It's just insane that a gift card redemption can trigger this. What's the rationale? It would make more sense if they just locked the person out of redeeming gift cards or something, not the entire account.
But reading horror stories like this is is why I only use the very bare minimum of any of these cloud services. Keep local copies of everything. For developer accounts, I always create them under a separate email so they're not tied to my personal. At least it can minimize the damage somewhat.
It sucks that I have to take all these extra precautions though. It's definitely made me develop a do not trust any big corp mindset.
If enough of these horror stories are publicized, people will learn to never buy/redeem Apple gift cards because of the real possibility of account bans.
- Don't give Apple gift cards to family and friends: You're potentially ruining the recipient's digital life if they redeem it.
- Don't buy Apple gift cards: You risk ruining your own digital life.
If you've been given an Apple gc for Christmas -- and you have paranoia of the risks -- don't buy anything online that's tied to your Apple ID. Instead, go to the physical Apple store to redeem it. And don't buy an iPhone with it because that will eventually get assigned to an Apple ID. Instead, get a non-AppleID item such as the $249 ISSEY MIYAKE knit sock.
I have thousands of credit-card reward points that could be traded in for Apple gift cards but I don't do it because Apple's over-aggressive fraud tracking means Apple's store currency is too dangerous to use.
The "gift card" in general is an anachronism whose time has passed. They have got to go. If companies are going to consider use of gift cards as red flags (as they often are, due to their being key components in money laundering and scams), then society should just abandon them. They are worse in every way than a prepaid credit cards, and in most cases where you want to give someone a gift card, you should probably just give them cash.
I'm the author of that Reddit post. I should probably update it to clarify that I didn’t just purchase the gift cards, but also redeemed them. I don’t think it was purchasing them that triggered the lock on my Apple account. I mean, after all, how would they know what my Apple account is until they’re redeemed?
> If enough of these horror stories are publicized, people will learn to never buy/redeem Apple gift cards because of the real possibility of account bans.
If you are trying to be a bad person you could weaponize that approach. You do not like person x, send them some Apple gift cards... :o
It seems you haven't learned the whole lesson. You're close, though. If you're going to be skittish, there's a better and easier set of rules. Don't use anything that involves an Apple ID.
I skimmed some of the comments from that giant Reddit thread. A lot of people responded that they’ve been buying even more Apple gift cards without problem.
One commonality among the stories in that thread from people who had problems was either switching their App Store country or using their App Store account primarily from a different country than the setting.
As soon as I heard the first one of these stories about a guy getting google broad-spectrum banned because a junkbot AI thought his completely normal youtube comment was a nazi rant or whatever else it hallucinated - I bailed on the whole shebang. Hosting your own stuff is, if you're a reader of this site, easy enough and cheap enough there's little reason not to.
I am in a situation right now where Amazon delivered a fake product. Support suggested they can also try redelivery, and when I asked what if it happens again, they said it should not happen.
It happened - fake again. Now the customer support flow is: you upload images of the product (max. three), and the system approves the verification or rejects it, and then you have a way to contact customer care. System rejected. The trick is - they do not know why the rejection happened, they are not able to tell me, they are confirming the images are very clear and crisp, but they can't do anything to help me because the system leaves them with zero options to move forward - in fact, there is no further escalation matrix either. Nada!
The bank (credit card issuer) refused to raise the chargeback because "but the merchant 'delivered' the item". But it was fake, so? No, no, it "delivered" - that is what counts, so you have to sort it out with the merchant. But they are refusing any further help. You have to sort it out with them. And so on... in a loop.
Can I take them to court? Sure. It may take weeks, months, and maybe years, and even then, in the end (if I win), the court may just instruct them to refund and possibly (possibly!) compensate a trivial amount for legal expenses, which is never even remotely close to the actual legal expenses in this country's courts.
Amazon expects you hire a consultant that is a buddy with the manager responsible for closing your account, and bribe them through that engagement to re-enable your account. They started doing that a decade ago with the mass-banning of legitimate sellers.
Not only local copies but also at least own and use one device where you have your important data that is not on the same OS ecosystem as the other device(s) - also helps with things like 2FA, password manager, etc., if shit has hit the ceiling fan on the other device.
In addition, I always suggest people to:
- Not use big tech's cloud services - ever
- But if you must, do not use many cloud services from just one provider (i.e no Google everything, no iCloud everything) i.e stop using "one account gateways".
- Needless to say, it's time you had a domain and start paying for mail hosting (at least for critical stuff - you can actually buy a very cheap plan; and use that gmail/live-hotmail/yahoo/iCloud/whatever everywhere else) [0]
- Keep an offline (but safe) copy of your "most" important data [1] and ways to remember (i.e cryptic hints) for your "most" important passwords
- Gain some experience in fighting in consumer courts/forums (depending upon your country) - start early, start with e-com companies. A lot many times we don't put up a fight because we have never done it before and we give up always because every time it's a first time. Apple and Google make a mockery of consumers everywhere because we have allowed them to. In fact sometimes when we talk of lack of accessible support at Google and Apple (yes, Apple) we speak in a disdainful appreciation or awe :)
[0] Some might disagree but disabling (or dev/nulling in a way) mail@, hi@, contact@, sales@ etc on your domain (esp. if you have catch-all enabled) goes a long way in terms of avoiding spam
[1] It's also very important to have a tiered approach to data storage and backup strategies. There should be a very, very, very small subset of your personal data, including some of your photos and videos, that is really, really small in storage footprint that you can back up/sync to multiple locations and actually pay the full price for it at storage costs via your own setup, preferably using FOSS tools (which are becoming too good these days) out there.
How much free time do you think the average person has to learn and set all this up?
“You’re giving these companies your data and then dare to be angry when you lose it? Just get a degree in computer science and host it yourself!!1! I am very smart”
The list is a bit overkill for the normal person. I would suggest just:
- Have a local backup (simple giving the storage prices)
- Pay for one email provider (less chance to ignore you)
- For important services (bank, etc.) always register also a telephone number / second email if possible (there is a low chance that both primary and secondary thing will be blocked at the same time)
I don’t mean to defend this, but I know from experience that gift cards are frequently used for money laundring. The laws against that are very strict, incentivizing companies to overshoot and block false positives.
At the same time, AML solutions tend to be a closely guarded black box which simply tells you to block a customer, finding out why is pretty difficult.
To add more to the problem, some anti money Landry solutions are … AI powered.
>At the same time, AML solutions tend to be a closely guarded black box which simply tells you to block a customer, finding out why is pretty difficult.
For a good reason! You, as a rule, really don't want to tell the customer why you're blocking them. What will happen in the end is that you will be facing federal charges for assisting the money launderers because you kept telling them what they're doing wrong.
> The laws against that are very strict, incentivizing companies to overshoot and block false positives.
Yes, in many countries they are, but I don't think the laws are dictating Apple to completely turn off the accounts, but instead dictate that Apple should take measures against it.
They could disable those gift card features + Apple wallet/pay if they suspect fraud, and if no one complains within a month, then disable the entire account, rather than start with disabling the account. Would give them space/time to investigate, and wouldn't be a huge pain in the ass when the inevitable false-positives happen, like in this case.
