The iPhone to get new Lockdown Mode

It’s becoming a very nasty and dangerous world and Apple is taking one small step to protect its users with an unprecedented move to allow its phones, tablets and computers to be protected from dangerous intrusions with its new Lockdown Mode.

(I am freely quoting below from Apple’s press release, since the feature is not yet available to evaluate.)

Lockdown Mode is the first major capability of its kind designed to offer protection for the “very small” number of users who face grave, targeted threats to their digital security.

The new feature is designed to protect users who may be personally targeted by sophisticated digital threats, such as those from private companies developing state-sponsored mercenary spyware as well as other software designed to take control of your phone or steal data.

Lockdown Mode will be intriduced in the fall in the next major revisions of iOS software for the iPhone and iPad and in the Macs running the new macOS Ventura. Apple is positiong this as an extreme level of protection for the “very small number of users who face grave, targeted threats to their digital security.” Of course, that may be the way it starts off, but it may find greater use with time. This is in line with Apple’s market position of emphasizing our privacy when using its products. The first initiative was to require users to opt in being tracked when installing or upgrading apps, a move that has had a devistating effect on Facebook.

The company further notes, “Apple makes the most secure mobile devices on the market. Lockdown Mode is a groundbreaking capability that reflects our unwavering commitment to protecting users from even the rarest, most sophisticated attacks. While the vast majority of users will never be the victims of highly targeted cyberattacks, we will work tirelessly to protect the small number of users who are. That includes continuing to design defenses specifically for these users, as well as supporting researchers and organizations around the world doing critically important work in exposing mercenary companies that create these digital attacks.”

One of the major targets of Apple’s Lockdown Mode are some of the exploits from the NSO Group that has and is being used to eavesdrop on the phones of politicians, opposition candidates and other world leaders. This software takes advantage of software bugs that are found and can be exploited before they are fixed.

Lockdown Mode will offer the following protections: 

  • Messages: Most message attachment types other than images are blocked. Other features, like links, are disabled.
  • Web browsing: Certain complex web technologies, like just-in-time (JIT) JavaScript compilation, are disabled unless the user excludes a trusted site from Lockdown Mode.
  • Apple services are screened. Incoming invitations and phone requests, such as FaceTime calls, are blocked if the initiator is not recognized.
  • Wired connections with a computer or accessory are blocked when iPhone is locked.

Apple is positioning this feature as a way to combat the increasing level of attacks on journalists, human rights activists and protestors, particularly by authoratarianism regimes. The phone has become the repository of much of what we do, what we say, where we go, our health and much more. Short of turning the phone off, this looks like an attempt to make it safe to use if we are willing to put up with limitations.

My assessment is this feature will be expanded and widely used, not just by the few that Apple note. I can envision not simply a Lockdown mode that is turned on and off, but a slider that allows a range of protection between standard and lockdown. But this is a good first move, because most every other company freely takes our personal information and uses it if there’s a profit to be made.

Protecting your own iPhone

As an aside, John Eastman, one of Trump’s lawyers involved with attempts to overturn the election, had to surrender his iPhone 12 to the FBI, based on a judge’s warrant. The FBI took the phone and had Eastman unlock it using his face. Currently the law does not force one to surrender a password, but can use biometrics (facial or fingerprint) to unlook phones. Eastman might of avoided this had he been a little more tech astute.

Simply depressing the on/off button and volume up (or down) button simultaneously for 2 seconds locks the phone. Next time the phone is turned on it will require a password. It’s easy to do it in your pocket surepticiously. This is something I always do when sending your phone through TSA screening at airports.

by Phil Baker