running independently as well. Your backups may not be as powerful and full fledged as the main provider but in case of emergencies like these, you still own your data and hardware and don’t panic.
In this example a weekly backup of iCloud to a drive connected to a pi with rsync could be a simple solution. 6tb is not even that much given that 500$ gift cards are being used by the author. The backup is not great but it is easy to see why it’s also necessary to own your data.
Regulations exist because it’s impossible for any one person to handle everything that needs to be handled.
Uh, the guy writes programming books for a living.
But since he's all-in Apple he could just use Time Machine to some sort of NAS and get a more streamlined version of the above.
Just because you know objective-c doesn’t mean you know a damn thing about raspberry pis, backup programs, NASes, or anything else. It doesn’t mean you know or want to manage your own network infrastructure. They’re a Mac app programmer, not a Linux professional, not a micro-computer professional, not a network engineer, not a sys admin.
Time Machine wouldn’t work here, because it needs the files locally and he’s already stated he doesn’t have a 6tb drive.
> he’s already stated he doesn’t have a 6tb drive
Someone who uses a $500 gift card to renew subscriptions could afford one
Which is not an unreasonable thing at all considering it's literally marketed as a storage solution for your photos, and a top of that even encourages users to store originals only in the cloud.
A simple usb hard drive will actually do, no need for a NAS. The only action required to implement proposed solution is to check "Keep all data on this Mac" in both photos and iCloud Drive settings. And to be extra cautious add a second backup drive from another vendor (to be extra extra cautious don't use Time Machine for the second drive).
For the specific case of thoses that don't have a big enough internal drive they might need to store data on an external drive. But if you do have 6TB of pictures you normally should ask yourself if a RAID1 or RAID6 is not warranted at this stage.
In conclusion it's not a binary decision there is lot of room between "I solely rely on the cloud" and "never trust the cloud".
Bad analogy. A better one would be having a torch in case of power cuts (done that) having some extra food in the house in case the grocery delivery fails, having some basic medical supplies in the house, having mobile internet connection in case your broadband fails etc.
Having backups of your stuff is an emergency fallback
I’m feeling attacked. Here I was thinking my lifelong work of self sufficiency for my family was completely reasonable until you came along. Thanks a lot!
I once had to help a relative sue a bank who had closed his account after he refused to answer their very intrusive questions (they wanted to know details about distant relatives living in another country). They also refused to return his money (tens of thousands) and refused to explain why. No amount of complaining or escalating made any difference, although we did manage to get a nice recording of an employee saying that he thought the bank was in the wrong.
It took me issuing court proceedings, plus several more months of negotiating with their lawyer, before they finally settled out of court. Even then they tried to not pay the court fee, and they tried to get us to sign an NDA (I refused to budge on both). Altogether, it took 6 months to get the money.
Similar to how people in this thread are talking about mitigating reliance on cloud providers (e.g. with offline backups), I now do not trust any bank. I avoid being in a position where any one bank can ruin my life. That means having multiple accounts and spreading my money around.
Luckily for me I have a legal background so when a corp (big or small) does this sort of thing to me I don't hesitate to sue them. In almost all cases this causes them to "wake up" and start taking your issue seriously, in a way that the front line customer support reps never do. I recommend this to the author of the original post.
It's my understanding that banks really don't want your money once they've closed an account, they want you to take it back.
Bigger banks, at least in the US, usually do this.
It baffles me how much this community is opposed to Bitcoin (and fails to delimit it from the rest of the crypto-scams on going) when, for me, it is existential. When you go through 1-2 experiences of bank-freezing and you realize your life is literally at stake here, the abstract debates about energy consumption or speculative bubbles feel like they come from completely misinformed individuals.
It's like watching someone on a rail track arguing not knowing what is about to hit them.
iCloud literally encourages users to opt for storing originals only in the cloud. It's marketed as such, it nags you about this every now and then, and iCloud is the preinstalled default cloud storage on every iPhone. Consider non-techies dealing with this too.
Convenience is a hell of a drug.
Concerning all those 'bricked' devices it would be really nice to get some more details concerning the 'block'.
Can you use your iPhone to call someone, can you use your MacBook overall? Login, use Apple Passwords(!), looking at photos within photos app and so on...
Or are all those devices completely locked?
If they’re shared, surely someone else can still access them?
To me this is the biggest problem. Just like a bank can decide to close your account at any time, it's reasonable that Apple (or any business) could do the same. But they can't keep your stuff.
You can say "don't be naive and assume your cloud data is safe", but in today's world that's like saying "don't keep your money in a bank". The reason I pay for iCloud storage is because it's supposed to be safe (safer than my local HDD going bust or getting lost).
While I agree that entering a dark alley shouldn't result in ill effects, if ill effects happen in said dark alley it is still worth the discussion to remind people to stay out of dark alleys in today's day and age (or until the root problem, whatever it is, is improved).
Pretending that it is OK to enter dark alleys and forcing blame elsewhere will continue to have people unwittingly enter dark alleys.
This is not a dark alley. It's the main street. It's the world we live in. iPhone has more than half the market share in the US and well over a billion users worldwide. Moreover, Apple, Google, and Microsoft collectively monopolize consumer operating systems on both mobile and desktop. Try going into a retail store and buying a computing device that is not running iOS, Android, macOS, or Windows. That's the reality for most people.
The dark alleys are the non-mainstream options that hardly anyone knows about.
[1] https://www.youtube.com/watch?v=taJ4MFCxiuo
I don't know why some people have made "convenience" into a dirty word. Almost everything we do is for convenience. You could live in a remote log cabin with no electricity and grow/hunt your own food, separating yourself from most of society, but that wouldn't be convenient or pleasant.
Individual consumers have very little power over the market. There's a collective action problem, which is why governments and regulation exist... or should exist. The way I see it, the root problem is a massive failure by (corrupt) governments to protect consumer rights.
Perhaps the root problem is that we've blown too far past Dunbar's number to be able to deal with the societies we live in. All of these systems we've contrived to mitigate the trust problem are full of holes.
As for convenience, that carries a tradeoff. All of the technology and all of the revolutions we've had (agricultural, industrial, information technology) have come with these tradeoffs. Even the log cabin has downsides compared to the nomadic hunter-gatherer lifestyle.
I think the US government did start that way. Maybe not "corrupt" as such, but the United States was founded by plutocrats and was clearly designed to protect the minority of plutocrats against mass democracy.
> Even the log cabin has downsides compared to the nomadic hunter-gatherer lifestyle.