Ironically, I had Amazon flag and undo some gift card purchases (of cards, not with cards) that I made for Christmas, while myself thinking about this category of problem, about why cards are a mechanism for scams rather than specifically money laundering.
The cards were to family members that I normally send gift cards to at Christmas, and the activity was counted as "sus" even though I was asked to validate my card number and expiration date before being allowed to make the purchase.
> The laws against that are very strict, incentivizing companies to overshoot and block false positives.
On that note[1] is a good read (Cmd+F: "suspicious activity report"), although this specific case is about gift cards, but the AML/T&S etc. space is remarkably similar.
Unfortunately, when you access multiple accounts from the same set of IP addresses and browser signatures, you can bet Google, Apple, Microsoft, and any other large company with that level of information collection has probably correlated all of those accounts to you. The company may lock them all if any one of them is suspected of "bad behavior".
Yeah I dont remember the details but I remember a developer at a studio causing their account to lock up when google shut down the previous studio he was working woth account
> It's definitely made me develop a do not trust any big corp mindset.
I've been reading about Lovecraft's Old Ones. Apparently they have no ill will towards humans. They just sometimes cause harm without realizing it, while going about their business.
I watched an interview with Elon Musk a few years ago (circa 2018?). I'm no fan of him but he was asked about AGI and he kinda just said matter of factly, AI can view humanity as we view anthills. We don't really care about anthills, but if they're in the way of us building a neighborhood in an area then goodbye anthill.
I'm not sure if I like that take because of how horrifying it is, but I found it very interesting that harm can be caused so nonchalantly by more powerful entities, since humans already view themselves as the most powerful entity.
Most likely stolen cards. Stolen credit cards are used to purchase gift cards which are then resold to unsuspecting buyers. Think of it as stolen money laundering.
Well from my view as European working in finance. Handling money for customers to pay (buy apps) likely requires an e money license (not sure about other states). And with this there is lot of things coming, like AML and what not.
So disabling the account might be due to regulations required for the e money license.
Of course Support should be able to resolve this if proves are given
Their mega high risk - high value gift cards are effective for laundering stolen/fraudulent credit cards. Buy a $500 gift card with a stolen CC and sell it on FB marketplace for $400 - you’re up $400, the buyer saves $100, Apple get paid by the retailer and the CC company are (likely) on the hook.
Of course the actual solution here is _don’t sell high value gift cards_, or require the Apple ID email at time of purchase/activation of the card
It would make more sense to stop offering gift cards, which make zero financial sense for the consumer, but why stop offering a lucrative product that people buy because they're bad at logic, when you can just shut down accounts and greatly inconvenience people at no cost to you?
> which make zero financial sense for the consumer
Not in all situations. Because of various cross promotions between car insurance, supermarket and airlines, by using gift cards for groceries I get an effective ~9% discount every time. That really adds up over a year.
For Apple and others, you can use secondary gift card market to get some discounts too, if you wanna risk it.
One practical reason gift cards exist is tax treatment. In the UK, small non-cash gifts to employees can be tax-free under the “trivial benefits” rules (each under £50, not cash or cash-equivalent). For owner-managed companies, directors have a £300 annual cap across such benefits. Cash or cash-redeemable vouchers don’t qualify and are taxed like salary.
I created a Google developer account with a separate email due to warnings like this. Then Google closed it because I left it idle too long and I didn't get the warning email. Sometimes you can't win.
Apple is perfectly happy to take money from criminals though. My grandmother bought some Apple gift cards from a supermarket which turned out to be fake. The cards on display had been replaced/modified in a way that upon purchasing them it activated another card held by the criminals. Apple refused to take responsibility and so did the supermarket. Gift cards are loved by scammers as a way to receive and launder money, they should be subject to much more scrutiny and have stronger AML mechanisms.
It genuinely makes me a little anxious whenever I come across people whose entire digital lives are dependent on a google/apple account. Just one misstep and it's all gone
it's really hard not to have at least one single point of failure. there's a case to be made that a single cloud account actually reduces the ways things can go wrong to just one point of failure, instead of a handful.
e.g. email on a custom domain. your domain registrar is now a spof AND your email provider for your domain is a spof. and that's just email.
There's obviously a middle ground and ways to have a strictly better personal data posture than before, but it's a multi faceted problem balancing usability, security, and resilience
Gift cards are used by phishers. In our institution, we routinely get personalized spam mails (in the name of the corresponding group lead of the recipient, sent via GMail -- this is not low-effort) that ask whether they are available and, when (accidentally) responding, ask for Apple gift cards.
The rationale is that an egregore called Apple, inc. is blindly fumbling ahead, unable to see the lives it is trampling.
Note that this has nothing to do with the actual well meaning (mostly - see leadership emails leaks) people forming the egregore.
The purpose of the company structure is isolating it from liabilities, and as the regulation which would force it to recognize the damage it did is mostly missing, thus the outcome.
from the reddit story: "In the past two months, I purchased eleven Apple Gift cards from Amazon, Target, and apple.com, and added the amounts to my Apple account. The gift card amounts ranged from $25 to $150 each, totalling $905."
This is literally a money laundering pattern
The question will be why isn't this person just adding the money to their account directly, where is this money coming from, why are they structuring it like this
I had similar trouble redeeming a gift card on Amazon. Twice. (thankfully they got resolved upon appeal).
Enough that I am very wary of buying or redeeming gift cards now, especially more than one in a row.
Apparently there's some sort of scam with gift cards, which must affect any platform which allows them, and legit uses often get flagged by automated systems.
If they are so much trouble for Amazon/Apple I wonder why not disallow gift cards, instead of randomly banning users?
Gift cards carry a surprisingly high fraud/AML risk.
If a code ends up being part of a stolen-card → resale → redemption chain (which is more common than people think), companies like Apple may actually have to lock the entire account.
So the trigger might not be arbitrary—it may just be a side effect of how risky gift-card-based payments are.
I spent a long time working in finance one way or another, including as a founder/director of a small e-money issuer, and I have at least from this time ASSUMED that gift cards carry a very inflated AML risk.
Plus I have no desire to carry scrip when I could have fungible cash or equivalent, so I would not buy a gift card. I have received a few.
No to excuse Apple but I think anti money laundering laws are at least partially to blame - they vary from country to country but typically impose penalties for not blocking suspicious activity at the same shielding from lawsuits for blocking innocent users. It's like lawmakers found a way to throw due process out of the window.
> It's just insane that a gift card redemption can trigger this. What's the rationale?
If I need to guess, gift cards are sold online in money laundering schemes, also on some platforms they are used to let you buy apps from a lower priced country
To paraphrase an old saying: Live by Big Tech, die by Big Tech.
After nearly 30 years as a loyal customer
I've heard others say this (and was a "loyal advocate" of Windows for around 2 decades myself), but the reality is they simply do not care. You are merely a single user out of several billion.
Many of the reps I’ve spoken to have suggested strange things
That almost sounds like some sort of AI, not a human. But if I were in your situation I'd be inclined to print out that response as evidence, and then actually go there physically to see what happens.
