Hands-on with Lockdown Mode in iOS 16 – TechCrunch

Lock mode is a new Apple feature that you should hope you never need to use. But for those who do, like journalists, politicians, lawyers and human rights advocates, it’s a last line of defense against nation-state spyware designed to break through the protections of a iPhone.

The new security feature has been announced earlier this year as an “extreme” level of protection against spyware makers who were increasingly finding ways to remotely hack iPhones without any user interaction. These so-called no-click attacks are invisible and exploit weaknesses in basic iPhone functionality, such as calling, messaging, and web browsing. Apple fixes vulnerabilities as they are discovered, often by security researchers who find evidence of spyware on victims’ phones. But it’s a hot pursuit between Apple and the spyware makers that targeted thousands of journalists, activists and human rights defenders during the last years.

What is lock mode?

With Lock Mode, Apple offers users the ability to temporarily disable some of the device’s most used features by pressing a button (and restarting the device) to make it much more difficult for spyware to penetrate and siphon. from your private phone. The data. Or, as Apple calls it, “dramatically reduce the attack surface that could potentially be exploited by highly targeted mercenary spyware.”

TechCrunch Tried Lock Mode Using a Running iPhone Apple’s iOS 16 public beta, which includes the new mode. Lockdown mode activates after certain disclaimers and restarting the device, and can be deactivated again through the Settings menu.

Although the mode limits what you can do and who can contact you – that’s the trade-off for having a much more secure iPhone – we didn’t find using our iPhone in lock mode to be too prohibitive or frustrating. as thought when the feature was first announced.

The idea is to consolidate as many routes as possible to your iPhone, iPad, or Mac from the Internet without degrading the usability of the device too much. This means blocking contacts from people you don’t know so that only people you know can call or message you. As the saying goes, your mileage may vary, in the sense that your experience may differ depending on your needs.

One of the first things you’ll notice is that lockdown mode disables link previews in text messages, which have been shown to unmask someone’s anonymity by get his IP address. The mode doesn’t block the link, just the preview, so you can still copy and paste the web address into your browser. This adds a moment of inconvenience to the user, but makes it much harder for attackers to break into where they’ve already been successful.

A screenshot showing a preview of the link in Messages and a static URL in its place in lockdown mode.

Link previews are blocked when lockdown mode is enabled. Picture credits: Tech Crunch.

Lockdown mode also changes how the Safari browser works, disabling certain features that may affect some websites or completely damage others. You will see some web pages that rely on more complex web technologies in your browser, such as web fonts and just-in-time compilers that help websites load faster, may not display correctly or not charging at all.

Disabling just-in-time (or JIT) compilers will slow down some websites, but will prevent malicious JavaScript code to run that can escape your browser’s protective sandbox and gain access to other parts of your device’s data. Some websites load custom font files from the internet to make them look like they’re supposed to, but fonts can also be full of malware which can remotely execute malicious code on your device.

Safari says “Lockdown Mode” when the feature is enabled. You can see that TechCrunch loads quite well and the browser relies on embedded fonts if it can’t download them from the internet, which slightly changes the look of the page. You can still set certain sites as “trusted” in lockdown mode, allowing you to bypass restrictions on sites you know are safe.

Before and after

When features are no longer available, like Shared Photos, which seem to mysteriously disappear from your phone in lock mode, your device usually does a good job of proactively alerting the user when the feature triggers.

You will see that when Lock Mode is enabled, you cannot receive FaceTime calls from contacts you have never communicated with before. It is designed to protect you against no-click attacks that exploit the weaknesses of FaceTime and iMessage, which are known to be used by spyware makers like NSO Group and Candiru. You also cannot open attachments, such as documents or files, as they may contain malicious code that can compromise your device. You won’t receive invitations to Apple services, like calendars and notes, from people you’ve never communicated with before while lockdown mode is on, and you can’t install new configuration profiles to join new work or school networks, as they can be misused by malicious actors to remotely control a person’s device.

Most blocked or limited features make it harder for attackers or spyware makers to remotely hack into an iPhone over the internet or cellular network, but it also blocks wired connections to your device, preventing anyone with physical access to your phone or computer. to be able to download its content, using telephone crackle Technology.

Lockdown Mode could be a tacit admission that Apple can’t protect against every spyware maker or malware threat like no company can. But it’s a sign of addressing the issue head-on, rather than denying its existence. Lockdown Mode is coming to iOS 16 and macOS Ventura later this year.

Leave a Comment