Yes, but I'd say the nomadic hunter-gatherer lifestyle has even greater downsides, and our current state of convenience is in many ways a vast improvement over the precarious existence of our distant ancestors.
The real solution is to have a neutral, efficient and formal process under supervision of regulators to have such case escalated and handled.
I already see all the tech-bros coming: “you see it was not an issue, they reinstated the account after you posted” while ignoring there are silent victims.
Not only does no one read it but it seems like they are intentionally designed to be difficult to read.
They are written by lawyers for lawyers, not for common people to read.
Of course, that doesn't help in the US with its vicious Supreme Court endorsing the most blatant abuses under cover of binding aritration.
There should be laws to protect people, instead of blaming victims.
This leaves you with just about zero cloud storage solutions that you can use.
Yes, yes, you can rsync your files to your NAS. Now explain that to your non tech-savvy neighbors.
We really need laws for this sort of thing. They should have included it in the DMA for gatekeepers.
[Quote]
Yes they do still get activated at the checkout. But when you go to redeem, the code is missing the last digit or two so it doesn't work. People take the unactivated gift card, tamper with it to get inside carefully so it's not detectable, scratch and get the code, remove the last digit or two, replace the scratch off layer, put the unactivated gift card back on the shelf. Then after you activate the gift card at the checkout, they redeem it.
[/Quote]
From this discussion
https://www.ozbargain.com.au/node/937339
ACCC (Australian Competition and Consumer Commission): The primary enforcer of gift card laws, ensuring businesses comply with the three-year minimum expiry, clear terms, and fair practices.
An even more egregious case is the corporate credit card. The company dictates its use exclusively for business expenses, yet pushes all the liability onto the employee. The business gets a massive, interest-free credit line with absolutely no risk. The company gets the float, and the employee gets the bill and the potential credit damage if anything goes wrong.
</rant>
Gift cards are the best proof against the existence of the homo economicus, that's for sure.
We should probably normalize Chinese Red envelopes because honestly I'd take a nice envelope with a hand written note and some crisp bills over the annoying gift cards (https://en.wikipedia.org/wiki/Red_envelope)
Even if you like their services, who knows what they'll do when they have access to your credit card information directly. I can completely understand why someone would pay for their services with gift cards bought from a well-known, respectable store instead.
In fact, it is far worse than paying with a credit card directly in terms of risk. At least, when something goes wrong (which rarely ever happens), the bank has your back. On the other hand, I have seen too many cases where people find their gift card codes invalid.
Not really helpful when your account is the important thing though, you can't do a chargeback without your account getting banned.
In fact, the NSW Civil Administrative Tribunal explicitly requires the Tribunal’s explicit permission for a person to be represented by somebody else, including a lawyer.
But tribunal's decision is binding on the commercial entity, should it be found at fault and incurs penalties for avoidance or non-compliance with the decision.
Sure, but if it's a corporation, who is going to represent the corporation besides a lawyer? In the US, some states explicitly do not allow a lawyer and require a different officer of the company represent them, but plenty do allow lawyers.
If Paris is taking Apple to the tribunal, there's no single human equivalent to Paris on Apple's side. This seems like the exact sort of situation where a lawyer is approved to represent somebody else.
Stripe terms allow them to hold the funds until 'investigation' is concluded but while held, they have the right to invest the funds and keep the profit.
Under common law, lawyers (in the US sense) are not required on either side in the case of handling a dispute or a small claim.
Specifically in Australia, the company would have a complaint department, and the case would be dealt with by a complaint officer, not a lawyer.
If the scope of the case exceeds the tribunal's authority, the case is handled in the state's district court or in a federal court for cross-jurisdictional matters. The official title of the person representing the defendant (e.g. a company) in a courtroom is the barrister, but the case documentation and legal advice are provided by a solicitor.
We send an in-house lawyer to represent us at every mediation and hearing.
Every complaint that goes to an official body is dealt with by the lawyers at that point. Only if they complain directly to us does our “complaints department” handle it.
In many legal jurisdictions, a 'demand letter' holds weight. These can be served by courier, with proof of delivery as valid. One aspect of such a letter is a hard, specific time by which you will start legal action, along with associated additional costs.
You have two paths after the letter. The first is small claims court, or normal court. In many places, small claims court does not allow lawyers, and the judge will even have to explain any confusing terms.
Which means the playing is leveled, including reduced or no disclosure requirements, and legal cost assignments. Where I am, it's $100 to file.
The goal is to force a fix, at threat of legal consequences.
I am sending an email.
You would be better off in the US. Trust me, nothing creates bigger fuzz than complaining to financial authorities.
Apple Pty Ltd, PO Box A2629, Sydney South NSW 1235
Regulatory agencies can forward complaints to other authorities and act based on them even if they can't resolve the particular issue for the complainant.
2. Last time there was a post where this happened to someone, I looked into what you can do if you're locked out of your Apple ID or Google Account.
I know people will say "just self host", but all of the self-hosting solutions are not friendly to families or non-tech people. Telling my extended family to tailscale into my server to look at family photos from vacation is a total non-starter. All of the self-hosted solutions are also just way less smooth to use than the built-in integration iCloud or Google Drive gives with devices.
That said, there are straightforward options to deal with this (at least the data part), if you plan ahead. The high level strategy is to setup backups that let you get _a copy_ of your data not tied to any login you don't control. It's a bummer to have to go through these hoops, but again pragmatically, I'm stuck using these services to participate in modern life.
For Google Drive, you can rclone your data to a computer of your choice to get a copy of your data not tied to Google Account. It will even convert G-Suite files to Microsoft Office format, so you have a copy of the data offline.
For Google Photos, I'm not aware of a great way to get the data - rclone only gets low quality copies of photos. I'm an Apple user, so I didn't dive too deep here, perhaps the HN hivemind knows.
For iCloud and Apple Photos, you have a lot of options. You can use Parachute backup or the PhotoSync App to get a copy of your data not tied to your Apple ID. If you have a mac, you can also setup your mac to download everything offline, and do time machine backups - they are not tied to your Apple ID.
I will also add Synology NASes have a super, super easy to setup way to do all of this stuff (HyperBackup plus Synology Photos app) that's borderline worth the cost of admission on it's own, even with Synology's recent turn to the dark side. If you have non-technical family, you should strongly consider pointing them in this direction, if you can use a smartphone you can probably get this working.
The built-in integrations (iCloud, Google Drive) are smooth right up until you’re locked out or forced into changes you can't control. Obviously.