This is why I don't use an os that depends on cloud functionality built into the os for much of its fuctionality. It's really stupid IMHO to depend on a closed system like this to store data.
> This is why I don't use an os that depends on cloud functionality built into the os for much of its fuctionality.
macOS doesn't require this. My Apple account has a handful of apps purchased over the years, and that's it. I could've bought them directly from the vendors, but the store makes it easier to update.
I don’t think it is stupid but the golden rule is multiple backups. I personally believe 3 backups is the minimum. A physical one and 2 others. Either another physical copy stored at another location to protect against things like fire or 2 cloud backups to prevent situations like this. But I have only ever met one person who did this. His house burned to the ground and lost all data at his house but had back ups at his brother and on some cloud service and lost nothing. I was impressed as most people I know have zero back ups.
I think we must have passed peak Apple this week or something…
I’ve had Clone Hero running badly on an ancient MacBook for my drums, so I decided to swap it out for an M1 Mini that was collecting dust on a shelf. I did a full erase, but I couldn’t get past its activation lock. At all.
This is a piece of hardware I purchased on my credit card, for my company, (luckily) linked to a phone number I control and an email address on a domain I can control, but Apple in their infinite wisdom are still locking me out of my own hardware because I don’t know the password the last employee used on the computer! I don’t want any data off it, thats gone, I just want the computer I spent money on to actually be usable!
I initiated a “recovery” process to unlock it (at Apples discretion?) and they’ve sent me an automated email saying the initial checks are passed and they will contact me again in 7 calendar days. Kafka-esque doesnt even begin to describe it. So for the next week I have to whistle Dixie!
I’ve been a massive Apple fanboy since I swore off Windows a couple of decades ago, giving them a decent high 6 figure spend over that time and influencing countless others to buy Apple devices. Well that very much ended this week & going forwards without Apple will be painful, but the message they sent me couldn’t have been any louder & clearer. The writing has been slowly creeping on to the wall for the last few years, between buckling to UK government pressure, the CSAM photo scanning nonsense, the absolute UI abomination of this new glass crap, this was my final straw.
I’m also going to be relaying their “message” very clearly and loudly now to any friend or family member considering another Apple device.
This happened to me[1] a decade ago, now. Left Apple hardware on shelf for a year or two, Apple in the mean time did their iCloud migration or something, and my login account could no longer unlock the device. It's been effectively bricked since.
Not sure if the Chinese have figured out a way for the newer ARM-based ones yet (I realise it's already been several years since the M1 was released...) but I believe most of the older x86 ones have been cracked.
I've unlocked some old Thinkpads that were similarly left locked with a BIOS password by departed employees, officially not possible, but actually possible if you reflash the BIOS and EC ROMs.
This is what most corporations want, esp for remote employees. I had a work supplied laptop and I couldn’t access via my machine account password. I could login via MFA but I couldn’t reset my local password. They made me initiate the account recovery, wait 8 days, and then I could change the password. I suspect my employer’s account synchronization tools mangled my password or changed it to a password in flux.
In that light, they are fulfilling a use case with greater market value than your conundrum. Is it annoying? Sure. Is it a problem? Debatable. You didn’t recover the passwords on the machine when your employee left. Maybe it’s your problem? Will you get in? Likely and eventually.
I’ve talked to apple support reps in the past. It’s absolutely not surprising to hear that there’s confusion. ISTR some aren’t actually direct Apple employees, so they don’t have access to certain information.
> That almost sounds like some sort of AI, not a human
It’s almost certainly not, it’s just humans being human and going off script. I worked in a place where we dealt with an enormous number of customer service requests, and one of our measured support metrics was “how often do the agents deviate from what they’re allowed to offer”.
> I've heard others say this (and was a "loyal advocate" of Windows for around 2 decades myself), but the reality is they simply do not care. You are merely a single user out of several billion.
What changed your outlook? Did you get burned by Microsoft?
Why would my government care less about me than a multinational corporation with billions of customers that isn't headquartered or listed where I live?
My Member of Parliament represents about 130,000 people, does regular door knocking to talk to people, and has a staffed office a few km away the I can walk into anytime I want.
None of that applies to a multinational corporation.
This is one of the worst stories I’ve seen yet. It sounds like they were “all in” on Apple with zero backups, which shows some questionable judgment, but still, this sort of thing shouldn’t be possible any more than a bank deciding to take all your money with no recourse. (They can close your account, but they can’t keep your money.) Maybe hosts should be required to mail you a hard drive with your data on it when they close your account. Regardless, never assume cloud data is in safe hands.
> this sort of thing shouldn’t be possible any more than a bank deciding to take all your money with no recourse. (They can close your account, but they can’t keep your money.)
I once had to help a relative sue a bank who had closed his account after he refused to answer their very intrusive questions (they wanted to know details about distant relatives living in another country). They also refused to return his money (tens of thousands) and refused to explain why. No amount of complaining or escalating made any difference, although we did manage to get a nice recording of an employee saying that he thought the bank was in the wrong.
It took me issuing court proceedings, plus several more months of negotiating with their lawyer, before they finally settled out of court. Even then they tried to not pay the court fee, and they tried to get us to sign an NDA (I refused to budge on both). Altogether, it took 6 months to get the money.
Similar to how people in this thread are talking about mitigating reliance on cloud providers (e.g. with offline backups), I now do not trust any bank. I avoid being in a position where any one bank can ruin my life. That means having multiple accounts and spreading my money around.
Luckily for me I have a legal background so when a corp (big or small) does this sort of thing to me I don't hesitate to sue them. In almost all cases this causes them to "wake up" and start taking your issue seriously, in a way that the front line customer support reps never do. I recommend this to the author of the original post.
It baffles me how much this community is opposed to Bitcoin (and fails to delimit it from the rest of the crypto-scams on going) when, for me, it is existential. When you go through 1-2 experiences of bank-freezing and you realize your life is literally at stake here, the abstract debates about energy consumption or speculative bubbles feel like they come from completely misinformed individuals.
It's like watching someone on a rail track arguing not knowing what is about to hit them.
> It sounds like they were “all in” on Apple with zero backups, which shows some questionable judgment
iCloud literally encourages users to opt for storing originals only in the cloud. It's marketed as such, it nags you about this every now and then, and iCloud is the preinstalled default cloud storage on every iPhone. Consider non-techies dealing with this too.
I do have backups of most data, including photos, but there are things you can't backup like shared actively edited iWork documents, and things like that. I can rebuild from it, but it's still a shitshow and my very expensive devices are bricked.
Concerning all those 'bricked' devices it would be really nice to get some more details concerning the 'block'.
Can you use your iPhone to call someone, can you use your MacBook overall? Login, use Apple Passwords(!), looking at photos within photos app and so on...
> this sort of thing shouldn’t be possible any more than a bank deciding to take all your money with no recourse. (They can close your account, but they can’t keep your money.)
To me this is the biggest problem. Just like a bank can decide to close your account at any time, it's reasonable that Apple (or any business) could do the same. But they can't keep your stuff.
You can say "don't be naive and assume your cloud data is safe", but in today's world that's like saying "don't keep your money in a bank". The reason I pay for iCloud storage is because it's supposed to be safe (safer than my local HDD going bust or getting lost).
