Who needs Lockdown Mode? Almost no one, Apple insists

From "Apple expands industry-leading commitment to protect users from highly targeted mercenary spyware" posted Wednesday in the Apple Newsroom.

Apple today detailed two initiatives to help protect users who may be personally targeted by some of the most sophisticated digital threats, such as those from private companies developing state-sponsored mercenary spyware. Lockdown Mode — the first major capability of its kind, coming this fall with iOS 16, iPadOS 16, and macOS Ventura — is an extreme, optional protection for the very small number of users who face grave, targeted threats to their digital security. Apple also shared details about the $10 million cybersecurity grant it announced last November to support civil society organizations that conduct mercenary spyware threat research and advocacy.

“Apple makes the most secure mobile devices on the market. Lockdown Mode is a groundbreaking capability that reflects our unwavering commitment to protecting users from even the rarest, most sophisticated attacks,” said Ivan Krstić, Apple’s head of Security Engineering and Architecture. “While the vast majority of users will never be the victims of highly targeted cyberattacks, we will work tirelessly to protect the small number of users who are. That includes continuing to design defenses specifically for these users, as well as supporting researchers and organizations around the world doing critically important work in exposing mercenary companies that create these digital attacks.”

Lockdown Mode offers an extreme, optional level of security for the very few users who, because of who they are or what they do, may be personally targeted by some of the most sophisticated digital threats, such as those from NSO Group and other private companies developing state-sponsored mercenary spyware. Turning on Lockdown Mode in iOS 16, iPadOS 16, and macOS Ventura further hardens device defenses and strictly limits certain functionalities, sharply reducing the attack surface that potentially could be exploited by highly targeted mercenary spyware.

My take: In three paragraphs, Apple mentions three times how few users are at risk. The company doth protest too much, methinks, because several of Lockdown's features would be welcomed by lots of users. They include:

  • Messages: Most message attachment types other than images are blocked. Some features, like link previews, are disabled.
  • Web browsing: Certain complex web technologies, like just-in-time (JIT) JavaScript compilation, are disabled unless the user excludes a trusted site from Lockdown Mode.
  • Apple services: Incoming invitations and service requests, including FaceTime calls, are blocked if the user has not previously sent the initiator a call or request.
  • Wired connections with a computer or accessory are blocked when iPhone is locked.
  • Configuration profiles cannot be installed, and the device cannot enroll into mobile device management (MDM), while Lockdown Mode is turned on.

3 Comments

  1. David Emery said:
    Yeah, I’ll definitely try this out, if for no other reason than to see what exactly -does break-.

    3
    July 6, 2022
  2. John Butt said:
    That’s a list that says “if you want to relax about the impact of growing levels of phishing and security breaks, then this is for you”

    Ie all of us

    2
    July 6, 2022
  3. Romeo A Esparrago Jr said:
    “Burner phone in foil bag” mode?

    3
    July 6, 2022

Leave a Reply