Apple prides itself on the security measures built into its software and hardware—and it continues to add new protections and safeguards over time. Lockdown Mode is a new feature heading to iPhones, iPads, and Macs later this year, and it promises to protect your devices from “highly targeted cyberattacks.”
As you might surmise from the name, Lockdown Mode is a bit like closing the shutters, double-bolting the doors, and turning off all the lights in your home. It severely restricts the kinds of activity allowed on your devices, the logic being that if something unwanted has gained access, the damage will be limited.
For example, attachments other than images get turned off in Messages, and link previews are disabled. Incoming FaceTime calls from unknown numbers are blocked, as are wired connections with other hardware and accessories. Shared albums are removed from the Photos app, and new shared album invitations are blocked.
On a more technical level, a number of web technologies are turned off, including just-in-time (JIT) JavaScript compilation (where code is run and compiled at the same time.) In addition, configuration profiles (for work or school for example) can’t be installed.
Lockdown Mode is disabled by default but can be enabled on an iPhone by going to Settingsthen Privacy and Securitythen LockdownMode. Turning it on or off requires a system reboot and the device’s PIN. While Apple is describing the feature as something for users at risk from “state-sponsored mercenary spyware”—which sounds like high-profile targets—anyone will be able to switch it on for additional protection.
“Lockdown Mode is an extreme, optional protection that should only be used if you believe you may be personally targeted by a highly sophisticated cyberattack,” is the way that Apple puts it in its support documentation. “Most people are never targeted by attacks of this nature.”
As Apple explains, the overall idea is to reduce the attack surface that malware and spyware have access to. Tools including the Pegasus spyware package developed by the NSO Group have the potential to read texts, track calls, collect passwords, monitor a user’s location, and more—and some require no interaction from the user.
With Pegasus, for example, a WhatsApp call to the target device is all it takes for the spyware to start its work, even if the call isn’t answered. It’s worth noting that this particular piece of spyware is blocked from running on devices with iOS 15 or higher installed, but there are plenty of other threats still out there, and plenty more that will be developed in the future.
.