To what extent is the victim their own perpetrator? They allow the status quo to succeed by endorsing it. They voted for this with $30,000 of their own money, and they will likely vote again.
The untapped answer is litigation. Call a lawyer and file against Apple. It may take several business days, and cost $$$$ but it will absolutely light a fire at Apple and get the attention of many-a-human. And if they ignore it, well, maybe a class action lawsuit awaits.
I considered this a month or two ago when Google safe browsing was erroneously putting domains self hosting Immich on the block list. My family domain got put on the block list and it took me a few hours to figure out that I needed to sign up for Google Search Console just to figure out what sub-domain got flagged.
I thought about filing a claim for enough to cover my time in small claims court, but decided not to. I didn't track my time super well because initially I though it was my fault, but, by far, the huge deterrent is the "what if".
What happens if I take Google to small claims court for damages to a domain I've been using for 20 years? I have that domain tied to a legacy Google Workspace account which was a huge mistake. It's been tied to my email for at least 15 years and, even worse, I've never owned an Android phone that hasn't been tied to that Workspace account.
I don't depend on cloud services for much, but if I want to prepare for retaliation I'd have to migrate my email somewhere else and be ready to deal with family members that have their phones connected to the Workspace account. Who's been duped into photo "backup"? Who's been duped into using Google Docs? How many Play purchases do they have? And, the big one, who's been duped into using sign-in with Google?
Google, Apple, Microsoft all make choosing what's best for the consumer very high friction compared to choices that trap users and give all the power to big tech. Even though I constantly help my family members try to understand why the don't want to get locked into those services they always get deceived into using them. The number of family members unwittingly duped into uploading all their data to OneDrive is in the range of 100%.
Apple, Google, and Microsoft need to be broken into 10 or 20 companies each. Excel should be it's own company. Phone OSes and app stores should be different companies. OneDrive should be it's own company and to compete with Dropbox with zero Windows integration. The web browsers should be separate companies. The AI divisions should be separate companies. Split them up with a wood chipper IMO.
The safe browsing scam is the biggest fraud ever because providers can't opt out of it when it "accidentally" detriments independent or self-hosted solutions.
And, importantly, go through with the lawsuit. Figure out how to quantify damages to yourself by being deprived of access to your account so even if they restore access you can continue the suit.
> I am not a casual user. I have literally written the book on Apple development (taking over the Learning Cocoa with Objective-C series, which Apple themselves used to write, for O’Reilly Media, and then 20+ books following that). I help run the longest-running Apple developer event not run by Apple themselves, /dev/world. I have effectively been an evangelist for this company’s technology for my entire professional life. We had an app on the App Store on Day 1 in every sense of the world.
I am surprised that with such a pedigree, the author doesn't already have contacts at Apple they could reach out to for that personal touch.
From my experiences with people at Apple, everyone seems so siloed that it doesn't surprise me that they couldn't help him. It doesn't seem like they have the culture where you could just drop by the Apple fraud team and ask for help for a friend.
I went to Uni with this person (though I doubt they remember me.) They have a very high reputation. If anyone should be able to resolve this, it’s them — that they can’t, and they have to go public, is absolutely terrifying and should make Apple execs pay attention.
I mean that. Exec level. This story and that this specific person cannot get it fixed indicates absolute failure.
This reminds of a joke we have in Russia which roughly translates into English as follows: "Comrade Stalin, it has been a terrible mistake!" The phrase could belong to one of Stalin's own sycophants who unluckily for themselves got imprisoned and executed during the big purge in the 1930s. They didn't understand why it happened to them.
I have a feeling that this guy also doesn't get why this happened to him and that he himself contributed towards it with the work of his life.
There was a time when I accidentally deleted some photos of which I had only one copy. I blamed myself for being stupid not having a copy but also money was tight for additional drives.
Then there is this: depending on a service provider and then blaming them for something like this. The problem is that now you are losing trust in service providers (of which there should be little to begin with) and on top of that you are also blaming yourself for depending on them. However you have to create a trust model where your fault allows you to have a service helping you with it while a fault at the service provider will allow you to restore data from your end too, getting the best of both worlds.
MacOS and Windows / Google with always logged in systems that lock you out completely at their will is an example of how your devices are not owned by you to begin with and then trusting them with your data as well means your digital life is basically owned by them completely.
Now imagine that there are no humans to solve this but endless LLM bots that respond with generic responses because the LLM has never seen a problem like this. I want to point out that owning your data and hardware is really important if you depend on it and your business especially does.
I think this argument conflates “what’s possible” with “what’s reasonable”.
In a complex modern society, we can’t all be expected to have backup plans to the Nth degree.
Is it possible to bore for my own water supply, install solar+inverter/battery backup for electricity, get a medical degree to treat my own wounds? Sure but most would say it’s not reasonable.
It’s why we have regulations and ombudsmans for healthcare, transport, finance, water provider, electricity providers, communications providers etc.
Oddly missing from that list is critical technical infrastructure providers like Microsoft, Apple and Google.
I actually really like the idea of a Digital Services Provider Ombudsman, who you can go to if you feel like you've been wronged by a big tech corp. They have a "way in" that consumers potentially don't, and they have the capacity to levy fines in certain circumstances. I love this! What's preventing this from happening, other than no governmental pressure to make it happen? I might write to my MP...
> However you have to create a trust model where your fault allows you to have a service helping you with it while a fault at the service provider will allow you to restore data from your end too, getting the best of both worlds.
This is why I suggested to have a dual model. Leveraging the cloud and services is really a good choice as long as you have backup systems running independently as well. Your backups may not be as powerful and full fledged as the main provider but in case of emergencies like these, you still own your data and hardware and don’t panic.
In this example a weekly backup of iCloud to a drive connected to a pi with rsync could be a simple solution. 6tb is not even that much given that 500$ gift cards are being used by the author. The backup is not great but it is easy to see why it’s also necessary to own your data.
> Is it possible to bore for my own water supply, install solar+inverter/battery backup for electricity, get a medical degree to treat my own wounds? Sure but most would say it’s not reasonable.
Bad analogy. A better one would be having a torch in case of power cuts (done that) having some extra food in the house in case the grocery delivery fails, having some basic medical supplies in the house, having mobile internet connection in case your broadband fails etc.
Having backups of your stuff is an emergency fallback
> Is it possible to bore for my own water supply, install solar+inverter/battery backup for electricity, get a medical degree to treat my own wounds? Sure but most would say it’s not reasonable.
I’m feeling attacked. Here I was thinking my lifelong work of self sufficiency for my family was completely reasonable until you came along. Thanks a lot!
It’s also possible this person does have some personal or external backups of stuff like the photos, but they’re not going to mention it here as the existence of those doesn’t change the fact that they’ve been extremely wronged. It also won’t help with their developer account etc.
Here is how the gift card scam works (in Australia)
[Quote]
Yes they do still get activated at the checkout. But when you go to redeem, the code is missing the last digit or two so it doesn't work. People take the unactivated gift card, tamper with it to get inside carefully so it's not detectable, scratch and get the code, remove the last digit or two, replace the scratch off layer, put the unactivated gift card back on the shelf.
