What is iOS Lockdown Mode?
iOS Lockdown Mode is a security feature that allows users to put their devices into a hyper-secure state. The aim is to protect high-risk users from targeted, sophisticated cyberattacks.
Lockdown Mode works by restricting normal iOS (and iPadOS and macOS) functionality in order to head off potential avenues for attack. The beta version of the feature does the following:
- Blocks message attachment types other than images and disables link previews. These have been sources of iOS security vulnerabilities in the past.
- Disables web technologies like just-in-time (JIT) compilers, which have been found to contain vulnerabilities.
- Blocks inbound FaceTime calls and other Apple services requests. The user has to initiate contact.
- Blocks wired connections between an iPhone and other devices when the iPhone is locked. This is most likely a way to thwart third-party tools that can give unauthorized users access to a locked iPhone.
- Blocks configuration profiles and mobile device management (MDM) enrollment. These (legitimate) device-management tools are sometimes used by bad actors to compromise iPhones.
Why is Lockdown Mode necessary?
iOS is very secure — in general. But like any computing platform, it will have exploitable security vulnerabilities from time to time.
The problem is that people have come to think of their very secure iPhones as immune to security threats. Not true. And unfortunately, there is a large commercial spyware industry dedicated to finding and exploiting mobile device vulnerabilities, iOS included, and selling these exploits to the highest bidder.
The spyware manufacturers say that they’re only providing governments with tools to fight crime and terrorism. But security researchers and journalists have shown that commercial spyware is frequently used by repressive regimes to monitor reporters and surveil political opposition figures.
Lockdown Mode helps such high-risk users shut off common avenues of attack used by surveillanceware manufacturers.
Who is Lockdown Mode for?
Let’s be clear: Most users don’t have to worry about a highly targeted attack that could hack an iPhone. But high-risk people — including journalists, human rights activists, and political dissidents in repressive countries — are another matter entirely.
For these individuals, iPhone security is a high-stakes affair; in some cases, it is literally a matter of life and death. This is why Apple is offering this new, higher-security version of iOS.
For everyday users, Lockdown Mode is almost certainly overkill. Nevertheless, all iPhone users should be aware that iOS devices have vulnerabilities, and take steps to protect their security and privacy. For further reading on this topic, check out Checklist 221: A Trio of Privacy Checklists from Apple and How to Check for Stalkerware on an iPhone.
The future of mobile device security
According to Apple, the version of Lockdown Mode coming in iOS 16 is only the beginning. The company says that it is committed to the security of high-risk users, and is taking concrete action to help.
To begin with, Cupertino says that it will continue to strengthen Lockdown Mode. It will add more features in the future based on security community and user feedback. In addition, the Apple Security Bounty program will pay doubled rewards to anyone who finds a Lockdown Mode bypass. The maximum bounty payment in this category is a whopping $2 million!
In addition, Apple says it will make a $10 million grant to assist organizations working to “investigate, expose, and prevent highly targeted cyberattacks”. To learn more about the grant, visit Apple’s newsroom page.