- Apple is launching a “lockdown mode” for its devices.
- Lockdown Mode will also prevent iPhones and Macs from installing configuration profiles.
- Apple is typically quick to release security updates for its devices.
Apple is launching a “lockdown mode” for its devices to protect people – including journalists and human rights activists – targeted by hacking attacks like those launched by government clients of NSO Group using its Pegasus spyware. The company will roll out the setting in the autumn and believes it would have prevented previously known spyware attacks by closing down technical avenues for digital espionage. It said the lockdown mode was intended for users who face “grave, targeted threats to their digital security”.
Spyware makers like NSO Group, Candiru and Cytrox build the exploits that punch through a device’s security protections in order to plant spyware on behalf of their government clients. Apple is typically quick to release security updates for its devices, but wider efforts to bolster its iPhone security exploits against these kinds of exploits have not always been successful. The technology giant said the new feature is an “extreme optional protection” for device owners who are more likely to be targeted by nation states using powerful spyware, like journalists, activists and human rights defenders.
In rolling out “Lockdown Mode,” those who are subject to targeted hacking attempts can immediately disable a number of features, such as limiting what code can run in apps and on websites and vastly limit other areas of Apple software, such as iMessage and FaceTime, which have been abused by spyware makers to create exploits able to plant spyware on iPhones.
Apple adding Lockdown Mode to iPhone
Lockdown Mode will also prevent iPhones and Macs from installing configuration profiles, typically used by organizations to roll out settings and security protections across fleets of devices but also abused by consumer-grade spyware to monitor and secretly download the contents of a victim’s devices. Wired connections are also blocked when Lockdown Mode is enabled, preventing hardware forensic tools from downloading a device’s data.
Here’s how it works: If users believe they may be at risk of, or are notified that they are victims of a spyware attack (something Apple has been doing since November 2021), they can quickly enable Lockdown Mode, which is located in the Privacy & Security section of the Settings app. Once users select Lockdown Mode, their iPhone, iPad, or Mac will restart and the following features will be unavailable:
- All message attachments in the Messages app—except for photos—from all senders
- FaceTime calls from people you have not FaceTimed before
- Shared photo albums and new Shared Albums requests in the Photos app
- Wired connections from an iPhone to another device (via a USB cable), if the iPhone is locked
- Invitations in Apple Services from people you have not interacted with before
- Configuration profiles, such as those used by VPNs or school networks.
Thanks for Reading!!