Then after you activate the gift card at the checkout, they redeem it.
This is why Target doesn't have the activation code on their gift cards anymore, you have to have it added with a sticker when it is being activated now, and then scratch it off.
I back up regularly using Google Takeout and similar tools, but I don’t think it’s fair to shame this author . Even if you have backups , your recent and essential content and credentials will be locked out . 1% of your content is the most important
We all depend heavily on cloud storage and sso . Everything works fine until you are locked out .
And using them isn’t fully voluntary. They are necessary for collaboration . You end up using what your team uses .
You can try to be that “own cloud” snob but it only works if you live in a basement
Every normal person has content in Google , iCloud , OneDrive , Dropbox and maybe more. That’s 4+ single points of failure
You’re just not imaginative enough if you think you’re safe .
Lot of arrogant people here who think they are safe and better than anybody and blame OP.
It is totally normal in today’s world to depend on cloud services and reasonably difficult to do without it. In China: no WeChat you are practically dead. Here try to join meetings without account, try to send a message on WhatsApp without account, etc… a lot can go wrong very fast. What if you used your Apple account as SSO to other services ?
> Lot of arrogant people here who think they are safe and better than anybody and blame OP.
You see this a lot in the Apple "community". Apple can _never_ do wrong. Apple can _never_ make a mistake. Apple's choices are _always_ the best choices.
I don't understand why people put corporations on pedestals.
Commentators here presumably work in the industry, possibly even for 'the big companies' (I'd say FAANG but any big, life-depending, big-architecture corp, but you know what I mean, basically)
They should be tripping over themselves of "How can we fix our corporate incentives to actually deal with customer problems". Not "lol OP, sux"
it's not just about cloud service dependency, or his loyalty to Apple, or things like that. for important data you _have_ to have backups, 3-2-1 rule and all that. the fact he put all the eggs in Apple's bucket is beyond me.
sure i am dependent to cloud services as much as he is, much to my own chagrin, but at least i have all my data backed up??
I’ve interpreted it as a sort of head-in-sand coping mechanism for those low-likelihood, high-consequence events people feel powerless over. It’s less distressing to be powerless if you decide that the real issue was a fault by the victim and not a powerlessness you have in common with the victim.
It is possible to suggest preventative/corrective action without blaming OP. I find it kind of sad that you can't make helpful suggestions (to future potential victims) without someone saying you're "victim blaming."
I have content on Google and Dropbox but I have live backups. It would be very annoying to be locked out of Google, but I would not lose any data. Anyone can have a NAS, you don't need a while basement or to live inside of one (??!?)
Yes, those companies should absolutely be forbidden to behave like this, and punished heavily when they do. But until it happens (which doesn't look like it will), your data is your responsibility.
You lose the Google content , since the export is lossy (docs , sheets, slides , etc) . And most of the value is collaborative . You’ll lose anything that you contribute to that’s not in your account . You’ll lose credentials (eg sso to third parties ), messaging access .
You’ll lose indexing and metadata , like Google Drive search , Google Photos search , thumbnails .
It’s a myth to assume the value is in the backup. Most of the value you have is in the access and the application
I am not depending on cloud storage at all. What do I need to upload onto some cloud? And when I need to sync between devices, or rather want to sync, then I have a Syncthing setup on my server running. No cloud. And copies on participating devices.
Sure, it is not directly their fault, when they are treated badly by big tech. Though of course they could have been more careful, and rely less on big tech and cloud. We can all learn from this example, like many others before this one.
How do you collaborate ? Do you have friends ? A job ? I’m not being rhetorical —- it’s very rare to have friends or a job and not have some ties to the cloud. Even my tiny HOA manages its record in the cloud
Presumably, as the GP said, you're not a normal person and you live in a basement. >sigh< (I'm with a lot of what the GP said but they didn't need to be insulting.)
The solutions self-hosting storage for non-technical people are terrible. Presumably there's no market for selling a solution that gives individuals data sovereignty. I would guess the margin isn't there and a recurring subscription for something you own is probably unpalatable to a lot of consumers. So this is what we get.
> Every normal person has content in Google , iCloud , OneDrive , Dropbox and maybe more.
So, fallacy aside, the abnormals would be...
a) people that don't tech, and
b) people that saw the writing on the wall years ago, and either didn't trust the system and didn'tget into it, or those that did for a while, and got tfo.
The legal Deparment runs most companies . They are the only way to get something bespoke done (like unlocking an account ). And companies are terrified of discovery.
Any lawyer can file a complaint in small claims . OP has paid for a service and has a contract
Not saying this in a derogatory way, but that pretty much means you are not a "normal" user but someone who is tech savvy enough to not rely on someone else's cloud.
> Every normal person has content in Google , iCloud , OneDrive , Dropbox and maybe more. That’s 4+ single points of failure
It only means that the content is not valuable for them. I know people who created Google Account only because the phone required them to and they do not even remember the password or username, and do not use Gmail (why use email when there is Telegram). If they lose the phone, they would just probably make a new account.
If you were an investor or trader, managing millions of dollars, would you keep the only copy of critical information in a cloud? I don't think so if you are a reasonable person. Would you keep the only copy of a cryptowallet key in a cloud?
> If you were an investor or trader, managing millions of dollars, would you keep the only copy of critical information in a cloud?
I don't think the idea that they could lose access to their accounts occurs to most people. I've done enough business continuity and disaster recovery work with small business to be confident in saying it doesn't occur to small business owners. I'm not sure why individuals would be any different.
It's very hard to put yourself in the mindset of a non-technical person.
Readit News
But reading horror stories like this is is why I only use the very bare minimum of any of these cloud services. Keep local copies of everything. For developer accounts, I always create them under a separate email so they're not tied to my personal. At least it can minimize the damage somewhat.
It sucks that I have to take all these extra precautions though. It's definitely made me develop a do not trust any big corp mindset.
It's also the buying of gift cards that can get Apple accounts locked: https://old.reddit.com/r/apple/comments/r8b1lu/apple_will_pe...
If enough of these horror stories are publicized, people will learn to never buy/redeem Apple gift cards because of the real possibility of account bans.
- Don't give Apple gift cards to family and friends: You're potentially ruining the recipient's digital life if they redeem it.
- Don't buy Apple gift cards: You risk ruining your own digital life.
If you've been given an Apple gc for Christmas -- and you have paranoia of the risks -- don't buy anything online that's tied to your Apple ID. Instead, go to the physical Apple store to redeem it. And don't buy an iPhone with it because that will eventually get assigned to an Apple ID. Instead, get a non-AppleID item such as the $249 ISSEY MIYAKE knit sock.
I have thousands of credit-card reward points that could be traded in for Apple gift cards but I don't do it because Apple's over-aggressive fraud tracking means Apple's store currency is too dangerous to use.
You'd think so. Yet, the stories of PayPal locking up payouts to surprised people keep coming every year - and people still use them.
Neither the people creating the legislations nor the people at Apple responsible for these flows care very much about collateral damage.