There is a middle ground though: managed service providers (per-service). You don't have to self-host everything in your basement, and you don't have to hand your entire digital life to Google or Apple either.
All of the options outside of the big ones (iCloud, Google Drive, OneDrive) seem vastly more fiddly and difficult to share with non-technical people. e.x. sharing a budget spreadsheet with my wife, shared photo albums, and so on.
If there are other options out there that work as well as iCloud or Google Drive, I'd love to learn about them.
The best I've been able to land on is making a local copy of the data under my absolute control, while using one of the top tier providers for my "live" copy.
I kind of self hosted for decades on a virtual server until I couldn’t keep up with it. So much stuff broke something in the stack, bringing the server down. Often, I had to initiate a full lock down on everything before going up again, consuming a day’s effort or two.
It's hard to believe EU governments are actually considering mandating iOS and Android as gateways to access government services. It's a level of ignorance that's unfathomable.
This story is also exactly why I invest precious time running a Linux machine in the basement that rclones my cloud drives locally, as well as having full local copies of my webmail contents.
While I agree in principle, it's not so bad. If you get hit with an account ban, you just get another device to work with the government.
There's a good reason behind this approach, even though I don't think the benefits outweigh the downsides. These apps are supposed to be the phone equivalent of the NFC chips inside of passports and ID cards, which have all kinds of encryption and verification inside of them. They have to be protected against malicious data extraction, manipulation, and other fakery.
Phones do have the ability to do that, even free ones, and even regular desktops and laptops. How they do it kind of depends on the implementation (whether you call it a "secure element", a "TPM", or a "trusted execution environment"), but they all come down to "hardware proof shows that this digital signature is not extractable or alterable". The data isn't supposed to be something you can access, like a password, but something you can only do signed reads from, like the physical ID chips.
In iOS, that part runs entirely on dedicated hardware which will refuse to run non-Apple code, which is probably the best approach. On Android, there are more options and many phones run a software version of that concept in a dedicated separate virtual machine to save cost on physical hardware. The security of that virtual mechanism relies squarely on the early boot process having been verified not to be altered by malware. That's what the Google verification library is for in this case.
This approach can work just as well on other hardware with dedicated TPMs (although a lot of free software enthusiasts will tell you those are evil contraptions designed by Microsoft to turn your unborn children into little versions of Clippy) or dedicated encryption modules. However, you'd need a common enough, accessible API for those to function. That's actually quite easy on Windows and macOS, but Linux TPM support is rather woeful at the moment, especially with how uncommon things like secure boot (even self-signed secure boot) are.
In practice, nobody is going to buy a special sort of yubikey to log into their government's tax portal. Dragging people into basic multi-factor security has been a challenge that lasted decades.
However, pretty much all citizens already have phones capable of top-of-the-line security verification. Developing a free app is a lot easier than implementing cross-platform HSM support for a novel authentication mechanism.
All of this comes at the cost of having to run vendor-approved software. That's a huge problem for a lot of HN visitors, but those people form a sliver of a fraction of the population. I'm willing to bet the EU's digital access is inhibited more by the amount of old people without cell phones than the number of people who care about free software.
I personally feel like outsourcing this kind of trust to closed source implementations of vendor blobs is a terrible idea, but it's hard to find an accessible alternative that provides even the lax security properties those blobs provide.
Something I do find lacking in discussions about these technologies is how much the EU is relying specifically on American vendors here. America has been shown to be an unreliable ally that will gladly force the EU's hand with whatever mechanism comes to mind for extremely arbitrary reasons. There is a distinct lack of European alternatives when it comes to accessible secure computing, and I'd rather see the EU invest in local alternatives than go all-in on the security promises from Apple and Google.
That lack of specificity, to me, is why Apple has been able to implement malicious compliance. At the same time the lack of specifics risks companies leaving the EU market in its entirety due to regulatory unclarity with high fines.
https://ec.europa.eu/commission/presscorner/detail/en/ip_24_...
How are people handling this these days? If i wanted to ensure a full backup of everything on my iCloud to a NAS, what's the best way these days? Seems like they make it difficult by design..
You could put Immich data on a LUKS volume I suppose, but then you have to fiddle with your server every time it reboots.
I did PhotoSync for a while, but now I just set up my Mac to download my whole photos library, and do Time Machine backups of my Mac. This gets two copies of the data not tied to my Apple ID (the one on my Mac's local disk, and the one on my NAS on the time machine volume).
What I’m not sure about is how to backup things like iMessages, Notes, and my Contacts. Every time I’ve looked, it appears the only options are random GitHub scripts that have reverse engineered the iMessage database.
1. https://immich.app/
1. https://nextcloud.com
The reason is simple: photos require much more processing and focus on performance. In addition, photos take up much more space, so while my Nextcloud instance runs on an SSD, the photos reside on an HDD, mostly in sleep mode.
[1] https://www.photoprism.app
https://github.com/ReagentX/imessage-exporter
I don't have a solution for iCloud Drive, as there wasn't a keep offline setting last time I checked. So use it only ephemerally.
There is a keep all files offline setting for iCloud Drive (turn off "Optimize Mac Storage" in Systems Settings).
1. https://www.arqbackup.com
#!/bin/sh rsync --iconv=utf-8-mac,utf-8 -avh --delete-after --partial --progress /Volumes/myExternalDrive/Photos\ Library.photoslibrary myuser@mylinuxmachine.local:"/srv/myExternalDriveBackup/"
(note: tested with brew rsync, IIRC the default rsync is outdated on macOS)
Somewhere in the directory structure is a folder /originals/ which has all the actual files.
Note that this is only a last resort backup. Restoring the library as a whole requires a Mac with a compatible OS version. Restoring without a Mac would only get you the originals, so only the out-of-camera files (jpg, heic, raw), with no edits or metadata changes from Apple Photos applied (Apple Photos doesn't touch the EXIF data). You'd probably also lose the video part of all live photos, as the live video files stored as separate files and not part of the .heic files. They're there, but not very usable.
An alternative to this workflow is to export all photos (with edits applied) from the Photos app, but honestly I'm not sure if that even works and how long it would take for multi-TB libraries.
Google and MS don’t charge as much as Apple for storage, and you probably need you need to pay beyond the free limits, but it’s not a huge expense.
Once your installed Google Photos and One Drive on your iPhone, just tell the apps to sync all your photos all the time!
Now I appreciate that isn’t for everyone.
But it works, is reliable, and requires no technical knowledge of running your own service.
The other thing to do is setup a Mac that synchs all your iCloud data, One Drive documents and Google Drive.
Then back up that device with Backblaze.
