Rental supervision industry appeared in recent years as a very real threat to activists, dissidents, journalists and human rights defenders around the world, as vendors deliver increasingly invasive and effective spyware to governments. The most complex of these tools, like that of NSO Group The infamous Pegasus spyware, which targets victims’ smartphones using sophisticated and rare forms of exploitation to compromise Apple’s iOS and Google’s Android mobile operating systems. As the situation worsens for victims, activists and security professionals increasingly calls for more drastic measures to protect vulnerable individuals. Now Apple has an option.
Today, Apple announced a new feature for its upcoming iOS 16 release called Lock Mode. Apple stressed that the feature was created for a small group of users at high risk of government targeting, and it doesn’t expect the feature to be widely adopted. But for those who want to use it, the feature is an iOS alternative that greatly restricts the tools and services that spyware targets to take control of a victim’s device.
“This is an unprecedented step toward user security for high-risk users,” said Ron Deibert, director of the University of Toronto’s Citizen Lab. “I believe this will throw a key into their business. I expect [spyware vendors] to try to grow, but hopefully, this feature will prevent some of that harm from happening along the way. “
Lockdown mode is a separate operating system mode. To enable the feature, users enable it in the Settings menu and are then prompted to restart their device for all digital protections and defenses to take full effect. This feature imposes restrictions on the worst parts of the operating system sieve. For example, Locked Mode attempts to comprehensively address web browsing threats by blocking many of Safari’s speed and efficiency features (and WebKit) used to display web pages. Users can specifically mark a certain site as trusted so that it loads properly, but by default Lock Mode imposes a wide range of restrictions that extend wherever WebKit is working behind the scenes. Behind the scenes. In other words, when you load web content in a third-party app or an iOS app like Mail, the same Lock Mode protections are applied.
Lockdown mode also restricts all types of incoming invitations and requests, unless the device has made the request before. That means your friends won’t be able to call you on FaceTime, for example, if you’ve never called them. And to take it a step further, even if you start interacting with another device, Locked Mode only honors that connection for 30 days. If you don’t speak to a particular friend for weeks afterward, you’ll need to re-establish contact before they can contact you again. In Messages — a frequent target of spyware exploits — Lock Mode will not show link previews and will block all attachments, except for some trusted image formats trust.
Lockdown mode also enhances other protections. For example, when a device is locked, it won’t receive a connection from anything physically plugged into it. And importantly, a device that is not registered with one of Apple’s enterprise mobile device management (MDM) programs cannot be added to one of these programs once Locked Mode is enabled. . This means that if your company gives you a phone that is registered with the company’s MDM, it will still work if you then enable Lock Mode. And your MDM manager can’t disable Remote Lock Mode on your device. But if your phone is just a regular consumer device and you put it in Lockdown mode, you won’t be able to activate MDM. This is important because attackers will trick victims into turning on MDM as a way to gain the ability to install malicious apps on their devices.