If you are trying to be a bad person you could weaponize that approach. You do not like person x, send them some Apple gift cards... :o
One commonality among the stories in that thread from people who had problems was either switching their App Store country or using their App Store account primarily from a different country than the setting.
"and we ban you for buying or redeeming them"
is just top tier comedy honestly.
As soon as I heard the first one of these stories about a guy getting google broad-spectrum banned because a junkbot AI thought his completely normal youtube comment was a nazi rant or whatever else it hallucinated - I bailed on the whole shebang. Hosting your own stuff is, if you're a reader of this site, easy enough and cheap enough there's little reason not to.
I mean that is a problem in itself :D
I proved them who I am, that the new payment method (virtual card from a well-known organization) is mine, everything.
After lots of back-forth I've been informed their decision is final.
I HAVE NOT BREACHED TOS. I wish I has a major law company behind me to force them to admit that.
Very happy it was my almost unused account, heavily went down with my purchases in mt main account (in my usual country of residence) as well.
And yes, I use login-with-companyName as sparingly as possible. We are not the users, we're beggars.
It happened - fake again. Now the customer support flow is: you upload images of the product (max. three), and the system approves the verification or rejects it, and then you have a way to contact customer care. System rejected. The trick is - they do not know why the rejection happened, they are not able to tell me, they are confirming the images are very clear and crisp, but they can't do anything to help me because the system leaves them with zero options to move forward - in fact, there is no further escalation matrix either. Nada!
The bank (credit card issuer) refused to raise the chargeback because "but the merchant 'delivered' the item". But it was fake, so? No, no, it "delivered" - that is what counts, so you have to sort it out with the merchant. But they are refusing any further help. You have to sort it out with them. And so on... in a loop.
Can I take them to court? Sure. It may take weeks, months, and maybe years, and even then, in the end (if I win), the court may just instruct them to refund and possibly (possibly!) compensate a trivial amount for legal expenses, which is never even remotely close to the actual legal expenses in this country's courts.
Just stonewalled. It almost feels Kafkaesque.
Of course it'd have been nicer to tell them to fuck off, but living without Amazon would simply be far too inconvenient.
In addition, I always suggest people to:
- Not use big tech's cloud services - ever
- But if you must, do not use many cloud services from just one provider (i.e no Google everything, no iCloud everything) i.e stop using "one account gateways".
- Needless to say, it's time you had a domain and start paying for mail hosting (at least for critical stuff - you can actually buy a very cheap plan; and use that gmail/live-hotmail/yahoo/iCloud/whatever everywhere else) [0]
- Keep an offline (but safe) copy of your "most" important data [1] and ways to remember (i.e cryptic hints) for your "most" important passwords
- Gain some experience in fighting in consumer courts/forums (depending upon your country) - start early, start with e-com companies. A lot many times we don't put up a fight because we have never done it before and we give up always because every time it's a first time. Apple and Google make a mockery of consumers everywhere because we have allowed them to. In fact sometimes when we talk of lack of accessible support at Google and Apple (yes, Apple) we speak in a disdainful appreciation or awe :)
[0] Some might disagree but disabling (or dev/nulling in a way) mail@, hi@, contact@, sales@ etc on your domain (esp. if you have catch-all enabled) goes a long way in terms of avoiding spam
[1] It's also very important to have a tiered approach to data storage and backup strategies. There should be a very, very, very small subset of your personal data, including some of your photos and videos, that is really, really small in storage footprint that you can back up/sync to multiple locations and actually pay the full price for it at storage costs via your own setup, preferably using FOSS tools (which are becoming too good these days) out there.
“You’re giving these companies your data and then dare to be angry when you lose it? Just get a degree in computer science and host it yourself!!1! I am very smart”
- Have a local backup (simple giving the storage prices)
- Pay for one email provider (less chance to ignore you)
- For important services (bank, etc.) always register also a telephone number / second email if possible (there is a low chance that both primary and secondary thing will be blocked at the same time)
At the same time, AML solutions tend to be a closely guarded black box which simply tells you to block a customer, finding out why is pretty difficult.
To add more to the problem, some anti money Landry solutions are … AI powered.
For a good reason! You, as a rule, really don't want to tell the customer why you're blocking them. What will happen in the end is that you will be facing federal charges for assisting the money launderers because you kept telling them what they're doing wrong.
Yes, in many countries they are, but I don't think the laws are dictating Apple to completely turn off the accounts, but instead dictate that Apple should take measures against it.
They could disable those gift card features + Apple wallet/pay if they suspect fraud, and if no one complains within a month, then disable the entire account, rather than start with disabling the account. Would give them space/time to investigate, and wouldn't be a huge pain in the ass when the inevitable false-positives happen, like in this case.
The cards were to family members that I normally send gift cards to at Christmas, and the activity was counted as "sus" even though I was asked to validate my card number and expiration date before being allowed to make the purchase.
On that note[1] is a good read (Cmd+F: "suspicious activity report"), although this specific case is about gift cards, but the AML/T&S etc. space is remarkably similar.
[1] https://www.bitsaboutmoney.com/archive/debanking-and-debunki...
(edit) Ah, right, anti-money-laundering, found it in your last sentence.
I've been reading about Lovecraft's Old Ones. Apparently they have no ill will towards humans. They just sometimes cause harm without realizing it, while going about their business.
I'm not sure if I like that take because of how horrifying it is, but I found it very interesting that harm can be caused so nonchalantly by more powerful entities, since humans already view themselves as the most powerful entity.
Most likely stolen cards. Stolen credit cards are used to purchase gift cards which are then resold to unsuspecting buyers. Think of it as stolen money laundering.
A lot of things are clicking into place for me in this thread.
Of course Support should be able to resolve this if proves are given
Whats coming?
Their mega high risk - high value gift cards are effective for laundering stolen/fraudulent credit cards. Buy a $500 gift card with a stolen CC and sell it on FB marketplace for $400 - you’re up $400, the buyer saves $100, Apple get paid by the retailer and the CC company are (likely) on the hook.
Of course the actual solution here is _don’t sell high value gift cards_, or require the Apple ID email at time of purchase/activation of the card
Not in all situations. Because of various cross promotions between car insurance, supermarket and airlines, by using gift cards for groceries I get an effective ~9% discount every time. That really adds up over a year.
For Apple and others, you can use secondary gift card market to get some discounts too, if you wanna risk it.
e.g. email on a custom domain. your domain registrar is now a spof AND your email provider for your domain is a spof. and that's just email.
There's obviously a middle ground and ways to have a strictly better personal data posture than before, but it's a multi faceted problem balancing usability, security, and resilience
Gift cards are used by phishers. In our institution, we routinely get personalized spam mails (in the name of the corresponding group lead of the recipient, sent via GMail -- this is not low-effort) that ask whether they are available and, when (accidentally) responding, ask for Apple gift cards.
> Hey, it’s me, your CEO. I’m in a meeting with our big customer and I need an urgent favor. Thanks! You’re a life saver.
> - Mr. CEO
Note that this has nothing to do with the actual well meaning (mostly - see leadership emails leaks) people forming the egregore.
The purpose of the company structure is isolating it from liabilities, and as the regulation which would force it to recognize the damage it did is mostly missing, thus the outcome.