This gets expensive as a Mac with decent levels of storage isn’t cheap!
I live in fear everyday or my primary Apple and Google accounts getting locked!
I’ve had accounts since day one of iTools and very shortly after Gmail launched….
If you take all of your photos from your phone, you don’t need your Mac at all. Google Photos will sync directly.
I wouldn’t use BackBlaze (the $7 a month service). It doesn’t support NAS at all and it has to phone home every 30 days or it will erase anything that is stored on external drive.
I would use an app that backs up to their B2 service.
I personally just use my personal AWS account to back up my Plex media and just use the AWS s3 sync command using the AWS CLI and store everything in S3 Deep Archive. It’s less than $2 a month for 2TB.
Wasabi is much cheaper than AWS as well.
Finally the best solution for backing up your iCloud Photos is definitely Immich. Set it up on your own NAS or a VPS, back up to that, and then back up that server to an S3 storage using rsync or restic. I’ll note that I still backup to Backblaze because its so dang cheap.
I spent months trying to find the best setup a few months ago and this is by far the cheapest.
But still, this shouldn’t be required for normal people. They should get what they pay for.
It’s actually more nuanced. It will back up files on a USB attached drive. If it doesn’t see the drive attached for 30 days, it will erase the backup.
If you have your computer off for more than 30 days and you bring your computer back on and the USB drive isn’t attached when it connects to BackBlaze, it will erase it.
Yeah I’m not going to trust my storage to Wasabi.
AWS S3 Glacier Deep Archive is $1 a month.
Only if you’re backing up nothing and using non-encrypted files and making sure you don’t delete anything (rsync with delete turned off). I tested this not even three months ago. I hit $30 with only 3 tb of data with deep archive while wasabi AND backblaze cost less than that. No need to even trust a single provider. If you’re never changing your files AND you don’t care about encrypting them then yes GDA is fine and pretty cheap. Otherwise wasabi and backblaze get more done for less cost.
I am definitely a fan of B2.
I wasn’t talking about B2 though, I was talking about Backblaze personal, which you can run on a NAS with a docker container.
It copy Photos, iCloud files and my mails once every days to S3 with incremental backups.
It requires to have a full copy locally.
Works great!
It is not hard to configure once, with the proper folders and settings.
yeah that's the thing. When my iPhotos library exceeded 1TB I lost the ability to store the full local copies. Since then, iCloud itself has been the sole source.
Looks like there's some decent, reasonably priced apps to handle this like https://apps.apple.com/us/app/parachute-backup/id6748614170?... (no affiliation)
https://support.apple.com/en-us/102208
I wonder if it can calculate (estimate) how big of an external disk I'll need. My wife and I each have 40-50k photos and a few thousand videos in iCloud Photos.
Even doing this yearly can save the immense sadness of lost memories. And of course, this works for emails, and everything else.
If you encrypt it, make sure you use a method not tied to any external service, or the machine you're on. I don't use Apple, yet I suspect that an encrypted external backup might be tied to your Apple ID, or some such, because that's how the world flies today.
I wouldn't bother to encrypt, it's just family photos and I wouldn't want to complicate restores. Especially if it was my wife who eventually needed to use it.
Weirdly, that number is different than Immich’s estimate of my photo library (95 GB vs 150 GB), but perhaps good enough to get you in the ballpark.
seems pretty high touch. A lot of hoop-jumping if you don't have a mac in the middle
How do we know using such a tool won’t trigger an account lockout? How ironic would that be.
Been running it for a couple years without issue. But yes your milage may vary.
I do have a Mac so it didn’t seem difficult to me, but I accept it will be for those that don’t.
:)
I’m being dismissed by I run a rather large homelab and I still want my photos iCloud like, where end devices decrypt and run ML. Immich is a Google Photos clone where you give it everything and some server does all the magic.
You could even set it up so that it could only backup over tailscale or wireguard through a tunneled connection so ALL of your traffic is e2e.
Syncthing is wonderful, and does a great job of syncing between an Android phone's photos/videos and a laptop. And if you have regular automated backups of the laptop, you'll have backups of the photos/videos too.
For an iPhone, perhaps you could use iTunes to sync to a computer and back up that computer.
(One of these days I’ll setup my NAS to backup offsite fo a #3 backup).
I know that others with Macbooks sync their whole library to their Macbook and then Time Machine to a NAS as their copy #2. Is this vulnerable to the problem in TFA?
I will also never have an electronic ID. We (Switzerland) were dumb enough to vote yes for it but we are giving away our freedoms eventually.
We need regulations to ensure vendor cannot lock in users and cannot threaten them. Everything should work like if you have your own domain and use email. If your provider go nuts, move your hosting and change your MX and point your local copy to it.
This should not be reserved to some nerd like me, it should be an universal right.
It is already late, but it can be reversed. We need for more sotires like this one to errupt, so people understand.
I personally prefer this to sending a copy of your ID and a video with my face to someone verifying service provider that verifies my identity for a bank or some website.
[1] https://www.eid.admin.ch/en/technology
What's the link with the rest though? Your government already knows you, whether your id has your information printed with ink or stored on a chip.
Belgium has had electronic id for decades now and I fail to see how it has taken away any freedom, but it has enabled people to get their official documents online without having to make appointments in person in most cases.
With things like age verification becoming mandatory just about everywhere and actual privacy-conscious digital age verification being very difficult, there's definitely a risk towards abuse and badly designed authorization mechanisms (although the EU's open source backend and frontends should make it easy for other countries if they do actually care about privacy).
Yes, ideally a trusted intermediary would do something like… read your digital ID (which stiLL doesn’t guarantee it’s you providing it, up to a point), examine a birthdate, and sign an attestation to a liquor store that “this user is 21 or older” without you ever having to fork over your name, address, or biometric details.
The will to enforce such measures, at least in the US, seems low.
[0]https://support.google.com/googleplay/android-developer/answ...
[1]https://www.digitaltrends.com/phones/google-play-store-wants...
[2]https://digital-strategy.ec.europa.eu/en/factpages/blueprint...
But it also requires id in France, even for people who don't have an eid. Or in the US, and most likely just about everywhere in the world.
I don't see how this is related in any way to having a chip on an id document.
Exactly, for all the victim blaming in other comments, try to explain 3-2-1 backup to non-technical people and you'll be met with glazed eyes.
Sadly I think it's going to take more people losing their irreplaceable data and for the network effect of having it happen to someone close to actually see any change.
