Lockdown Mode disables a series of features that can be used to hack iPhone users is coming with the release of iOS 16, iPadOS 16, and macOS Ventura. However, the lack of these features also makes it easier to figure out who is using Lockdown Mode, according to a report at Motherboard.

Lockdown Mode is an extreme, optional protection for the very small number of users who face grave, targeted threats to their digital security, according to Ivan Krstić, Apple’s head of Security Engineering and Architecture.

“Apple makes the most secure mobile devices on the market. Lockdown Mode is a groundbreaking capability that reflects our unwavering commitment to protecting users from even the rarest, most sophisticated attacks,” said Krstić. “While the vast majority of users will never be the victims of highly targeted cyberattacks, we will work tirelessly to protect the small number of users who are. That includes continuing to design defenses specifically for these users, as well as supporting researchers and organizations around the world doing critically important work in exposing mercenary companies that create these digital attacks.”

Apple says Lockdown Mode offers an extreme, optional level of security for the very few users who, because of who they are or what they do, may be personally targeted by some of the most sophisticated digital threats, such as those from NSO Group and other private companies developing state-sponsored mercenary spyware. 

Turning on Lockdown Mode in iOS 16, iPadOS 16, and macOS Ventura further hardens device defenses and strictly limits certain functionalities, sharply reducing the attack surface that potentially could be exploited by highly targeted mercenary spyware according to Krstic. Per Apple, at launch, Lockdown Mode includes the following protections: 

  • Messages: Most message attachment types other than images are blocked. Some features, like link previews, are disabled.
  • Web browsing: Certain complex web technologies, like just-in-time (JIT) JavaScript compilation, are disabled unless the user excludes a trusted site from Lockdown Mode.
  • Apple services: Incoming invitations and service requests, including FaceTime calls, are blocked if the user has not previously sent the initiator a call or request.
  • Wired connections with a computer or accessory are blocked when iPhone is locked.
  • Configuration profiles cannot be installed, and the device cannot enroll into mobile device management (MDM), while Lockdown Mode is turned on.

Apple says it will continue to strengthen Lockdown Mode and add new protections to it over time. To invite feedback and collaboration from the security research community, Apple has also established a new category within the Apple Security Bounty program to reward researchers who find Lockdown Mode bypasses and help improve its protections. Bounties are doubled for qualifying findings in Lockdown Mode, up to a maximum of $2,000,000 — the highest maximum bounty payout in the industry.

However, if users enable Lockdown Mode, they will be easy to fingerprint and identify, according to a developer who created a proof of concept website that detects whether you have Lockdown Mode enabled or not. 

John Ozbay, the CEO of privacy focused company Cryptee, and a privacy activist, told Motherboard that any website or online ad can detect whether some regular features are missing, such as loading custom fonts, one of the features that Lockdown Mode disables. 

The article says there’s nothing Apple can do right now to mitigate this issue without fundamentally changing how Lockdown Mode works. 

Even if Apple doesn’t make any changes, Stortz hopes that if enough people turn on Lockdown Mode, everyone will blend in and it will be harder to be identified as an interesting target.




Article provided with permission from AppleWorld.Today