> What's the rationale?

Most likely stolen cards. Stolen credit cards are used to purchase gift cards which are then resold to unsuspecting buyers. Think of it as stolen money laundering.

Unfortunately, when you access multiple accounts from the same set of IP addresses and browser signatures, you can bet Google, Apple, Microsoft, and any other large company with that level of information collection has probably correlated all of those accounts to you. The company may lock them all if any one of them is suspected of "bad behavior".

Well from my view as European working in finance. Handling money for customers to pay (buy apps) likely requires an e money license (not sure about other states). And with this there is lot of things coming, like AML and what not. So disabling the account might be due to regulations required for the e money license.

Of course Support should be able to resolve this if proves are given

> What's the rationale?

Gift cards are used by phishers. In our institution, we routinely get personalized spam mails (in the name of the corresponding group lead of the recipient, sent via GMail -- this is not low-effort) that ask whether they are available and, when (accidentally) responding, ask for Apple gift cards.

Selling gift cards is like borrowing money at 0% interest. And because some people forget and never use them, it's negative interest.

> It's just insane that a gift card redemption can trigger this. What's the rationale?

If I need to guess, gift cards are sold online in money laundering schemes, also on some platforms they are used to let you buy apps from a lower priced country

anything can trigger this. it is totally at the company's discretion

Do not redeem /s

This is why I don't use an os that depends on cloud functionality built into the os for much of its fuctionality. It's really stupid IMHO to depend on a closed system like this to store data.

I think we must have passed peak Apple this week or something…

I’ve had Clone Hero running badly on an ancient MacBook for my drums, so I decided to swap it out for an M1 Mini that was collecting dust on a shelf. I did a full erase, but I couldn’t get past its activation lock. At all.

This is a piece of hardware I purchased on my credit card, for my company, (luckily) linked to a phone number I control and an email address on a domain I can control, but Apple in their infinite wisdom are still locking me out of my own hardware because I don’t know the password the last employee used on the computer! I don’t want any data off it, thats gone, I just want the computer I spent money on to actually be usable!

I initiated a “recovery” process to unlock it (at Apples discretion?) and they’ve sent me an automated email saying the initial checks are passed and they will contact me again in 7 calendar days. Kafka-esque doesnt even begin to describe it. So for the next week I have to whistle Dixie!

I’ve been a massive Apple fanboy since I swore off Windows a couple of decades ago, giving them a decent high 6 figure spend over that time and influencing countless others to buy Apple devices. Well that very much ended this week & going forwards without Apple will be painful, but the message they sent me couldn’t have been any louder & clearer. The writing has been slowly creeping on to the wall for the last few years, between buckling to UK government pressure, the CSAM photo scanning nonsense, the absolute UI abomination of this new glass crap, this was my final straw.

I’m also going to be relaying their “message” very clearly and loudly now to any friend or family member considering another Apple device.

> I've heard others say this (and was a "loyal advocate" of Windows for around 2 decades myself), but the reality is they simply do not care. You are merely a single user out of several billion.

What changed your outlook? Did you get burned by Microsoft?

with this same logic, you don't want to know how much your government and your country cares about you. odds are even a lot lower for them.

I think this argument conflates “what’s possible” with “what’s reasonable”.

In a complex modern society, we can’t all be expected to have backup plans to the Nth degree.

Is it possible to bore for my own water supply, install solar+inverter/battery backup for electricity, get a medical degree to treat my own wounds? Sure but most would say it’s not reasonable.

It’s why we have regulations and ombudsmans for healthcare, transport, finance, water provider, electricity providers, communications providers etc.

Oddly missing from that list is critical technical infrastructure providers like Microsoft, Apple and Google.

Book a date with TASCAT. I haven't used the Tasmanian one but in NSW it cost me a couple tens of dollars from memory and I got a response in days. Once the case lands with the _LAWYERS_ who are expensive, it'll get resolved.

Absolutely, but that doesn't solve my immediate issue of my devices and accounts, but of course I will do that.

> which shows some questionable judgment

Convenience is a hell of a drug.

I do have backups of most data, including photos, but there are things you can't backup like shared actively edited iWork documents, and things like that. I can rebuild from it, but it's still a shitshow and my very expensive devices are bricked.

When you are an Apple Developer, as the poster states - it goes deeper and more destructive.

Great victim blaming there buddy.

I self host an Immich [1] instance to backup photos on my iPhone. It’s OSS and has a level of polish I’ve rarely seen in free software. Really, it’s shockingly good. The iOS app whisks my photo off to my home server several times per day.

What I’m not sure about is how to backup things like iMessages, Notes, and my Contacts. Every time I’ve looked, it appears the only options are random GitHub scripts that have reverse engineered the iMessage database.

1. https://immich.app/

I run a separate Mac Mini that has the full iCloud Photos library on a massive external drive, set to "Download originals". I then rsync that filesystem to a separate Linux box. This works but you must not ever disconnect the external drive.

