Apple's latest security feature could literally save lives

Cupertino is so sure of Lockdown Mode it's offering $2m to bug hunters to break it


Apple's latest security feature won't be used by most of its customers, but those who need Lockdown Mode could find it to be a literal life saver.

The functionality, coming with iOS/iPadOS 16 and macOS Ventura, shrinks an iDevice's attack surface by disabling many of its features. It's designed to protect the small number of Apple users who, "because of who they are or what they do, may be personally targeted by some of the most sophisticated digital threats, such as those from NSO Group and other private companies developing state-sponsored mercenary spyware," Apple said in a statement. 

Lockdown, thus, effectively aims to reduce the number of potential vulnerabilities spyware could exploit to compromise a device, cutting the possible routes into surveillance targets' kit.

It's no coincidence that Apple called out Israeli spyware maker NSO by name. The US mega-corp sued the outfit in October 2021 for infecting iPhones with its Pegasus malware that snoops on practically every element of the device and the data it contains. Pegasus is used by multiple nation-states to spy on dissidents, journalists, and other perceived troublemakers.

Apple hopes that Lockdown Mode will be a way for those at risk of being targeted by Pegasus and similar malware to protect themselves, which it will do by:

  • Blocking all attachment types (other than images) and disabling link previews in Messages 
  • Disabling some web technologies, such as just-in-time JavaScript compilation, unless a site is added to a Lockdown Mode allow-list
  • Blocking incoming FaceTime calls, invitations and service requests from unknown parties, unless the device owner has previously contacted them
  • Not allowing wired connections to computers or peripherals when the device is locked
  • Blocking the installation of configuration profiles and mobile device management enrollment

Apple says it will be adding additional protections to Lockdown Mode over time. The feature should release this fall with major OS updates, and it's unclear whether Lockdown Mode is available in current beta builds of Apple's OSes. We have reached out to learn more and will update this story when we hear back. 

Pegasus: A potentially fatal cyberattack

The threat of spyware from companies like NSO is no light matter. It is how, for instance, the Saudi Arabian government was able to allegedly track down and assassinate Washington Post columnist Jamal Khashoggi

Ivan Krstić, head of security engineering and architecture at Apple, said the company knows the types of attacks faced by Khashoggi and other public figures are very rare, but it doesn't mean they shouldn't be fought.

Apple is "continuing to design defenses specifically for these users, as well as supporting researchers and organizations around the world doing critically important work in exposing mercenary companies that create these digital attacks," Krstić explains. 

Along with the announcement of Lockdown Mode comes a tempting target for bug hunters: up to $2 million for qualifying findings in Lockdown Mode.

Apple also provided an update on its $10 million donation to the Dignity and Justice Fund at the Ford Foundation, first mentioned when it filed its lawsuit against NSO. The company says the DJF plans to issue the first grants in late 2022 and early 2023 with funding focused on approaches to exposing mercenary spyware and better protecting targets. Krstić serves as a technical advisor to the fund. ®


Other stories you might like

Biting the hand that feeds IT © 1998–2022