How can I get rid of unauthorized MDM connotations @Roikins

Don't sign into iCloud, or get iCloud if you're having these issues. MDM CANNOT be added to a device without your knowledge. It is 100% NOT POSSIBLE. If it was, it would make my job much easier, but it would also erode privacy and security of the user.

Trae3d wrote:

I used Little Snitch and systematically blocked all the bull **** they system was set up to do in order to track and manage the device. It is tedious and took a few times but I did get a solid outcome after a few tries. This is the only way I could secure my devices and get them to work right.

That approach often leads to more issues, and more intractable issues when integrated components of macOS can no longer communicate, or when Little Snitch itself gets tangled. Little Snitch is a useful app for an experienced user with networking expertise and specific problems (usually) with specific questionable,apps, and it’s also a means to self-create subtle or obscure problems when disabling parts of macOS.

OMG!!! Finally someone who has the exact same situation as myself and doesn’t think I’m crazy! I left my family’s business due to having a disagreement with my brother. Ever since that time I’ve been dealing with this craziness. Even bought a new MacBook Pro and Bam - took a week and it was running on a unsigned version of Monterey Mobile Asset. I made a bootable copy of UBUNTU and found a hidden Fat32 boot drive on all my devices. I used FPart on Ubuntu to completely wipe the drive. But I cannot get a solid installer. I will download Monterey - check with Pacifist for signature but after my installer gets a hold of it - I check it with Pacifist again and it’s UNSIGNED and has Mobile Asset settings listed. Can anyone help me with this?

Yes - found that my original Apple ID was part of the problem - it has encrypted folders I can’t remove and I’m pretty sure they have an original copy of my Apple ID - like a VM running it. I’ve had it for almost 20 years or more and it has over 45k in photos. I created a new one. I don’t link my mac’s to iCloud yet - until I can get a verified copy of macOS on them. I can’t believe Apple is giving either ex developers, developers, or Hackers this kind of power without a solution.

Ive had mild success at using little snitch to stop everything and create a semi workable Mac experience but eventually have to wipe and start over. Also - you can log in a root user and Gut their programs. I’ve been able to do that and seen a lot of the activity down. I almost went and bought another Mac to create a bootable DVD. This is the only thing I can think of that cannot be altered on its medium.

This is not possible without direct admin (including knowing the password) access to your device. If it was, my job managing thousands of devices would be much easier. It's not possible to put a non-verified copy of macOS on your device without physical access to the device to remove the security settings in SIP.

After reading your experience, I had to pick my jaw up off of the floor. One difference for me though. I completely lost access to my iphone, pass code was ultimately changed, I was locked out. Before that even while being in constant contact with Apple support. An employee even took ownership of my case until resolved, at least that was the plan. Emails with her info vanished no one could help me, phone number was taken, my only apple device was removed as the device that created the account.. boom. I was lost, no one would talk to me, all of my info had been changed, I couldn't prove anything. I'm so glad I saw your post! I just bought yet another brand new iPhone after so many new android I've lost count. All with aliases nothing close to my real info. It's infuriating. I've had it for 3 weeks today in going to try to see it up. Please if you have any advice could you reply. I'm on his wifi so I'm pretty sure where it's coming from. Thanks... good luck!

DistressedDame wrote:

My phone is NOT “company owned”, it’s *mine* and I never gave anyone permission to supervise OR manage it. It shows no MDM profile.

Then there are clearly no issues with MDM profiles.

And with no MDM profiles, seemingly no evidence.

And with no evidence, seemingly nothing that can be addressed.

Any of these cases that have been going for months or years, and with device resets and device replacements and multiple support calls and feedback from all that, are not going to be addressed here. If at all.

DistressedDame wrote:

Unfortunately this is the reaction I’ve gotten from people who could be in a position to help me, “It’s not possible”…

While you might not want anyone ”explaining for the 100th time how my phone performs”, consider that by your own description here, you’ve tried the same reporting techniques a hundred times.

Absent a change in your strategy and presentation and particularly absent collected forensic evidence, the 101st trip through this loop is unlikely to appreciably differ from previous loops.

And to be absolutely clear, yes, iPhone and iPad can be hacked. Whether yours has been hacked? Or your passwords compromised? Or gaslighting? Or whatever… That involves collecting and presenting evidence. Or the loop repeats.

Any issue that has been ongoing for a hundreds reports or stretching over years with multiple efforts toward remediation is exceedingly unlikely to be resolved here, now, if at all, ever.

Again, I will point out, as I have many times in this thread, that while something may be compromised, a device CANNOT be enrolled in MDM without your knowledge if you purchase straight from a location like Best Buy or Apple or Amazon. If it was, it would make my job multitudes easier, but it would also sacrifice privacy and security of the user. I manage THOUSANDS of devices for a living. I do this all day every day. It isn't possible. Again, a compromised account, gaslighting, many other things are possible, but a managed iOS/iPadOS device isn't possible. Even if it was, there are controls that limit what can be seen and accessed by administrators remotely.

mandell_liam wrote:

celliott147, Thank you for all of your insight as just rereading this thread in the last 4 min answered questions that Apple refused to answer over hours and hours of on phone support. I completely understand what you are saying, especially the 'if the org owns the device , there is nothing the user can do to prevent me from managing it', so , that being the case, How does one determine without a doubt IF their device is managed and by what org.