See also https://www.ribbonfarm.com/2010/07/26/a-big-little-idea-call...
This is literally a money laundering pattern
The question will be why isn't this person just adding the money to their account directly, where is this money coming from, why are they structuring it like this
Enough that I am very wary of buying or redeeming gift cards now, especially more than one in a row.
Apparently there's some sort of scam with gift cards, which must affect any platform which allows them, and legit uses often get flagged by automated systems.
If they are so much trouble for Amazon/Apple I wonder why not disallow gift cards, instead of randomly banning users?
Plus I have no desire to carry scrip when I could have fungible cash or equivalent, so I would not buy a gift card. I have received a few.
If I need to guess, gift cards are sold online in money laundering schemes, also on some platforms they are used to let you buy apps from a lower priced country
Deleted Comment
And some of them don't even have that!
After nearly 30 years as a loyal customer
I've heard others say this (and was a "loyal advocate" of Windows for around 2 decades myself), but the reality is they simply do not care. You are merely a single user out of several billion.
Many of the reps I’ve spoken to have suggested strange things
That almost sounds like some sort of AI, not a human. But if I were in your situation I'd be inclined to print out that response as evidence, and then actually go there physically to see what happens.
macOS doesn't require this. My Apple account has a handful of apps purchased over the years, and that's it. I could've bought them directly from the vendors, but the store makes it easier to update.
I’ve had Clone Hero running badly on an ancient MacBook for my drums, so I decided to swap it out for an M1 Mini that was collecting dust on a shelf. I did a full erase, but I couldn’t get past its activation lock. At all.
This is a piece of hardware I purchased on my credit card, for my company, (luckily) linked to a phone number I control and an email address on a domain I can control, but Apple in their infinite wisdom are still locking me out of my own hardware because I don’t know the password the last employee used on the computer! I don’t want any data off it, thats gone, I just want the computer I spent money on to actually be usable!
I initiated a “recovery” process to unlock it (at Apples discretion?) and they’ve sent me an automated email saying the initial checks are passed and they will contact me again in 7 calendar days. Kafka-esque doesnt even begin to describe it. So for the next week I have to whistle Dixie!
I’ve been a massive Apple fanboy since I swore off Windows a couple of decades ago, giving them a decent high 6 figure spend over that time and influencing countless others to buy Apple devices. Well that very much ended this week & going forwards without Apple will be painful, but the message they sent me couldn’t have been any louder & clearer. The writing has been slowly creeping on to the wall for the last few years, between buckling to UK government pressure, the CSAM photo scanning nonsense, the absolute UI abomination of this new glass crap, this was my final straw.
I’m also going to be relaying their “message” very clearly and loudly now to any friend or family member considering another Apple device.
[1] https://news.ycombinator.com/item?id=26482635
I've unlocked some old Thinkpads that were similarly left locked with a BIOS password by departed employees, officially not possible, but actually possible if you reflash the BIOS and EC ROMs.
In that light, they are fulfilling a use case with greater market value than your conundrum. Is it annoying? Sure. Is it a problem? Debatable. You didn’t recover the passwords on the machine when your employee left. Maybe it’s your problem? Will you get in? Likely and eventually.
It’s almost certainly not, it’s just humans being human and going off script. I worked in a place where we dealt with an enormous number of customer service requests, and one of our measured support metrics was “how often do the agents deviate from what they’re allowed to offer”.
AIs are RLHF'd to have a corporate-pleasing interface w.r.t. metrics.
What changed your outlook? Did you get burned by Microsoft?
My Member of Parliament represents about 130,000 people, does regular door knocking to talk to people, and has a staffed office a few km away the I can walk into anytime I want.
None of that applies to a multinational corporation.
I once had to help a relative sue a bank who had closed his account after he refused to answer their very intrusive questions (they wanted to know details about distant relatives living in another country). They also refused to return his money (tens of thousands) and refused to explain why. No amount of complaining or escalating made any difference, although we did manage to get a nice recording of an employee saying that he thought the bank was in the wrong.
It took me issuing court proceedings, plus several more months of negotiating with their lawyer, before they finally settled out of court. Even then they tried to not pay the court fee, and they tried to get us to sign an NDA (I refused to budge on both). Altogether, it took 6 months to get the money.
Similar to how people in this thread are talking about mitigating reliance on cloud providers (e.g. with offline backups), I now do not trust any bank. I avoid being in a position where any one bank can ruin my life. That means having multiple accounts and spreading my money around.
Luckily for me I have a legal background so when a corp (big or small) does this sort of thing to me I don't hesitate to sue them. In almost all cases this causes them to "wake up" and start taking your issue seriously, in a way that the front line customer support reps never do. I recommend this to the author of the original post.
It's my understanding that banks really don't want your money once they've closed an account, they want you to take it back.
Bigger banks, at least in the US, usually do this.
It baffles me how much this community is opposed to Bitcoin (and fails to delimit it from the rest of the crypto-scams on going) when, for me, it is existential. When you go through 1-2 experiences of bank-freezing and you realize your life is literally at stake here, the abstract debates about energy consumption or speculative bubbles feel like they come from completely misinformed individuals.
It's like watching someone on a rail track arguing not knowing what is about to hit them.
iCloud literally encourages users to opt for storing originals only in the cloud. It's marketed as such, it nags you about this every now and then, and iCloud is the preinstalled default cloud storage on every iPhone. Consider non-techies dealing with this too.
Convenience is a hell of a drug.
Concerning all those 'bricked' devices it would be really nice to get some more details concerning the 'block'.
Can you use your iPhone to call someone, can you use your MacBook overall? Login, use Apple Passwords(!), looking at photos within photos app and so on...
Or are all those devices completely locked?
If they’re shared, surely someone else can still access them?
To me this is the biggest problem. Just like a bank can decide to close your account at any time, it's reasonable that Apple (or any business) could do the same. But they can't keep your stuff.
You can say "don't be naive and assume your cloud data is safe", but in today's world that's like saying "don't keep your money in a bank". The reason I pay for iCloud storage is because it's supposed to be safe (safer than my local HDD going bust or getting lost).
We really need laws for this sort of thing. They should have included it in the DMA for gatekeepers.
Even if in the T&Cs say Apple can do this, which it probably does, now they would have to prove it in front of a judge.
I thought about filing a claim for enough to cover my time in small claims court, but decided not to. I didn't track my time super well because initially I though it was my fault, but, by far, the huge deterrent is the "what if".
What happens if I take Google to small claims court for damages to a domain I've been using for 20 years? I have that domain tied to a legacy Google Workspace account which was a huge mistake. It's been tied to my email for at least 15 years and, even worse, I've never owned an Android phone that hasn't been tied to that Workspace account.
I don't depend on cloud services for much, but if I want to prepare for retaliation I'd have to migrate my email somewhere else and be ready to deal with family members that have their phones connected to the Workspace account. Who's been duped into photo "backup"? Who's been duped into using Google Docs? How many Play purchases do they have? And, the big one, who's been duped into using sign-in with Google?
