A long, rocky relationship with Apple products and tech support culminates with a tangled up Apple ID -- and a yearning for Linux
I recently started a new job, which I love. However, since Iโm working for a San Francisco startup, of course my work computer is a MacBook Pro.
Most people would be very happy about that. But Iโve been using Linux as my primary desktop platform since, like, 2008, so a Mac is an adjustment for me. There are worse possibilities โ at least I donโt have to deal with Outlook or Windows. Also, there are plenty of people to help me with this painful transition.
My ripe relationship with Apple
Iโve had Macs in the past. When I worked for another startup, JBoss, I was the sole PowerBook person.
At the time,ย in the dark ages of the early part of this millennium, I was traveling around the world giving presentations.ย Most of humanity, having freshly crawled out of caves, used those awful video projectors instead of big-screen TVs. At the time the PowerBook connected to more of those items than Windows did. (You donโt want to know what you had to do for Linuxโs X Windows to connect.)
Yetย far from being one of the contented masses, I always had Apple-specific issues. The company decided to hold all Java developers hostage for an OS upgrade right when I needed the new JDK most. The power coupling used to rip out of the motherboard because it was near a modem, which created a weak point in the case. Later Apple moved the weak point to the CD drive, which was under my wrist while typing, so the drive would jam.
Then there were the batteries that swelled up and broke the keyboard. There were screens that had lots of dead pixels and bright spots that annoyed me, not to mention the power cord that kept shorting out, which had to be replaced for $85.
Appleโs response each time was that it was somehow my fault. Eventually, Iโd end up buying a new laptop โ before the bad press would make Apple fix the flaw for the more patient people. My annoyance grew. Finally, the last straw: That infernal โbeg for attentionโ format of the Apple Store and the โpay to not stand around all day when the hardware is borkedโ AppleCare fee.
I went back to Dell and my beloved Linux. The laptop isnโt as shiny, but Dell comes to you when it breaks.
Me and my Apple ID
Anyhow, Iโm back in Mac. Central to Appleโs surveillance of me is the Apple ID. This is my identity to FaceTime, Find My Mac, and all of the tools I use to interact with the new center of my computing existence, Apple. Google used to be my center. Now I must pray to the ghost of Steve Jobs and kiss the feet of his successor, who has blocked me on Twitter.
I tried using my email address with my new work computer. I didnโt remember the password I used back then. No problem, I could use email validation or my birthday. I tried my birthday because itโs faster, but it didnโt work โ odd, but maybe I fat-fingered it or my ex-wife put in her birthday at some point. No matter, I used email verification and changed the password.
Apple and various software on my new Mac kept calling me a female name. I thought that was odd, so I logged in to appleid.apple.com and figured Iโd change my birthday. Now it wanted to verify my favorite elementary school teacherโs name and favorite band in high school. I wouldnโt have picked either of those because, duh, I reference music in my blog too much. I was also a terrible student, preferring the library to the classroom and asking too many questions. Apple rejected both.
I called Apple support. There, I talked to J, who was incredibly helpful and did everything he possibly could with the broken system, but I was at the mercy of a certain โAโ from Canada. We tried to change the security questions, but those sent a verification code to โA***โs iPod Touch.โ After a few other attempts, we determined this wasnโt actually my Apple ID account.
As it turns out, I still had an Apple ID from a time before Apple demanded email addresses. Unfortunately, four years ago, when Apple began asking for them, you didnโt need to verify the email address. So a young lady (โA,โ as noted above) with the same last name as me and a different first name used my Gmail address as her Apple ID but didnโt validate it.
Apple Support and I tried several different ways to let me recover my email address, but finally, I found Aโs number on her Apple ID account and texted her. Someone else answered and promised to ask A to look into this. This took four hours. Apple kindly offered me free accessories once we were done.
Invalidated credentials
Appleโs often lauded security has been evolutionary โ and often a series of โoops, weโll fix thatโ moves. Unfortunately, this goes to show you that failing to follow basic security patterns (like, is this really your email address?) allowed another person to inadvertently compromise my security.
When Apple โfixedโ the problem, it still had an unvalidated credential it had grandfathered in. This allowed me to compromise Aโs security. In this case, no one was malicious. But I donโt want to deal with yet another email address.
What Apple should have done was to treat everyoneโs not-yet-validated Apple ID email addresses as suspect โ and made people validate them or change them to a validated address. An unvalidated credential is an unvalidated credential.
Which brings us toย the moral of our story: Validate credentials!ย (Also: Linux is easier to use than iOS, and Google is my preferred surveillance and security authority.) If a credential proves invalid, donโt simply change the process, invalidate the credential, and force it to be validated before itโs used or even associated. Failing to do this not only compromises the security of the person with the invalid credential but possibly the security of the person it belongs to as well.
