



Lockdown Mode is a new feature from Apple and we hope you never have to use it. But for those who do—journalists, politicians, lawyers, and human rights advocates—it’s the last line of defense against nation-state spyware designed to penetrate your iPhone’s protection.

The new security features were announced earlier this year as an “extreme” level of protection against spyware makers. Spyware makers are increasingly finding ways to remotely hack into iPhones without user interaction. These so-called zero-click attacks go unseen and exploit weaknesses in core iPhone functionality such as calling, messaging, and web browsing. Apple often fixes vulnerabilities discovered by security researchers who found evidence of spyware on victims’ phones. However, this is an ongoing chase between Apple and spyware makers that has targeted thousands of journalists, activists and human rights defenders in recent years.

What is lockdown mode?

Apple uses lockdown mode to give users the option to temporarily turn off some of the most abused device features with a simple button press (and reboot the device), allowing spyware to Makes it much harder to break in and siphon off your personal phone. data. Or, as Apple calls it, “significantly reducing the attack surface that can be potentially exploited by highly targeted mercenary spyware”.

TechCrunch tested lockdown mode using an iPhone running the public beta of Apple’s iOS 16, which includes the new mode. Lockdown mode will start after some disclaimers and a device reboot,[設定]You can turn it off again from the menu.

This mode limits what you can do and who you can contact, but it’s a trade-off for having a much more secure iPhone, and as was thought when this feature was first announced, iPhone I didn’t find it overly prohibited or frustrating to use in lockdown mode. .

The idea is to power as many routes from the Internet to your iPhone, iPad, or Mac as possible without unduly reducing the usability of the device. In other words, block contacts from people you don’t know so only people you know can call or message you. As the saying goes, your mileage can vary in that your experience can vary depending on your needs.

One of the first things you’ll notice is that lockdown mode turns off link previews in text messages. This has been shown to reveal an individual’s anonymity by obtaining their IP address. This mode does not block links, only previews, so you can copy and paste the web address into your browser. While this adds a moment of inconvenience for users, it makes it much more difficult for attackers to penetrate where they once succeeded.

Lockdown Mode also changes the way the Safari browser works, disabling certain features that can affect some websites and completely break others. Web pages that rely on the browser’s more complex web technologies, such as web-based fonts and just-in-time compilers to make websites load faster, are rendered but not rendered properly or loaded at all. There is a possibility.

Turning off the Just-In-Time (or JIT) compiler slows down some websites, but malicious websites can bypass the browser’s protective sandbox and access other parts of your device’s data. You can prevent execution of JavaScript code. Some websites load custom font files over the internet to give them a pristine look, but fonts can also contain malware that can remotely execute malicious code on your device.

Safari says “Lockdown Mode” when the feature is turned on. TechCrunch loads pretty well, and if you can’t download fonts over the internet, you’ll notice that the page looks slightly different because browsers rely on built-in fonts. You can also set specific sites as “trusted” in lockdown mode. This allows you to bypass restrictions on sites that are known to be safe.

front and back

Even if a feature becomes unavailable, such as shared photos that seem to mysteriously disappear from the phone in lockdown mode, the device usually alerts the user when the feature is actively initiated. .

When lockdown mode is enabled, you may find that you cannot receive FaceTime calls from contacts you have never communicated with before. It is designed to protect against zero-click attacks that exploit weaknesses in FaceTime and iMessage known to be used by spyware makers such as NSO Group and Candiru. It also prevents you from opening attachments such as documents and files as they may contain malicious code that can compromise your device. While lockdown mode is in effect, you won’t be able to receive invitations to his Apple services like Calendar and Notes from someone you haven’t contacted before. Nor can I install a new configuration profile to join a new work or school network. A villain for remotely controlling a person’s device.

Most of the features that are blocked or restricted make it more difficult for attackers and spyware makers to remotely hack into an iPhone over the Internet or cell networks, but they also block wired connections to the device, making it easier to access your phone or computer. prevent anyone from having physical access to It uses phone cracking techniques to prevent content from being downloaded.

Lockdown mode may be an implicit acknowledgment that Apple cannot protect against all spyware makers and malware threats. However, this is not a denial of the existence of the problem, but a sign that the problem is being tackled head-on. Lockdown Mode is coming to iOS 16 and macOS Ventura later this year.

