Apple’s Lockdown Mode aims to combat spyware threats: The surveillance industry for hire In recent years, it has emerged as a very real threat to activists, dissidents, journalists, and human rights defenders around the world, as vendors offer governments increasingly aggressive and effective spyware. These highly sophisticated tools, such as NSO Group’s infamous Pegasus spyware, target victims’ smartphones using rare and sophisticated exploits to compromise Apple’s iOS and Google’s Android mobile operating systems. As the situation for victims has deteriorated, activists and security experts have increasingly called for more stringent measures to protect vulnerable people. Now Apple has an option.
Apple New Feature – Lockdown Mode
Today, Apple announced a new feature called Lockdown Mode for its upcoming iOS 16 release. The feature is designed for a small subset of users who are at high risk of being targeted by the government, and Apple stresses that it does not expect the feature to be widely adopted. But for those who want to use it, the feature is an alternate mode of iOS that drastically limits the tools and services that spyware actors can target to control victims’ devices.
“This is an unprecedented step for consumer safety for high-risk consumers,” Ron Deibert, director of the University of Toronto’s Citizen Lab, said in a call with reporters before the announcement. “I believe this will throw a wrench in their operations.” I hope so [spyware vendors] to try to improve, but hopefully, this feature will prevent some of those pitfalls from happening down the road.
Lockdown mode is a special operating system mode. To turn it on, users will be prompted to enable the feature in the Settings menu and then restart their device for all physical and digital protections to take full effect. The feature imposes restrictions on the leakiest parts of the operating system’s sieve. Safari’s Lockdown Mode attempts to comprehensively address threats from web browsing, for example, by blocking many of the speed and efficiency features that Safari (and WebKit) uses to render webpages.
Users can reliably locate a specific webpage so it loads normally, but by default, lockdown mode imposes a host of restrictions that extend to wherever WebKit is working behind the scenes. In other words, when you load web content in a third-party app or an iOS app like Mail, the same Lockdown Mode protections apply.
Lockdown mode also restricts all types of incoming invites and requests, unless the device has previously initiated a request. That means your friend can’t call you on FaceTime, for example, unless you call them. And to take it a step further, even if you initiate an interaction with another device, Lockdown Mode will only honor that connection for 30 days.
If you haven’t spoken to a certain friend for weeks, you should regain contact before they contact you again. In messages—a frequent target for spyware exploitation—lockdown mode doesn’t show link previews and blocks all attachments except some trusted image formats.
Lockdown mode also strengthens other protections. For example, when a device is locked, it cannot accept connections from anything physically plugged into it. And, importantly, a device that isn’t already registered with one of Apple’s enterprise mobile device management (MDM) programs can’t be added to one of these schemes after turning on lockdown mode. If your company gives you a phone enrolled in corporate MDM, it will be active if you enable lockdown mode.
Your MDM manager cannot remotely turn off lockdown mode on your device. But if your phone is just a normal consumer device and you put it in lockdown mode, you won’t be able to activate MDM. This is important because attackers trick victims into enabling MDM to gain the ability to install malicious apps on their devices.