> activation lock

Tangentially, it is utterly trivial to completely bypass Apple MDM, in a manner that breaks nothing, and survives OS upgrades, minor and major. Just requires the right combination of three DNS names at one point of install, and no internet at another, and you will get a completely de-fanged Mac. The only time you need to repeat the process is if you completely erase the SSD.

▲

donkyrf 3 days ago | parent [-]

Where is this method documented? Because if you aren't full of shit, then I'd like to pressure Apple to fix it.

▲

gregsadetsky 3 days ago | parent [-]

I found https://github.com/assafdori/bypass-mdm and the bash script does “neuter” 3 domains via /etc/hosts editing

But no idea how stable/reliable this it.

▲

donkyrf 3 days ago | parent [-]

It's unclear that it works around Apple Find My, unclear that it's executable starting with a locked device, or that it's permanent.

At this point, I've seen no evidence that FireBeyond's extraordinary claims have any merit.

	▲	FireBeyond 3 days ago \| parent [-]
		What does Find My have to do with MDM? I have Find My running on this computer (which is unlocked) now. I've upgraded from Monterey to Tahoe without issue (startup that went AWOL). However, you touch on two things - 1) I have no idea (and doubt) that this would bypass a device that has been locked, and 2) newer versions may not be as vulnerable. This computer is an M1, and Monterey can be made to go through a full install process without internet access, as described, but newer versions will not (or they may, but I couldn't find a way to force it with Sonoma or later). That means if I do an erase, I have to do a new Monterey install, and then upgrade (but nothing untoward there, don't have to do iterative updates).