With a blocking mode, Apple wants to offer particularly vulnerable users under iOS 16, iPadOS 16 and macOS (13) Ventura “extreme” protection against espionage attacks and hackers, but this is accompanied by some limitations. Apart from that, the company announces a financial commitment against cyber attacks.
Apple's reaction to Pegasus
Lockdown Mode is a “groundbreaking security feature” that withstands even the most sophisticated digital threats. Apple addresses blocking mode to users “who face serious, targeted threats to their digital security.” This includes, for example, journalists, human rights activists or political opponents in authoritarian states.
Lockdown Mode offers an extreme, optional level of security for the very few users who, because of who they are or what they do, may be personally targeted by some of the most sophisticated digital threats […]. Turning on Lockdown Mode […] further hardens device defenses and strictly limits certain functionalities, sharply reducing the attack surface that potentially could be exploited by highly targeted mercenary spyware.
The threat, in turn, identifies Apple as “private[…] companies developing state-sponsored spy software with mercenary intentions.” Although the manufacturer does not mention a name with this formulation, the reference could not be clearer – Apple is referring to the Pegasus spyware from the Israeli NSO Group. This is a particularly sophisticated espionage tool based on the zero-click exploit FORCEDENTRY, which is officially used by secret services to counter terrorism, including the German foreign intelligence service BND. The NSO Group still sees itself on the side of the law, since Pegasus is only sold to security authorities.
However, the software, first documented by the Canadian Citizen Lab, has caused a lot of controversy in the past, because industry experts and security researchers have repeatedly seen confirmation that Pegasus is also used by authoritarian regimes to spy on journalists, human rights activists, politicians, lawyers and other innocent people. Apple sued the NSO Group after the situation became known, a verdict is still pending.
There is now indisputable evidence from research by Citizen Lab and other organizations that the mercenary surveillance industry is fueling the spread of authoritarian practices and massive human rights abuses around the world. I am pleased that Apple made this important donation. She sends a clear signal and supports independent researchers and NGOs who are holding mercenary spyware vendors accountable for the harm they inflict on innocent people.
Ron Deibert, Director of Citizen Lab
Lockdown mode restricts OS and users
Away from the legal process, the manufacturer now wants to defend itself with the lockdown mode. The optional additional protection was implemented as part of the third beta of iOS 16, iPadOS 16 and macOS (13) Ventura, which is now available. Users can activate or deactivate it in the device settings, which is accompanied by a password prompt and a restart. When the blocking mode is switched on, numerous functions of the operating system are restricted. Further protective mechanisms are to follow “over time”, with the following adjustments to start with:
- Messages: Most types of message attachments except images are blocked. Some features, such as link previews, are disabled.
- Apple Services: Incoming invitations and service requests, including FaceTime calls, are blocked if users have not previously called or sent a request to the initiator.
- Wired connections to a computer or accessory are blocked when the iPhone is locked.
- Configuration profiles cannot be installed and the device cannot enroll in a Mobile Device Management (MDM) when lockdown mode is enabled.