I don't have a solution for iCloud Drive, as there wasn't a keep offline setting last time I checked. So use it only ephemerally.

One rather counter intuitive way to “backup” your photos is to install Google Photos and One Drive on your iPhone!

Google and MS don’t charge as much as Apple for storage, and you probably need you need to pay beyond the free limits, but it’s not a huge expense.

Once your installed Google Photos and One Drive on your iPhone, just tell the apps to sync all your photos all the time!

Now I appreciate that isn’t for everyone.

But it works, is reliable, and requires no technical knowledge of running your own service.

The other thing to do is setup a Mac that synchs all your iCloud data, One Drive documents and Google Drive.

Then back up that device with Backblaze.

This gets expensive as a Mac with decent levels of storage isn’t cheap!

I live in fear everyday or my primary Apple and Google accounts getting locked!

I’ve had accounts since day one of iTools and very shortly after Gmail launched….

I run a Synology NAS with a docker container that periodically downloads new iCloud Photos to a local directory.

> How are people handling this these days?

Syncthing is wonderful, and does a great job of syncing between an Android phone's photos/videos and a laptop. And if you have regular automated backups of the laptop, you'll have backups of the photos/videos too.

For an iPhone, perhaps you could use iTunes to sync to a computer and back up that computer.

I run Arq Backup automatically in the background.

It copy Photos, iCloud files and my mails once every days to S3 with incremental backups.

It requires to have a full copy locally.

Works great!

It is not hard to configure once, with the proper folders and settings.

Sync to Dropbox -> Dropbox hourly & monthly backups to my NAS using Bvckup2.

(One of these days I’ll setup my NAS to backup offsite fo a #3 backup).

I know that others with Macbooks sync their whole library to their Macbook and then Time Machine to a NAS as their copy #2. Is this vulnerable to the problem in TFA?

immich is an extremely polished, FOSS alternative to google/apple photos. It's an investment, but a 4 bay NAS running immich should do nicely. Additionally I backup snapshots to Backblaze B2 via restic which runs another $5/TB

I keep copies of any important stuff i need on my server, and in a few hard drives at my home. i don't use any "cloud".

Back in the iPhoto days I used to symlink the library to an external drive.

Not an iCloud user, but I use Immich on my NAS.

I simply manually periodically download everything to disk/software raid. Really important/sentimental stuff like baby photos and videos I have on DVD with par2s.

It's been done, a few days ago. Nothing yet, but here's hoping.

I don't see stories anymore from this working. Back when it was under Jobs, there were more concessions from his team operating the account. And maybe in the early Cook years. Apple has trimmed a lot of fat.

I did read about part of the product development org having a standup about trending social media cases, and prioritizing followup on items that were under public scrutiny.

I have similar questions. At the scale Apple operates I'm sure mistakes are made all the time, but often it feels like there is something missing when these types of stories pop up. I have had support from Apple before and they went out of their way to help me, supervisors doing research and calling me back for example. How Apple stonewalled here makes it seem like it was more than a single large gift card that caused the issue.

I prefer to keep it topped up like that. It's been the same for 20 years.

I would love to feel sorry, but seems you’re technically capable of preventing this (unlike most people), just chose “convenience.”

Well, this is the downside of “convenience.”

If you manage to recover your belongings, I hope you stop preaching around how living in a normal apartment in society is good and everyone should accept the risk of home invasion instead of living in an underground bunker with biometric access controls and armed security.

Plenty of things do work better as a native application. Packaging is a pain across the board nowadays. Apple is pretty good, you pay a yearly fee if you want your executable signed and notorized, but they make it very hard to run without that (for the lay person). Windows can run apps without them being signed but it gives you hell and the signing process is awful and expensive. Linux can be a packaging nightmare.

And that website is hosted somewhere, you’re using several layers of network providers, the registrar has control over your domain, the copper in the ground most likely has an easement controlling access to it so your internet provider literally can just cut off access to you whenever they want, if you publish your apps to a registry the registry controls your apps as well.

There are so many companies that control access to every part of your life. Your argument is meaningless because it applies to _everything_.

A trustless society is not one that anyone should want to be a part of. Regulations exist for a reason.

The broken logic is that it will expose why the account was flagged, and thus, allow 'bad actors' to better navigate and bypass such flags.

Of course, this is absolutely silly and beyond absurd, for bad actors share information of forums, can deduce fairly easily, and even have help from people on staff.

Such actors typically know about detection and flagging methods within days of implementation. There's literally zero benefit to secrecy. None. Security through obscurity can be a beneficial additional layer, but it simply never helps here.

We really should pass a law requiring full disclosure of the precise method of banning. I can even see a 'trial' period, where accounts activated (and used!) for 3 months receive this benefit, but new accounts, or new + dormant accounts do not.