There's a surge of people losing their Google accounts with hackers abusing parental controls at the moment, although I suspect a lot of those people will just move to Microsoft or Apple thinking they're safer until they get burnt there too.
As more non-deterministic AI is built into abuse systems it's inevitable that there'll be more false positives, couple that with impossible to access human support to override the decisions, it's a risky time to trust your irreplaceable data with anyone but yourself.
You could do everything right and still get locked out.
It's not really about winning the claim. It's about getting them to acknowledge you and hopefully resolve it before the court case comes up. That is, you want them to "settle" by restoring your account.
IANAL and YMMV.
(With the exception of some services like their credit card, but you can opt out of that more easily than any other arbitration clause I've seen.)
I've had to do it before, also for a gift-card-related problem (different from yours), and I was contacted by a member of the Apple executive escalations team a couple days later.
I imagine it could be helpful to other people in the same situation.
I did read about part of the product development org having a standup about trending social media cases, and prioritizing followup on items that were under public scrutiny.
Believe me, I have no desire to defend Apple. Their behavior absolutely sucks. I just want a good resolution for the author of this blog post.
I can understand this happening if it was a freshly created account topped up with a sus gift card but it’s unacceptable that the first action is to completely block an account with history.
Even more concerning is the nonchalant support response to “go create a new one” with emojis. C’mon Apple — this is just a terrible way to respond to this situation.
If the only way to get your digital property back is a public plea to your Lord, that's called feudalism. Everyone should be treated fairly, not only those who can get their public pleas heard.
Just like landlord can't just lock you out of your house, with all your property inside, but has to go trough legal process, we need to have legislation and regulation for the same with digital property.
Given how invested you are in the Apple ecosystem I can’t fathom why you would go get an Apple Gift Card from a store to do this kind of transaction, though. It wouldn’t even cross my mind to do it that way.
You can even use this to get an effective discount on hardware, as you can use your Apple account balance to buy from Apple.
Obviously I'm not claiming it was OP's mistake, that wouldn't make me any better than the guy who was telling people "you're holding it wrong™".
We are obviously not going to get a fuller idea about this situation from a blog post, and while I won't assume that the author has done anything wrong, there have been similar stories in the past where the affected individual was deliberately withholding the whole, much more illegal, story.
Presuming his innocence: What could have happened here is that the gift card he's purchased has been marked as part of a scam operation. Apple gift cards are frequently used for "tax bill" and "police fine" scams in Australia (where they are sold there is often signage informing people of that.) So potentially this person is accidentally roped into that.
Also it's not entirely unheard of to purchase gift cards for long-time users (who would normally just use their linked credit card), as the cards are often sold in the retail space with a 10% discount, or can be redeemed as rewards through points/loyalty schemes.
With all that said, at this point if he's not getting anywhere, he should approach a lawyer, as they'd be able to petition on his behalf (whether that is to Apple or to the state of Tasmania.)
If you are buying large amounts of gift cards and then redeeming them, it is critical that your purchasing patterns do not look suspicious, such as buying more things that a normal user might need: multiple iphone wallets, multiple iPhones, or similar items.
We need more stories like this hitting the mainstream news until even a non-technical person's reaction to this is "well, what did you expect?"
One day he was bricked from his accounts because he ran afoul of Apple’s ToS. The problem then was I couldn’t feel sure that he hadn’t actually done something which a reasonable person would say should result in account closure.
Paris’s case is much more strange, because it feels more likely to be a false-positive.
There is no legal right to have an account with Apple or Google, and I’m not sure I want there to be. But so much of our lives are built on these services and these stories erode our trust that the services themselves can handle the responsibility of adjudicating acceptable use. We need our digital accounts to be robust in the very long-term, even when there are bad actors who want to do all manner of bad things. And we need to feel confident that a properly empowered human reviewed the case and can articulate the reasons for a ban. When we charge a person with a crime, we tell them what the crime was and give them due process to fight it. I’m not sure I want the courts to decide these questions but we need some more due process when it comes to account termination.
There shouldn’t be a legal right to an account, but there absolutely should be a legal right to sit down with someone from the company to plead your case, understand why the account was locked, and at least be given the opportunity to gather your things if they decide not give you a second chance.
If you get evicted from an apartment they don’t just change the locks and keep all your stuff…
You could make it so costs for arbitration could be paid up front by the person appealing and then if the account deletion was deemed wrong the company refunds said user. Could probably apply to monetisation on YouTube that I see withdrawn for very dubious reasons too.
We need a constitutional amendment that prevents binding arbitration agreements, which removes judicial review from public accessibility.
There absolutely should be a legal right to pursue this through the courts (which require a response from the company, to avoid default judgment).
----
My main PiHole blocks all of *.google.* & *.apple.* for many reasons. My exploration into PiHoles began a decade ago, after Google pulled a similar response-less account termination (without explanation). This left me unable to update a blog (with several million annual impressions), with no recourse [0].
[0] Unlike OP's situation, I was able to download most of my writing/photos, only because they were public-facing (website).
People running scams that will shamelessly and relentlessly pull any string at their disposal to keep their account running.
Since then I have been removing myself from the ecosystem - my email is from hey, file sync on Dropbox, obsidian for notes, whatsapp for messages. Sometimes it doesn’t feel as joined up, mostly it is way better.
Moved to framework computers + omarchy last month and am not looking back.
You should approach a lawyer to petition Apple and the Tasmanian police on your behalf.
I'm curious about the apple's passwords app. Where you able to use it? What about passkeys?
https://www.ozbargain.com.au/product/apple-gift-card
At the Apple Store, the employees suggestion (a more senior one, who was consulted) was to buy a gift card for the computer’s cost (~$1500) and pay at the online store with that. I didn’t do it because buying “virtual stuff” for that amount seemed crazy (this was a huge amount of money for me, at the time).
How many account lockouts must occur before we accept that digital life built on permission rather than ownership is inherently fragile?
My own experience with big tech account bans was much milder, so I learned my lesson without much pain. I got a "free Azure credit to learn cloud computing" email from MS, redeemed the credit, created a VM, started clicking around the settings and got locked out. Raised a support ticket, asked what I did wrong, told my account was flagged for suspicious activity. I asked what I did wrong again and got a reply that my case had been reviewed by a human and that my Azure account wouldn't be reactivated. Thankfully, my primary MS account didn't get banned for that.
Conclusion #1: it's frankly insane that a big tech company can fully terminate your account with no means of recourse. People like to mock the EU and its lawfare, but I think it is the best candidate to force the tech firms to implement some sort of firewall between their various services, so they can't terminate your access without prior notice or without compensation.