Google, Apple, Microsoft all make choosing what's best for the consumer very high friction compared to choices that trap users and give all the power to big tech. Even though I constantly help my family members try to understand why the don't want to get locked into those services they always get deceived into using them. The number of family members unwittingly duped into uploading all their data to OneDrive is in the range of 100%.
Apple, Google, and Microsoft need to be broken into 10 or 20 companies each. Excel should be it's own company. Phone OSes and app stores should be different companies. OneDrive should be it's own company and to compete with Dropbox with zero Windows integration. The web browsers should be separate companies. The AI divisions should be separate companies. Split them up with a wood chipper IMO.
The safe browsing scam is the biggest fraud ever because providers can't opt out of it when it "accidentally" detriments independent or self-hosted solutions.
That's a big ask.
I am surprised that with such a pedigree, the author doesn't already have contacts at Apple they could reach out to for that personal touch.
Dead Comment
If you don't have root access to the machine your data is on, it's not your data.
I mean that. Exec level. This story and that this specific person cannot get it fixed indicates absolute failure.
I have a feeling that this guy also doesn't get why this happened to him and that he himself contributed towards it with the work of his life.
There was a time when I accidentally deleted some photos of which I had only one copy. I blamed myself for being stupid not having a copy but also money was tight for additional drives.
Then there is this: depending on a service provider and then blaming them for something like this. The problem is that now you are losing trust in service providers (of which there should be little to begin with) and on top of that you are also blaming yourself for depending on them. However you have to create a trust model where your fault allows you to have a service helping you with it while a fault at the service provider will allow you to restore data from your end too, getting the best of both worlds.
MacOS and Windows / Google with always logged in systems that lock you out completely at their will is an example of how your devices are not owned by you to begin with and then trusting them with your data as well means your digital life is basically owned by them completely.
Now imagine that there are no humans to solve this but endless LLM bots that respond with generic responses because the LLM has never seen a problem like this. I want to point out that owning your data and hardware is really important if you depend on it and your business especially does.
In a complex modern society, we can’t all be expected to have backup plans to the Nth degree.
Is it possible to bore for my own water supply, install solar+inverter/battery backup for electricity, get a medical degree to treat my own wounds? Sure but most would say it’s not reasonable.
It’s why we have regulations and ombudsmans for healthcare, transport, finance, water provider, electricity providers, communications providers etc.
Oddly missing from that list is critical technical infrastructure providers like Microsoft, Apple and Google.
This is why I suggested to have a dual model. Leveraging the cloud and services is really a good choice as long as you have backup systems running independently as well. Your backups may not be as powerful and full fledged as the main provider but in case of emergencies like these, you still own your data and hardware and don’t panic.
In this example a weekly backup of iCloud to a drive connected to a pi with rsync could be a simple solution. 6tb is not even that much given that 500$ gift cards are being used by the author. The backup is not great but it is easy to see why it’s also necessary to own your data.
Bad analogy. A better one would be having a torch in case of power cuts (done that) having some extra food in the house in case the grocery delivery fails, having some basic medical supplies in the house, having mobile internet connection in case your broadband fails etc.
Having backups of your stuff is an emergency fallback
I’m feeling attacked. Here I was thinking my lifelong work of self sufficiency for my family was completely reasonable until you came along. Thanks a lot!
Deleted Comment
[Quote]
Yes they do still get activated at the checkout. But when you go to redeem, the code is missing the last digit or two so it doesn't work. People take the unactivated gift card, tamper with it to get inside carefully so it's not detectable, scratch and get the code, remove the last digit or two, replace the scratch off layer, put the unactivated gift card back on the shelf. Then after you activate the gift card at the checkout, they redeem it.
[/Quote]
From this discussion
https://www.ozbargain.com.au/node/937339
We all depend heavily on cloud storage and sso . Everything works fine until you are locked out .
And using them isn’t fully voluntary. They are necessary for collaboration . You end up using what your team uses .
You can try to be that “own cloud” snob but it only works if you live in a basement
Every normal person has content in Google , iCloud , OneDrive , Dropbox and maybe more. That’s 4+ single points of failure
You’re just not imaginative enough if you think you’re safe .
OPs only recourse is an insider or a lawyer
It is totally normal in today’s world to depend on cloud services and reasonably difficult to do without it. In China: no WeChat you are practically dead. Here try to join meetings without account, try to send a message on WhatsApp without account, etc… a lot can go wrong very fast. What if you used your Apple account as SSO to other services ?
You see this a lot in the Apple "community". Apple can _never_ do wrong. Apple can _never_ make a mistake. Apple's choices are _always_ the best choices.
I don't understand why people put corporations on pedestals.
They should be tripping over themselves of "How can we fix our corporate incentives to actually deal with customer problems". Not "lol OP, sux"
One of 20 of your services could lock you out tomorrow and that means you’re blocked from coworkers and family
sure i am dependent to cloud services as much as he is, much to my own chagrin, but at least i have all my data backed up??
Deleted Comment
Your own wrongdoing. Always use a site-specific auth method, i.e. by email. And a separate email for each site.
Yes, those companies should absolutely be forbidden to behave like this, and punished heavily when they do. But until it happens (which doesn't look like it will), your data is your responsibility.
You’ll lose indexing and metadata , like Google Drive search , Google Photos search , thumbnails .
It’s a myth to assume the value is in the backup. Most of the value you have is in the access and the application
Sure, it is not directly their fault, when they are treated badly by big tech. Though of course they could have been more careful, and rely less on big tech and cloud. We can all learn from this example, like many others before this one.
The solutions self-hosting storage for non-technical people are terrible. Presumably there's no market for selling a solution that gives individuals data sovereignty. I would guess the margin isn't there and a recurring subscription for something you own is probably unpalatable to a lot of consumers. So this is what we get.
Dead Comment
So, fallacy aside, the abnormals would be...
a) people that don't tech, and b) people that saw the writing on the wall years ago, and either didn't trust the system and didn'tget into it, or those that did for a while, and got tfo.
?
Deleted Comment
Any lawyer can file a complaint in small claims . OP has paid for a service and has a contract
TOS is binding to both parties .
WTF is this about? So you think anyone proficient in hardware/software lives in a basement? This kind of derogatory statement does not belong on HN.
It’s the snobby part that I’m critical of
Well, i don't. I have my local file storage. Contacts and Calendar get synched, thats it. These get lcal backups, but aren't important so or so.
Not an average or "normal" computer user? Granted. Not a normal person? No.
It only means that the content is not valuable for them. I know people who created Google Account only because the phone required them to and they do not even remember the password or username, and do not use Gmail (why use email when there is Telegram). If they lose the phone, they would just probably make a new account.
If you were an investor or trader, managing millions of dollars, would you keep the only copy of critical information in a cloud? I don't think so if you are a reasonable person. Would you keep the only copy of a cryptowallet key in a cloud?
I don't think the idea that they could lose access to their accounts occurs to most people. I've done enough business continuity and disaster recovery work with small business to be confident in saying it doesn't occur to small business owners. I'm not sure why individuals would be any different.
It's very hard to put yourself in the mindset of a non-technical person.
Backup sounds nice and is necessary but is always out of date and recovery is totally impractical .
Many/most of the assets like indexes , references & creds can’t be reasonably backed up and recovered .