The paid surveillance As vendors provide increasingly intrusive and potent spyware to governments, business has emerged in recent years as a very real threat to activists, dissidents, journalists, and human rights defenders worldwide. The most advanced of these tools, like the infamous Pegasus spyware from NSO Group, target victims’ smartphones using uncommon and advanced exploits to compromise Google’s Android and Apple’s iOS mobile operating systems. Activists and security experts have urged more drastic action to protect the most vulnerable people as the situation for victims has gotten worse. Apple now has a choice.
Lockdown Mode is a brand-new feature that Apple is announcing today for the upcoming iOS 16 release. Apple emphasizes that the feature was made for a small group of users who are at a high risk of being targeted by the government and that it is not anticipated to be widely used. However, the feature is an alternative iOS mode that severely limits the tools and services that spyware actors target to take over victims’ devices, making it available to those who want to use it.
Before the announcement, Ron Deibert, director of the Citizen Lab at the University of Toronto, told reporters on a conference call that “this is an unprecedented step for user security for high-risk users.” “I think this will make their plan of attack difficult. Although I anticipate [spyware vendors] to make an effort to change, hopefully this feature will stop some of those negative effects from occurring in the future.
A different operating system mode is called Lockdown Mode. Users must restart their device after turning it on in order for all of the security measures to take effect. Users can enable the feature in the Settings menu. The feature imposes restrictions on the operating system’s leakiest areas. By disabling many of the speed and efficiency features that Safari (and WebKit) use to render webpages, Lockdown Mode tries to address threats from web browsing in a comprehensive manner. Users can designate a specific webpage as trusted to enable normal loading, but by default, Lockdown Mode imposes a number of restrictions that cover all areas where WebKit is active in the background. In other words, the same Lockdown Mode security measures will be in place when you load web content in a third-party app or an iOS app like Mail.
Unless the device has already initiated a request, Lockdown Mode also restricts all incoming invitations and requests. As a result, if you’ve never called your friend, they won’t be able to call you on FaceTime, for example. And to go even further, Lockdown Mode only recognizes a connection for 30 days even when you start a conversation with another device. After that, if you don’t speak to that friend for a few weeks, you’ll have to make contact with them once more before they can get in touch with you. Lockdown Mode disables link previews and blocks all attachments in Messages—a platform where spyware is frequently used—apart from a few trusted image formats.
Other safeguards are strengthened by Lockdown Mode as well. For instance, when a device is locked, nothing physically plugged into it will be able to connect to it. Importantly, once Lockdown Mode is activated, a device that hasn’t already registered with one of Apple’s enterprise mobile device management (MDM) programs cannot be added to one of these plans. This means that if you enable Lockdown Mode on a phone that your employer has registered in the corporate MDM, it will continue to function. Additionally, your device’s Lockdown Mode cannot be turned off remotely by the MDM manager. However, you won’t be able to activate MDM if your phone is just a typical consumer device and is placed in Lockdown mode. This is significant because attackers will con victims into enabling MDM in order to gain access to their devices and install malicious apps.