Conclusion #2: those who are reading this, don't put all your eggs into one basket and teach your friends and relatives to do so as well. That is, if you have to use the services of various big tech companies, spread them around. Have a boring account with one company that you use for free stuff, a boring account with another company that you use for paid services (if you can purchase services X and Y from two different companies, do so), a boring account with a third company that you use for getting paid, a fourth account that you use for shitposting and getting into arguments with internet strangers.
It makes me so mad, that's insane!
https://unicode.org/emoji/charts/full-emoji-list.html#1f60c
"I understand, relieved face"
Literal psychopath reply.
She told me to email Tim Cook directly (his email is entirely guessable).
I did this and within a day or two my access was restored.
Perhaps between the scammer redeeming it and the poster then trying to redeem by entering the same code, the scammer’s account was flagged and then the OP’s account terminated along with the scammer for using the same code (even though the OP had done nothing wrong).
This does not seem strange to me and could be a course of action. When I moved my domains off Google because of this type of "banned without recourse" possibility, I found a registrar that had a physical address, small office, and people listed on the company website (porkbun) so in the worse case I could fly to the office and straighten things out.
No mention of even going to an Apple store. Maybe the nearest one is very far away from him?
Mine was the same, and that's all it took. Nothing was lost, as the account itself remained the same.
Why in the world do we let tech companies adjudicate our service relations?
Maybe now we will start seeing a reversion to the people in it for the passion.
You assumed wrong. Honestly that was never case, but maybe it was better 15 years ago
Hackaday is a content aggregator site that usually has more content on these topics - https://hackaday.com
Or there are still some good old blogs out there with RSS feeds http://www.righto.com/ http://oldvcr.blogspot.com/ https://blog.ret2.io/
https://skogsbrus.xyz/dont-put-all-your-apples-in-one-basket...
Break that discipline and you are exposing yourself to this danger.
In the past people have emailed Tim Cook directly - his email id is fairly easy to find.
Edit: "I have escalated this through my many friends in WWDR and SRE at Apple, with no success."
This doesn't bode well.
WWDR stands for World-Wide Developer Relations and SRE stands for Site Reliability Engineering.
Time to say bye to Apple and Google for good...
Google and Apple can and will delete your content at any time for any reason and there is no appeals court.
Any company or entity ought not to be allowed to wield power over our lives, like locking someone out arbitrarily, let alone via some asinine, half-baked algorithm.
Why do people still do this, why??!? This is not an ignorant user! The author (and victim) has written several books about Apple tech, how do they not know that these "platforms" cannot be trusted with anything -- especially data that isn't backed up somewhere else!
Companies don't care about people, and the bigger they are the more evil they behave. They need to be treated like hostile business partners because that's what they are. They're only after money and absolutely nothing else.
This is not some radical leftist manifesto, it's the plain reality. And it's not new either. It's always been like this.
If this situation somehow escalates until they have to take action, they will already have made so much money that is not a blip.
They don’t care. You as an individual customer means absolutely nothing.
The thing is, that account was just used for dev. things for the US company, which builds/sells software for the US federal government (among the other US entities).
It would not be very wise to do fraud.
Not too keen on passkeys without an easy way to backup.
Same goes with sign in with Google and Apple.
That is why I prefer OTP all the time, easier to backup and restore.
Centralization of power in unaccountable organizations has always been a recipe for disaster.
I could suggest some slogans:
"Apple. Not even once."
"Friends don't let friends use Apple."
But I think this is a problem that merits more than slogans.
I've started on my de-appleification plan in earnest this year:
https://blog.majid.info/quit-apple/
No appeal, no reasons given, no possible way to create another account.
Just. Banned.
The companies need to be big enough to provide the amazing services they do, but once they are large enough they will never care about individuals.
My internal model of large companies is that they are intelligent, psychopathic aliens. The people in them are like cells in our body, important for the function, but with no agency, and they are not who you are dealing with.
You're dealing with the company, and it's an inhuman, psychopathic alien.
That‘s always the most kafkaesque part of these problems and should be illegal
Of course, this is absolutely silly and beyond absurd, for bad actors share information of forums, can deduce fairly easily, and even have help from people on staff.
Such actors typically know about detection and flagging methods within days of implementation. There's literally zero benefit to secrecy. None. Security through obscurity can be a beneficial additional layer, but it simply never helps here.
We really should pass a law requiring full disclosure of the precise method of banning. I can even see a 'trial' period, where accounts activated (and used!) for 3 months receive this benefit, but new accounts, or new + dormant accounts do not.
This should likely be coupled with mandated full refunds of phones or computers, as an example.
Note that this isn't a 'free' account we're talking about here. An Apple account, or a Google account is required to use an iphone or pixel in its default config, and all the features it entails. These accounts aren't free, they're part of purchase cost, and core-required.
(Even if it's a, for example, Samsung phone? It comes pre-installed, with uninstallable Google Play cruft, as part of an agreement with Samsung. Same conditions need apply here)
And Google will now be throwing up massive "OMG! You're going to install an app that isn't from the Play Store?!" warnings to anyone that tries, including requiring some degree of technical skill to do so.
https://news.ycombinator.com/item?id=45908938
You can nitpick this, but the truth is my comments are about the average user, and from that perspective, factually accurate.
it is very likely illegal to tell him. it was triggered by the use of a gift card, and therefore very likely to be AML, and in many places (I am not sure about Australia specifically) it is illegal to provide information in the circumstances.
That seems like a dangerous loophole.
Imagine being banned from all online activities without any reason given.
Am I missing something? My current perspective is that not only am I free of all the hassle that comes with building for a closed ecosystem, such as managing a developer account and using proprietary tools, it also comes with much harder distribution. I can put up a website with no wait time and everybody on planet earth can use it right away. So much nicer than having to go through all the hoops and limitations of an app store.
Honest question: Am I missing something? What would I get in return if I invested all the work to build for iOS or Mac?
- Shared clipboard across devices - Shared documents - Shared browser - Shared passwords - Free, quality office suite - Interoperable devices (use iPhone as camera on Mac, for example) - Payments across different devices (use clock to pay, for example, shared with your iPhone)
All of this with just one account without any third-party service.
And billion of things more, probably, I'm not a full Apple head.
And when I hang out with people who ARE in Apple's ecosystem, to me it seems they struggle more to get things done than me.
Why would I want a shared clipboard across multiple devices?
I guess you've never had to type something first on your laptop to paste in a phone app, or vice versa.
Or open a link from a phone messaging app in your laptop browser.
