Apple will switch to randomized serial numbers in early 2021

Posted:
in Current Mac Hardware
Apple will soon be changing the way serial numbers of Macs and MacBooks are created, with a switch to randomized numbers in early 2021 making it harder to suss out details about a device.




Currently, the serial number of Apple products use a format that can provide more information about the device. The existing string can be used to work out when and where a device was produced, as well as configuration codes that reveal the model and storage capacity of the device.

In a change to that structure, Apple will be switching over to a new serial number format that consists of a random alphanumeric string between 8 characters and 14 character in length. The internal AppleCare email seen by MacRumors explains it will be scheduled for introduction in "early 2021," and will initially use serial numbers that are 10 digits in length.

The introduction was originally set to take place in early 2020, but the COVID-19 pandemic forced Apple to delay its implementation by a year. Currently-shipping Apple products will continue using the existing format, but future products will switch to the new version.

The change in format will effectively make it impossible to gleam details of the location of manufacture and the week and year of production, details that can be determined with the current system.

Other unique identifiers, such as the IMEI number of an iPhone, will remain unchanged in their current format.
«1

Comments

  • Reply 1 of 27
    crowleycrowley Posts: 10,453member
    I’ve never heard any concerns about serial numbers before?

    Seems like it’ll make it harder to do serial number checks for repairs, trade-ins or recalls. 
    darkvaderdysamoria
  • Reply 2 of 27
    mike1mike1 Posts: 3,409member
    crowley said:
    I’ve never heard any concerns about serial numbers before?

    Seems like it’ll make it harder to do serial number checks for repairs, trade-ins or recalls. 

    I wouldn't think so. The serial numbers are kept in a database and they make you enter the s/n anyway.
    StrangeDays
  • Reply 3 of 27
    Interesting and odd. I wonder what problem this solves? Anyway, I think you meant to use the word "glean" not "gleam". 
    llamadarkvaderStrangeDaysdysamoriawatto_cobrajony0
  • Reply 4 of 27
    digitoldigitol Posts: 276member
    Lame. Security through obscurity not good. Apple may also be trying to disrupt the second market and further crush right to repair. Shrugs. Sad. 
    darkvaderlkruppdysamoriaelijahg
  • Reply 5 of 27
    hammeroftruthhammeroftruth Posts: 1,348member
    digitol said:
    Lame. Security through obscurity not good. Apple may also be trying to disrupt the second market and further crush right to repair. Shrugs. Sad. 
    How would that disrupt those things you mentioned?  They’re just changing the way they make serial numbers. It could be the the current way is about to run out of numbers, much like phone numbers did back in the 90’s and the phone carriers had to make new area codes. 

    Secondary markets will move with Apple in determining what configuration you are buying or selling. Plus if you are buying from a private individual, and have an Apple store nearby, they can give you the details of the configuration and if the device is in warranty or not. 

    Serial numbers should not affect right to repair. The way the devices are assembled and repaired by Apple will. 
    viclauyycdoozydozenStrangeDayswatto_cobrajony0
  • Reply 6 of 27
    jdwjdw Posts: 1,417member
    I've seen a lot of screencasts on YouTube where people blur out their S/N for reasons I never could understand. As if someone would see that S/N and then appear at your front door the next morning!  Sorry but that isn't happening.  Well, perhaps this change will eliminate blurred out info on screencasts once and for all.  

    As to being able to look up details of a machine by S/N, if that aspect goes away, what replaces it?  Meaning, how would one quickly determine details of their machine in a similarly easy manner via a third party like EveryMac?

    https://everymac.com/ultimate-mac-lookup/


    viclauyyc
  • Reply 7 of 27
    chadbagchadbag Posts: 2,023member
    jdw said:
    I've seen a lot of screencasts on YouTube where people blur out their S/N for reasons I never could understand. As if someone would see that S/N and then appear at your front door the next morning!  Sorry but that isn't happening.  Well, perhaps this change will eliminate blurred out info on screencasts once and for all.  

    As to being able to look up details of a machine by S/N, if that aspect goes away, what replaces it?  Meaning, how would one quickly determine details of their machine in a similarly easy manner via a third party like EveryMac?

    https://everymac.com/ultimate-mac-lookup/


    The reason people blur out their SN is so that dishonest people don’t generate fake paperwork to claim ownership and then file a stolen item report and claim you stole it.  That sort of thing. 
    viclauyycbyronlFileMakerFellerStrangeDaysdysamoriapscooter63
  • Reply 8 of 27
    auxioauxio Posts: 2,754member
    digitol said:
    Lame. Security through obscurity not good. Apple may also be trying to disrupt the second market and further crush right to repair. Shrugs. Sad. 
    And this is how conspiracy theories get started.  Random paranoid thoughts with no justification.

