Apple’s new iOS 16 Lockdown Mode is powerful security – but there’s a catch

When Apple’s iOS 16 arrives this fall, so too will Apple’s most powerful security setting ever: Lockdown Mode.

The new security mode, which will also appear in macOS Ventura and iPadOS 16, is not for everyone. In fact, you might argue it’s for a select few: those who believe they could be targeted by state-sponsored cybersecurity attacks. In other words, this is software for the President of the United States. It might also be for the head of your local power authority, water treatment plant, or a journalist covering the war in Ukraine. And thanks to Apple, anyone with an iPhone, it seems.

Lockdown Mode is Apple’s new hardcore approach to security that, when enabled on an iPhone, will introduce five key protections, any one of which might make your iPhone less useful and fun, but also, apparently, a whole lot more secure.

These protections include:

  • Most message attachment types other than images are blocked and link previews are disabled.
  • In Safari, some web technologies, including just-in-time (JIT) JavaScript compilation, are disabled. Though you can exclude a trusted site from Lockdown mode.
  • It disables or blocks some Apple services like requests for incoming FaceTime calls from unknown callers (ones  where you haven’t previously initiated a Facetime call)
  • Wired connections with a computer or accessory are blocked when iPhone is locked.
  • You can’t install configuration profiles and won’t be able to enroll the device in mobile device management (MDM) when Lockdown Mode is enabled.

Together, all of these could significantly reduce attack avenues on your iPhone, and on your iPad and Mac, if you enable it on those systems, too.

In a release on Lockdown Mode, Apple says adding all three platforms to the security matrix “further hardens device defenses and strictly limits certain functionalities, sharply reducing the attack surface that potentially could be exploited by highly targeted mercenary spyware.”

While this level of restricted access would feel like overkill for the average consumer or business person, many folks will find this Lockdown Mode useful, including those whose phones are connected to a variety of apps, services, and contacts relating to government, law enforcement, infrastructure, human rights groups, and news reporting.

Apple has a target

Last year, Apple informed thousands of iPhone users, including government officials, that they’d been targeted by “state-sponsored attackers.” In November 2021, Apple sued NSO, the company it believes was responsible for creating the surveillance software, a charge NSO has denied.

Apple is nonetheless tying this security initiative to that battle, noting that, in addition to Lockdown Mode — which is clearly designed to harden the iPhone against possible NSO-like attacks — it’s making a $10 million grant (and adding any money it gets out of the NSO lawsuit) to The Dignity and Justice Fund.

In a press release announcing Lockdown Mode, Lori McGlinchey, the Ford Foundation’s director of its Technology and Society program, noted that global spyware targets “human rights defenders, journalists, and dissidents,” and that her organization “is proud to support this extraordinary initiative to bolster civil society research and advocacy to resist mercenary spyware.”

iOS 16 Lockdown Mode

Apple iOS 16 Lockdown Mode (Image credit: Apple)

Lockdown Mode arrives as something of a surprise since it wasn’t announced or even teased at WWDC 2022. Plus, it’s the rare bit of Apple platform programming that intentionally lacks broad appeal.

Ivan Krstić, Apple’s head of Security Engineering and Architecture, noted in the release, “While the vast majority of users will never be the victims of highly targeted cyberattacks, we will work tirelessly to protect the small number of users who are.”

For those working on the front line of human rights, Lockdown Mode might be a low-cost and efficient way of protecting their phones. It might also be a little too restrictive; there’s a chance that it might be more effective in an official capacity.

Back in the day,  government officials, including the US President, were handed specialized and highly-secure phones, though some reportedly kept using their personal iPhones. iOS 16 Lockdown Mode might be a way of giving officials their iPhone cake, while eating securely, too.

Go to Source
Author: