curious: the bootable 12.1 installer won't boot my 8c last-of-the-x64 rMBP machine after a full internal drive wipe. it insists on internet recovery.
macs become less trustworthy by the day.
astounding to me that the tech press hasn't picked up on the fact that 12.1 is still shipping scaffolding for clientside privacy destruction by scanning your local files.
@caliw if you fully wipe the drive (which includes the activation data) this has been true for a while now:
https://sneak.berlin/20201204/on-trusting-macintosh-hardware/
macs need activation (including the last few years of intel macs, they have an iphone6-ish ARM security chip called T2 which handles boot) to run. they do this by receiving an activation from apple, only if the device doesn't have an activation lock ("find my") tied to an apple id.
it prevents reformatting and reinstall on stolen hardware.
@caliw BUT! apple supports something called DEP which enrolls devices in MDM automatically on install by serial! this amounts to RCE (by design) so corps can autoprovision machines automatically when they are restored.
nothing stopping apple/FBI from using this to install surveillance on your machine during install, which you cannot prevent by eg using verified "same as everyone else" media and doing an offline install, because there are no offline installs.
@sneak wow, thanks for the detailed explanation.
@caliw if the device has an activation lock tied to an apple id, when it tries to activate it will notice and prompt for authentication of that apple id before allowing activation, thus preventing reinstall on stolen-but-still-locked devices.