Unfortunately I believe you are saying that a device not managed that someone gets temporary access to, either physically OR virtually (vnc etc) can then be enrolled in ABM, making it 'owned' by the organization. How about if someone received the serial numbers of a number of purchased systems before they were ever set up? Let me guess, a device not enrolled yet is 'fair game' and the first one to do it , like you said, OWNS IT, forever.

Taking this to it's natural conclusion, and not that you would ever get involved in this, but considering what laws would be violated at that point, why on earth is Apple seemingly unwilling to produce information that would help literally everyone involved in something like this?

There’s no MDM shown here.

There’s no secret MDM.

If there’s no MDM here, then there’s nothing to be removed.

If you’re subject to malware of the sophistication and persistence that you’re claiming, nobody here can help you with that anyway. Not short of direct physical access and digital forensics, and nobody is going to do that work for free. Nor can anybody here reasonably help you with your whole approach to digital security, given the scale of the investments deployed by your claimed and unknown adversary here, whoever that adversary might be and for whatever they might want.

Which means you’re either wrong about all of this, or your value and your threats and the assistance you require here are so great that further discussions here are basically futile.

Devices that aren't purchased through an authorized reseller for enrollment by the business itself can't be enrolled in ABM without physical access to said device. Period. A device that is enrolled with physical access can be removed by resetting the device to new within 30 days. In order to have an ABM instance, one must have a legitimate business registration with D-U-N-S. This further limits bad actors. Your biggest risk to having a device enrolled in management that you can never get out of is going to a non-Apple Authorized Service Provider to service your phone or purchasing through a non-Apple Authorized Reseller. If you purchase and service through authorized channels, your risk is effectively 0.

celliott147 wrote:

Devices that aren't purchased through an authorized reseller for enrollment by the business itself can't be enrolled in ABM without physical access to said device. Period. A device that is enrolled with physical access can be removed by resetting the device to new within 30 days. In order to have an ABM instance, one must have a legitimate business registration with D-U-N-S. This further limits bad actors. Your biggest risk to having a device enrolled in management that you can never get out of is going to a non-Apple Authorized Service Provider to service your phone or purchasing through a non-Apple Authorized Reseller. If you purchase and service through authorized channels, your risk is effectively 0.

And additionally, having the original purchase receipts available is typically considered sufficient proof of ownership that Apple will reset devices. And again, management profiles are shown in settings, not hidden.

I'm cringing already because I haven't read the replies. you said exactly what's going on in my life for the last three years. And for some reason the automatic response from the community seems to be to deny that this can happen and explain all the myriad ways that it's not possible. I know for a fact it's possible. I just don't know who is doing it to me, why or how to stop it. There's absolutely no accountability and no help From Apple so far. I can't seem to get to the right people, I'm an IT professional And the irony is that I actually do automated software testing for a living. Often on mobile devices, so I know very well what is it isn't possible. But trying to explain this and trying to get some sort of resolution from level 1 Apple support on the phone, via chat or going in person to the Apple store has absolutely zero benefit. I keep being told the same thing, that I need to call the police and its a legal issue. What do you think the police will do? They told me to go to the FBI. Lol. I have gone through the steps multiple times. I'm sure the FBI is going to prioritize me... so in essence I'm being told, I just have to live with this. I just have to except that somebody else is the God of my world now and that and how they simply decide to stop treating me like a science experiment, a rat in a cage. I just have to live with it. which is not a life worth living after years and years of having your privacy invaded, it's absolutely traumatizing.

oI need some way of verifying or proving that my device is receiving push notifications and that my settings and preferences are being automatically set and manipulated by someone who is not me. I hope that I read down further and find that someone else has offered a solution. But I have lost all faith over the last three years. I hope I'm wrong ....

Is there any way of being able to look up a device by serial number or IMEI or some other unique identifier and determine if the device is regjstered to an Apple developer account? There must be some correlation between an user enrolled device and a Apple developer account. Is there anyway to find that?

StalkedAndBothered wrote:

Is there any way of being able to look up a device by serial number or IMEI or some other unique identifier and determine if the device is regjstered to an Apple developer account? There must be some correlation between an user enrolled device and a Apple developer account. Is there anyway to find that?

On iOS 16 and iPadOS 16, either Developer mode is shown and is enabled in Settings, or it is disabled.

Why would you believe any such hypothetical list of developer-enabled devices?

This given you clearly don’t believe the current Developer Mode status display in Settings.

Where would that hypothetical list come from, if not from that Developer Mode setting?