    The rationale is right there in the article:
    The existing string can be used to work out when and where a device was produced, as well as configuration codes that reveal the model and storage capacity of the device. 
    I'm thinking that if someone figured out the algorithm for generating serial numbers this way, they could build knock-off Macs which appear legit from the serial number, create new serial numbers for stolen Macs, etc.  Randomize the serial numbers and it becomes much harder to do that.
    dewmeviclauyycdoozydozenchadbagFileMakerFellerStrangeDayspscooter63jony0
  • Reply 9 of 27
    dewmedewme Posts: 5,677member
    This shouldn't be a big deal and will have minor benefits, assuming everyone needing to check a serial number for validity or authorization purposes. e.g., warranty repairs, has access to Apple's global database. The current serial numbers convey information about the product itself (as mentioned in the article) such as product type, manufacturing location, manufacturing date, and configuration. In essence, current serial numbers convey somewhat of a schema for a group of products. 

    A potential problem with the current serial number schema is that counterfeiters can manufacture serial numbers that match Apple's serial number schema for their counterfeit products. Even though the full "fake" serial number is invalid, the schema parts of the full serial number still fit Apple's schema. This invalid but schema conformant serial number could be interpreted by someone as a cursory level of validation when trying to quickly determine whether a product is fake. Even though it is still a weak level of validation, someone under time pressure or faced with a big load of products to validate may decide the cursory validation check is "good enough" and not dig any deeper. Digging deeper would require an explicit check of the serial number against Apple's database.    

    If every serial number is opaque and does not carry any implicit schema information at all every serial number validation check will have to be checked against Apple's database. This removes a potential shortcut that someone validating serial numbers may have been able to exploit in the past. Of course there are plenty of other shortcuts that people trying to validate an Apple product for authenticity can still use, like "it kind of looks like a real iPhone." Can't plug every hole.

    From a legitimate customer/legitimate product perspective this means that every product recall that only affects a certain batch of products, say by manufactured date or manufactured location, will have to be individually and explicitly checked against Apple's database. Apple won't be able to issue any statements to the effect that only a range of serial numbers, manufacturing window, etc., are affected by a service bulletin or recall. This may be less of an issue for end users because Apple tends to make you submit the serial number, but I imagine some Apple support people may have been aware of the serial number schema to quickly determine whether specific products presented for service or replacement were actually affected by the recall.
    edited March 2021 muthuk_vanalingamFileMakerFellerpscooter63
  • Reply 10 of 27
    macguimacgui Posts: 2,418member
    To be very slightly cynical, this new schema might make it near impossible to get the iPhone with the "good" modem, let alone know what modem is in your phone.

    The same could apply to any component in any Apple product. I don't know this was Apple's either primary or motivation or even a consideration. But this seems as though it could be a benefit Apple without being a material detriment to customers, wether by design or coincidence. I wish somebody at Apple would explain the why of this move.
  • Reply 11 of 27
    rcfarcfa Posts: 1,124member
    Just damn obnoxious: it solves NO problem, but it PREVENTS some problem from being solved.
    You can’t check for a range of serial numbers with premature battery failures, etc. anymore: it obscures patterns in hardware problems for anyone but Apple which will hardly voluntarily share them 😡🤬
    dysamoriaelijahg
  • Reply 12 of 27
    dewmedewme Posts: 5,677member
    macgui said:
    To be very slightly cynical, this new schema might make it near impossible to get the iPhone with the "good" modem, let alone know what modem is in your phone.

    The same could apply to any component in any Apple product. I don't know this was Apple's either primary or motivation or even a consideration. But this seems as though it could be a benefit Apple without being a material detriment to customers, wether by design or coincidence. I wish somebody at Apple would explain the why of this move.

    I was also thinking about the cherry picking aspects of this, because I've taken advantage of cherry picking with other products, but I couldn't think of a major Apple product purchase where I've been able to pick through the inventory to find the preferred unit in a pool of what's available.