The overhead of starting it and typing "laptop.tekmol" into the browser on both machines is only a few seconds.
That seems mich saner to me than to constantly have some interaction between the two devices going on.
There are so many companies that control access to every part of your life. Your argument is meaningless because it applies to _everything_.
A trustless society is not one that anyone should want to be a part of. Regulations exist for a reason.
All the things you mentioned (registrars, ISPs, registries, etc) have multiple alternative providers you can choose from. Get cut off from GCP, move to AWS. Get banned in Germany, VPS in Sweden. Domain registration revoked, get another domain.
Lose your Apple ID, and you're locked out of the entire Apple ecosystem, permanently, period.
Even if a US federal court ordered that you could never again legally access the internet, that would only be valid within the US, and you could legally and freely access it by going to any other country.
So in fact, rather than everything being equivalent to Apple's singular control, almost nothing is equivalent (really, only another company with a similarly closed ecosystem).
Your logic makes no sense since you can easily switch to Google or whatever other smartphone providers there are (China has a bunch).
But of course those providers can also cut you off, so what I said still applies.
I've managed to reset the password, but I must answer a security question to log in. I mean, I answered those security questions probably a decade ago and I do not know what they are anymore. You can reset your security questions, but to do that you need to use an iPhone (last one I owned was a 4) that is still logged in, or, answer a security question. Which is as we established, the problem.
So every couple of months I log in, try a few other possible answers, get them wrong, and get locked out for a bit.
Anyway, I need to get this fixed my march, due to apple being the formula one streamer in my country now, so I have to actually solve the problem of logging in to my apple account. Or, I guess, making another random email just so I can watch f1. Sigh.
But if anyone knows how to reset security questions, I'd love to know. I would way rather pay apple actual money than go back to torrenting the races.
Re: "mac.com isn't doing email anymore", all the original mac.com email addresses still work fine. Apple has played around with various domains (mac.com/me.com/icloud.com) over their decades of bumbling with online services but they made them all interchangeable for older users, mails to the original @mac.com emails still go through. Even originally made aliases (they allowed 5 with iTools) still work. Not sure what your issue was on that one.
Finally yeah, ""security"" questions are one of those horrible legacy anti-patterns that I will cheer to see finally be dead and buried. If you try to answer them honestly probably anyone can learn it with a bit of online searching, if you go for more obscure stuff they're easy to forget defeating the purpose. It's really best just to treat them as extra passwords, use random alphanumeric values and keep them in your password manager same as the password. Apple has also fumbled around with recovery over the years, at one point you had options to have a manual recovery key you could save but I think that's dead and can't set it up after already forgetting. Maybe if you go in person to a store with physical ID and evidence, if you had payment associated with the account and have that credit card for example that might do it.
If you have nothing of value tied to the account though probably no reason not to just abandon it.
youremail+anystring@gmail.com will always redirect to youremail@gmail.com Before making a random email address, try using youremail+f1@gmail.com or something similar.
On a device: Settings > (iCloud user) > Sign-in & Security -> (+) {{name}}@gmail.com
If that doesn't work, then use the dot trick.. y.ourname@gmail.com = yourname@gmail.com.
you can in the meantime, and for the future, try compartmentalizing services you use. the old saying of "all eggs in one basket" applies here as well.
VPS, hard drives, etc. are cheap and keep you more in control of your own data than you're with big tech.
Is your advise to avoid all Apple hardware?
Or buy backup hardware none of which will run MacOS / iOS, so you still couldn't access things like your Apple Developer account, or any shared documents?
The stories of online-only service failures are legion. And yet if you can get face to face support, even one person can do so much. The gap is infuriating.
I didn’t notice, do you have a Brick and Mortar Apple Store you can visit? I can’t help thinking this as I read the post.
Of course this is not a physical hardware issue. Where a store employee could just hand you, say, a new phone. This is on the level of getting a slot on Tim Cook’s day planner, though I imagine the person with the ability to fix this is an underling many levels down Cook on the org chart.
https://www.youtube.com/watch?v=I25UeVXrEHQ
...and then nothing. No sorry, no "here's what went wrong", no blog post to address the angry masses, no recognition, reconciliation, or reformation. Just things working again and silence.
Unfortunately I still don't know a service I can use that will allow me to sync my current MP3s / what I have in Apple Music, and export it if I need it. There's really an issue of owning data and being able to take it elsewhere :/
I'm relatively happy with Tidal, but there are definitely a number of moments with it that make me sigh and internally say "see, this is why Spotify is winning". so much of it would be easy to change too, they just don't do it.
Well, it can always be you.
On the other hand, great learning case on putting eggs in one basket and on "own nothing and be happy".
Incidentally, the guy's .paris domain name may be next unless you are a resident or have a business related to the region of of Ile-de-France
On a meta note, Fuck Apple, I'm so glad I didn't pursue an iOS developer career 10 years ago.
This is the kind of thing they need to be sued on a massive scale for to solve but it's too rare and too expensive for anything to ever happen to them for it.
I mean, isn't writing what you said you do for a living?
Absolutely horrible black mark on Apple.
I'll be buying an external HDD to download all my photos / iCloud docs to. I've been too trusting.
Even though I:
- had my recovery password
- re-confirmed the email
- re-confirmed my phone
They just kept telling me "we'll contact you in two weeks", and kept not following.
Then after the 4th recovery they sent me my recovery link on email (in any case weeks later).
Worst of all? Their privacy and security they keep repeating like propaganda are beyond bogus. Sure, they de-logged me from all of my accounts, that I appreciate, but I had 0 issues accessing all of the contents on my hard drive if I was a thief with a simple script in recovery mode I could still access everything. Where's the security? Propaganda only non-technical normies believe and then repeat.
I'm never ever buying Apple products ever in my life, I've got MBPs that my clients send me, but that's it.
I know this might sound cynical... But the author should really understand that Apple gives less than zero fcks about them. Apple is known (and, weirdly, loved) for being tyrannical in this sense. Apple is known for their "my way or the highway" approach to anything, without much explanation and with self-attributed "we're always right" attitude.
> The Damage: I effectively have over $30,000 worth of previously-active “bricked" hardware. My iPhone, iPad, Watch, and Macs cannot sync, update, or function properly. I have lost access to thousands of dollars in purchased software and media.
And that's why people complain about Apple's walled garden. Given the size of the damage I'd look into getting a lawyer involved, and possibly try and get Apple to court (in coerce them into being reasonable).