This should likely be coupled with mandated full refunds of phones or computers, as an example.

Note that this isn't a 'free' account we're talking about here. An Apple account, or a Google account is required to use an iphone or pixel in its default config, and all the features it entails. These accounts aren't free, they're part of purchase cost, and core-required.

(Even if it's a, for example, Samsung phone? It comes pre-installed, with uninstallable Google Play cruft, as part of an agreement with Samsung. Same conditions need apply here)

How do you that with Apple hardware that requires an AppleID to operate?

Is your advise to avoid all Apple hardware?

Or buy backup hardware none of which will run MacOS / iOS, so you still couldn't access things like your Apple Developer account, or any shared documents?

Apple has over a billion users. Do you expect every single one of them to learn how to do backups, protect their purchase on iOS, etc.?

It sounds like you unfortunately have gotten yourself kinda stuck, but I very much sympathize. I too have an account dating back to iTools, and for a long time it was a major frustration that I was stuck with that original email address as unchangeable for the Apple ID, unlike newer accounts. However, some time in the last, I dunno 3-5 years maybe? I can't remember now the exact time I noticed, but after over a decade of requests and fading hope Apple actually did allow me to change the email address for that Apple ID, which I shifted to my own domain. So for anyone else who hasn't checked in a long time, worth noting situation might be marginally better now.

Re: "mac.com isn't doing email anymore", all the original mac.com email addresses still work fine. Apple has played around with various domains (mac.com/me.com/icloud.com) over their decades of bumbling with online services but they made them all interchangeable for older users, mails to the original @mac.com emails still go through. Even originally made aliases (they allowed 5 with iTools) still work. Not sure what your issue was on that one.

Finally yeah, ""security"" questions are one of those horrible legacy anti-patterns that I will cheer to see finally be dead and buried. If you try to answer them honestly probably anyone can learn it with a bit of online searching, if you go for more obscure stuff they're easy to forget defeating the purpose. It's really best just to treat them as extra passwords, use random alphanumeric values and keep them in your password manager same as the password. Apple has also fumbled around with recovery over the years, at one point you had options to have a manual recovery key you could save but I think that's dead and can't set it up after already forgetting. Maybe if you go in person to a store with physical ID and evidence, if you had payment associated with the account and have that credit card for example that might do it.

If you have nothing of value tied to the account though probably no reason not to just abandon it.

It doesn't sound like you use your old Apple account. Why don't you abandon it and use a new one?

> making another random email

youremail+anystring@gmail.com will always redirect to youremail@gmail.com Before making a random email address, try using youremail+f1@gmail.com or something similar.

Add and verify another primary email address.

On a device: Settings > (iCloud user) > Sign-in & Security -> (+) {{name}}@gmail.com

If that doesn't work, then use the dot trick.. y.ourname@gmail.com = yourname@gmail.com.

Same story here. I'll never go back to Apple Music, even if only for streaming. I had hundreds of tracks and albums just demolished by something related to iTunes Match, didn't realize for months, and didn't have a solid backup system at the time.

oh man, I started with iTunes Match because that's the only service that I could use to backup all my MP3s, and now it's all messed up and so much music has just disappeared from my playlist... so sad.

Unfortunately I still don't know a service I can use that will allow me to sync my current MP3s / what I have in Apple Music, and export it if I need it. There's really an issue of owning data and being able to take it elsewhere :/

Oh yeah and it absolutely does away with bullshit of "If you're not paying you're the product" I'm sorry it doesn't work when these services, even free, are monopolies

You can have free services, you can have paid services but they ALL absolutely have to be answerable to the consumer

Let's hope so...

I would like to think you're wrong, but if they fix this, you're possibly right. My career is built on Apple technologies. I don't love that I'm captured by a vendor, but I have a lot of knowledge, and building to that level elsewhere is hard.

I just want to keep using my stuff, and getting on with the fun things I get to work on. I don't have a strong attachment to Apple, I have a strong attachment to the familiar productivity I normally have.

I live in Tasmania, a state of Australia that is 1) an island, and 2) has no Apple Stores.

There are a few physical Google stores. They aren't really very helpful at anything, and even don't have phones in stock often.

I went to one, wanted a Pixel Fold in the spring, and was told "we'll get one". Some guy left to do so, and 20 minutes later I just walked out. Just as with everything else, when Google does it, it's half-assed.

Not everywhere has apple stores that you can “just walk in to”

Android phones are not inherently linked to a google account, atleast not in the same way an iPhone is.

You decided to turn a plea for help into a fanboy war?

I have spoken verbally to multiple members of Apple's support teams. Apologies if that was unclear. I didn't record this calls, as they did not permit me to.

You can manage Apple subscriptions using your web browser (no Mac/iPhone needed). The subscription management page is:

https://account.apple.com/account/manage/section/subscriptio...

That reads as rewarding them for taking your account hostage