    My naive expectation is that once you have the full product serial number, whether or not the serial number conveys any schema, you will be able to retrieve all the details related to your product. Apple obviously has all of the product data linked to every specific product instance for product (and information) quality reasons. I guess the question is whether Apple will make all of the product details available to anyone who supplies a valid serial number.

  • Reply 13 of 27
    flydogflydog Posts: 1,138member
    digitol said:
    Lame. Security through obscurity not good. Apple may also be trying to disrupt the second market and further crush right to repair. Shrugs. Sad. 
    Zero connection between a serial number scheme for an electronic device and the ability to repair that device. Zero. 
    StrangeDayspscooter63
  • Reply 14 of 27
    digitol said:
    Lame. Security through obscurity not good. Apple may also be trying to disrupt the second market and further crush right to repair. Shrugs. Sad. 
    This is not an example of security thru obscurity. 
    StrangeDayspscooter63
  • Reply 15 of 27
    Random serial number is an oxymoron. It will also make it harder for analysts to monitor/estimate sales by sampling SNs. 
    FileMakerFellerpscooter63jony0
  • Reply 16 of 27
    MplsPMplsP Posts: 4,000member
    The only possible rationale I can think of for this would be the above mentioned counterfeiting issue, but honestly, all a counterfeiter needs to do is get ahold of a couple of valid serial numbers, and how hard would that be? This new schema wouldn’t prevent anything. 
    dysamoriaelijahg
  • Reply 17 of 27
    avon b7avon b7 Posts: 7,972member
    dewme said:
    This shouldn't be a big deal and will have minor benefits, assuming everyone needing to check a serial number for validity or authorization purposes. e.g., warranty repairs, has access to Apple's global database. The current serial numbers convey information about the product itself (as mentioned in the article) such as product type, manufacturing location, manufacturing date, and configuration. In essence, current serial numbers convey somewhat of a schema for a group of products. 

    A potential problem with the current serial number schema is that counterfeiters can manufacture serial numbers that match Apple's serial number schema for their counterfeit products. Even though the full "fake" serial number is invalid, the schema parts of the full serial number still fit Apple's schema. This invalid but schema conformant serial number could be interpreted by someone as a cursory level of validation when trying to quickly determine whether a product is fake. Even though it is still a weak level of validation, someone under time pressure or faced with a big load of products to validate may decide the cursory validation check is "good enough" and not dig any deeper. Digging deeper would require an explicit check of the serial number against Apple's database.    

    If every serial number is opaque and does not carry any implicit schema information at all every serial number validation check will have to be checked against Apple's database. This removes a potential shortcut that someone validating serial numbers may have been able to exploit in the past. Of course there are plenty of other shortcuts that people trying to validate an Apple product for authenticity can still use, like "it kind of looks like a real iPhone." Can't plug every hole.

    From a legitimate customer/legitimate product perspective this means that every product recall that only affects a certain batch of products, say by manufactured date or manufactured location, will have to be individually and explicitly checked against Apple's database. Apple won't be able to issue any statements to the effect that only a range of serial numbers, manufacturing window, etc., are affected by a service bulletin or recall. This may be less of an issue for end users because Apple tends to make you submit the serial number, but I imagine some Apple support people may have been aware of the serial number schema to quickly determine whether specific products presented for service or replacement were actually affected by the recall.
    I'm not sure that will help much. All serial numbers for all devices are still visible on their boxes. It would be easy for counterfeiters to collect enough 'valid' serial numbers for their wares even if they simply repeat some of them. 
    muthuk_vanalingamjony0
  • Reply 18 of 27
    dewmedewme Posts: 5,677member
    avon b7 said:
    dewme said:
    This shouldn't be a big deal and will have minor benefits, assuming everyone needing to check a serial number for validity or authorization purposes. e.g., warranty repairs, has access to Apple's global database. The current serial numbers convey information about the product itself (as mentioned in the article) such as product type, manufacturing location, manufacturing date, and configuration. In essence, current serial numbers convey somewhat of a schema for a group of products. 

    A potential problem with the current serial number schema is that counterfeiters can manufacture serial numbers that match Apple's serial number schema for their counterfeit products. Even though the full "fake" serial number is invalid, the schema parts of the full serial number still fit Apple's schema. This invalid but schema conformant serial number could be interpreted by someone as a cursory level of validation when trying to quickly determine whether a product is fake. Even though it is still a weak level of validation, someone under time pressure or faced with a big load of products to validate may decide the cursory validation check is "good enough" and not dig any deeper. Digging deeper would require an explicit check of the serial number against Apple's database.    