Frankly, I'm taking note of the archived page (https://archive.is/jrsLV) that I will reference to anybody that will ask why not to trust Apple in the future. Note that Google is also known for having a similar approach (there is no way to get support if something like this happens UNLESS you happen to know somebody inside google). Amazon on the other hand has made customer support one of its defining traits.
Btw if you are doing any decent amount of tech stuff, you should REALLY get off walled gardens and at the very least have an on-premise backup solution (an off-the-shelf nas with spinning disks could be a good starter solution).
If this doesn’t get fixed, I’m going to have to rethink a lot of my digital life, including my company’s.
They feel convenient, but they will keep changing their TOS to disadvantage you further and further as time goes on.
Everything you upload is scanned into their AI to create a profile about you that they can then exploit (once again, to your disadvantage). They do it despite regulations against it (Who's to say what they're complying with, deep in their complex data centers? Who's gonna even check? And how?) This is why online services that take control of your data are such gold mines (subscription fees, analytics, profiling, etc). They get you coming and going.
And of course, the account terminations: The earthquakes and "natural disasters" of the online world that destroy lives with no consequence or care.
When your data is not in your sole possession, you own nothing.
Speaking of which, the guy's .paris domain name may be next unless he is a resident of Ile-de-France etc.......
Don´t check in to Hotel Cupertino or soon you'll be singing along:
You can have free services, you can have paid services but they ALL absolutely have to be answerable to the consumer
>I live on the land of the muwinina people. Sovereignty was never ceded.
Take this shit off your website.
Seriously can we fucking have any products that work, in the 21st century
Or is the answer just "lol automation is cheaper"
I don't know what the solution is, but I think part of it is deliberately divorcing yourself from the big players as much as you can, which isn't much for some people, and encouraging government efforts to break them up and pull down garden walls whenever the opportunity arises.
This is what government is for even if we've forgotten it in some places.
I just want to keep using my stuff, and getting on with the fun things I get to work on. I don't have a strong attachment to Apple, I have a strong attachment to the familiar productivity I normally have.
Reconsider at least that part. You can work with and use their products (as I do at work with the GSuite or AWS) but I will never recommend or evangelize for them or rely on them with things I care about.
I went to one, wanted a Pixel Fold in the spring, and was told "we'll get one". Some guy left to do so, and 20 minutes later I just walked out. Just as with everything else, when Google does it, it's half-assed.
If you can’t iforgot.apple.com, then support is your only option. No one else has access. Only Apple Support.
You have a case number, keep calling every 12 hours asking for an update.
> Looks like you've got it coming, sweetie, you knew what you were dressing when going to the neighborhood :wink-emoji:
God, I'm all for OSS and try to use it/promote it wherever I can, but it attracts the worst kind of smug, obnoxious motherf**ers imaginable.
How old are you?
Well, this is the downside of “convenience.”
If you manage to recover your belongings, I hope you stop preaching around how living in a normal apartment in society is good and everyone should accept the risk of home invasion instead of living in an underground bunker with biometric access controls and armed security.
There are other options like living in your own property, living in an RV, etc. that are better if you are worried about security.
If I was living in an apartment, I wouldn't be stashing all of my money under my mattress. I wouldn't run a business out of my apartment such that I would lose all of my equipment if I got evicted.
Similarly, I wouldn't do anything of importance on an apple computer. I wouldn't stash cryptocurrency on it, I wouldn't save my bank account details on it, I wouldn't run an important business that depends on their platforms. Because you're just renting and your lord can change the keys tomorrow.
> our landlord has a key to your home and can lock you out at any time
Illegal to do without notice and permission. You can change the locks as long as you change them back or pay for cost of doing so when you leave.
> I wouldn't run a business out of my apartment such that I would lose all of my equipment if I got evicted.
Eviction requires a legal process that takes months.
> I wouldn't run an important business that depends on their platforms.
That implies no one should develop software for Apple, MS or Google platforms.
None of this is true in the US.
Castle doctrine applies to your domicile, and is not based on property ownership. If you have a lease, it is your home as far as CD is concerned. WRT gun restriction rules for rental properties, they vary by state, but in states where they can be prohibited, it would require a clause in the lease for a landlord to prohibit a tenant from having them (and these are nearly unheard of in practice because of enforceability issues). And that still would not affect their legality in a defensive shooting.
Landlords usually require written notice to enter the premises, in advance, and cannot "lock you out at any time" without going through an eviction process if you have a lease.
Landlords opening your mail is a federal crime. Mail can only be opened by the named recipient, it's not based on who owns the address of a building it's delivered to.
Sure, in the same way that landlords aren't able to unfairly keep security deposits - they can and often do do it because it takes a lot of time and effort to attempt to get recompense after the fact, and the consequences even in that case are not significant enough to disincentivize them.
How about: you live in that apartment (your Apple ID), but keep your important stuff somewhere else?
Or do you simply have all your money as cash at home?
Let's just hope more people read the story.
I will empathize with you then and with your inability to empathize with the fact that people are different. Some people don't want to admit to themselves that this world is a wolf eat sheep world, trust that if you're a law abiding citizen, you shouldn't expect to be unfairly treated. Some people have more priorities and no time to dwell on harshness. They also would love it if everything just worked and you didn't need to spend 2 months of your life to configure things and always have to DIY everything.
They're not like me and I accept that. I will never use Apple & Google Cloud for my personal things. But I will empathize for those who get unfair treatement from these companies.
The whole meaning of a society is that we look out for each other, these big corpos have lost the plot, but I will not.
It is supposed to be : I buy a service from you, I did nothing wrong, please treat me fairly and do actually deliver on what I paid for.
That we don't trust them isn't how it's supposed to be, I wish I didn't have to do all of these things I do to keep away from big corpos, but this isn't how it is supposed to be. We're supposed to have the ability to trust each other in a society.
Apple is clearly in the wrong, and I'm certain that there are thousands of similar cases that are less public. The author is one of the best-positioned people to know and understand that. I'm sure they'll also get their account back, unlike many others.
(I can empathize with the difficult decision they'll face after that: do they continue to promote Apple, or try to reinvent their career somehow?)
"Looking out for each other", in this case, implies telling the people you care about to have backups, and helping them set up. I do that, a lot. I'd try to also help with this plea, if I had any pull with Apple.
I don't understand the sections of your comment with the word "supposed" in them. Supposed by who, and on what basis? What paid-for service are Apple not delivering? I assume they don't charge the author anymore.
PS: My plan is to wait for Apple to release a folding iPhone to move back!
https://account.apple.com/account/manage/section/subscriptio...