Apple has announced that it will be releasing a ‘Lockdown Mode,’ which will allow users who might be targets of specialised spyware attacks, like human rights advocates, journalists, activists, political dissidents, etc, to protect their data.
These security measures come at a relevant time, when spyware like Pegasus, Hermit, and others are being used by governments to track and collect the data of lawyers, activists, opposition leaders, and other persons of interest.
Late last year, Apple sued the NSO Group, the makers of the Pegasus spyware, for having targeted Apple users in the US.
How Does It Work?
Lockdown Mode works by limiting a lot of functionalities prevalent in the usual iOS user experience. It blocks most types of message attachments on iMessage, and disables link previews. It also limits browsing, and blocks unknown requests on Apple services such as Facetime.
It makes it impossible to establish a wired connection with an Apple device when locked, and also prevents configuration profiles from being installed. Mobile Device Management also cannot be accessed in Lockdown Mode.
These security adjustments are to prevent “zero-click” attacks, which, while rare, are still a way for the determined to break into devices of specific targets.
Google’s Project Zero team, in a blog post, had previously detailed how Apple devices had been infiltrated by Pegasus software using a GIF on iMessage – an example of a zero-click attack.
Lockdown Mode will be available to all users using iOS 16, iPad OS 16, and macOS Ventura, after its release later this year.
“While the vast majority of users will never be the victims of highly targeted cyberattacks, we will work tirelessly to protect the small number of users who are,” said Ivan Krstić, Apple’s head of Security Engineering and Architecture, regarding the Lockdown Mode feature.
$2 Million Bounty for Lockdown Bugs
Apple has set up a new initiative wherein those researchers who point out flaws or security loopholes in Lockdown Mode can be rewarded with up to $2 million.
The company also announced a $10 million grant, along with damages from the lawsuit against NSO, to be given to the Dignity and Justice Fund, with the motive to “investigate, expose, and prevent highly targeted cyberattacks, including those created by private companies developing state-sponsored mercenary spyware.”
Apple’s Lockdown Mode isn’t the only one, however it is set to be the most accessible way of attaining this level of security on a device.
Google has an Advanced Protection Program for safer account log-ins, and Microsoft’s experimental Super Duper Secure Mode for its browser are two other ways big companies are hoping to secure users that might be targeted by such attacks.
(With inputs from Reuters and The Verge.)
(At The Quint, we are answerable only to our audience. Play an active role in shaping our journalism by becoming a member. Because the truth is worth it.)