    If every serial number is opaque and does not carry any implicit schema information at all every serial number validation check will have to be checked against Apple's database. This removes a potential shortcut that someone validating serial numbers may have been able to exploit in the past. Of course there are plenty of other shortcuts that people trying to validate an Apple product for authenticity can still use, like "it kind of looks like a real iPhone." Can't plug every hole.

    From a legitimate customer/legitimate product perspective this means that every product recall that only affects a certain batch of products, say by manufactured date or manufactured location, will have to be individually and explicitly checked against Apple's database. Apple won't be able to issue any statements to the effect that only a range of serial numbers, manufacturing window, etc., are affected by a service bulletin or recall. This may be less of an issue for end users because Apple tends to make you submit the serial number, but I imagine some Apple support people may have been aware of the serial number schema to quickly determine whether specific products presented for service or replacement were actually affected by the recall.
    I'm not sure that will help much. All serial numbers for all devices are still visible on their boxes. It would be easy for counterfeiters to collect enough 'valid' serial numbers for their wares even if they simply repeat some of them. 

    Yes, counterfeiters could "capture" one valid serial number for every product type and variation they wish to fake and reuse these valid serial numbers multiple times, just like we've seen for decades with software product activation keys. This would carry the risk of customs inspectors noticing that an entire shipment of fake products all have the same serial number. Minor concern. As I mentioned, this change by Apple only has potential "minor benefits." If we know anything about counterfeiters, and other such criminals, we know that they are, at worst, no more than a half step behind the people working diligently to beat them back. Human ingenuity is not exclusive to the good guys.

    I still remember going to a particular "tech mall" in a big Asian country, which happened to be in the basement/lower level of a larger mall, and being blown away by how refined, well packaged, impeccably presented, and organized all of the products were. Incredible prices. They had every current movie you can imagine, even pre-release movies, all packaged up in fancy shrink wrapped boxes with what looked like holographic seals, authentic looking labels, and everything you'd expect to see if you were going through the racks of movie DVDs at Best Buy. The prices for movie DVDs were less than $2.00 USD equivalent ... and some of the movies had not yet hit the theaters, so you can make the call on whether they were legit copies or not. At least for a small sample I knew about, they were exactly the same DVDs you'd be getting in Best Buy in a few weeks or months, not bootlegged recordings, but the real stuff somehow siphoned from the production process.

    Similar deals on high end software. Need an activation key, no problem. For software that required a "phone home" activation they typically included a little server that you could install that would spoof the activation check, or would do so until the legitimate vendor found a way to break it. Face it, if you're paying $5 for a $1200 software product, it's probably not legit. Yeah, they also had fake iPhones running a skinned Android that kinda-sorta-if-you-squint looked like a real iPhone running iOS.

    The irony of the whole thing, and what really sticks in my head, was that to get into the "magic video store that sells unreleased movies on DVD" you had to knock on a door at the end of a hallway. The door had a little sliding window in it. You knock on the door, the little window slides open, and they'd "check you out." Of course you had to bring a local colleague who spoke the language and knew the right words to get in. About two doors before you got to the "secret" door was a glass store front with official looking plaque on the glass. Behind the glass was a nearly empty space with just a single desk in the middle of it. No cabinets, no book cases, nothing except the desk. At the empty desk sat a fully uniformed agent, sitting there staring out the front of the store, who I later learned was there to enforce copyright rules and prevent counterfeiting and other such nefarious activities from taking place in the mall. He looked rather spiffy in his uniform, big hat and all, and was obviously holding down the fort rather nicely.



    edited March 2021 FileMakerFellerelijahg
  • Reply 19 of 27
    gatorguygatorguy Posts: 24,595member
    Random serial number is an oxymoron. It will also make it harder for analysts to monitor/estimate sales by sampling SNs. 
    I agree with you 100%. It has more to do with putting up a roadblock for estimating sales for particular devices than anything else. 
    elijahgjony0
  • Reply 20 of 27
    1348513485 Posts: 362member
    gatorguy said:
    Random serial number is an oxymoron. It will also make it harder for analysts to monitor/estimate sales by sampling SNs. 
    I agree with you 100%. It has more to do with putting up a roadblock for estimating sales for particular devices than anything else. 
    The analysts' estimates are utter nonsense in any event.
    StrangeDaysjony0
Sign In or Register to comment.