6

Tomorrow I will collect my iMac 27 from the service, after they have replaced the screen (due to yellowish smudges).

To my surprise, I was requested to give them my password. I did not expect they may need it, and did not erase my data at home. I have just made a backup to an external drive. Still, all my documents, photos etc are in my iMac (no porn luckily).

How to know if Apple service staff copied or looked into my private data?

klanomath
  • 66,391
  • 9
  • 130
  • 201
Amalfi
  • 61
  • @tetsujin's answer is correct - anyone with physical access to any Mac can clone the data without knowing your encryption settings or passwords. You can also read several opinions on whether Apple's staff is trustworthy with personal data which will help you understand how Apple's policies are to use rigorous procedures to keep your personal data secure and private when you hand over your equipment. – bmike Dec 21 '14 at 17:17
  • I was also asked for the password. I am guessing this is to make sure that you are actually the owner. You could've done what I did when I took in my Mac for repairs and just tell them that everything is backed up, and to reset it. That does kind of defeat the purpose, but after I said that, they just reset it without me having to give away my password. Off topic, if you want to be really secure @bmike you could just turn on FireVault which prevents any of the files from being copied unless one user is logged in (not counting Guest). – NeuronButter Apr 12 '18 at 07:28

1 Answers1

6

The simple answer is, there is no way to be absolutely certain. Furthermore, you likely signed agreement to the standard AppleCare Repair Terms and Conditions so from a legal standpoint, you have agreed to the AppleCare Repair Service terms and conditions by signing your property and data over to Apple.

The more probable answer is that, as Apple employees, they have very likely signed some kind of non-disclosure agreement, prohibiting them from looking any further than to fix the issue, on pain of dismissal or legal proceedings.

Condensing some of the comments into this answer…

It is possible that the entire drive could be cloned, without your knowledge. Physical possession of the drive is one of the easiest ways to access the data on it.
If encrypted, that clone would be of little use without the encryption password - not necessarily the same as the login password.
This would not show on any kind of key-logging software, as it could be easily done by removing the drive from the machine.

However… The chances of this actually happening to a machine given to Apple for repair are virtually nil.
If it was ever documented as having happened, their stock would collapse, along with their credibility.
This is not the same kind of breach as a couple of celebrities being phished or socially-engineered for their details, this would be a whole new level of distrust.

It is unlikely to happen.
Any current or former Apple employees would be most welcome to add comment to this.

bmike
  • 235,889
Tetsujin
  • 115,663