Apple has always taken security and privacy very seriously, and the company is drastically raising the stakes with the announcement of a new feature called Lockdown Mode. Coming this fall in iOS 16, iPadOS 16, and macOS Ventura, Apple says the feature is “the first major capability of its kind” and an “extreme, optional protection for the very small number of users who face grave, targeted threats to their digital security.”
Lockdown Mode is meant to be a last-resort option for users who think they are the individual targets of mercenary spyware. That is, spyware created by professional companies at the behest of state-sponsored agencies to target specific people or groups. Apple explains it like this:
Lockdown Mode offers an extreme, optional level of security for the very few users who, because of who they are or what they do, may be personally targeted by some of the most sophisticated digital threats, such as those from NSO Group and other private companies developing state-sponsored mercenary spyware. Turning on Lockdown Mode in iOS 16, iPadOS 16, and macOS Ventura further hardens device defenses and strictly limits certain functionalities, sharply reducing the attack surface that potentially could be exploited by highly targeted mercenary spyware.
Apple
When a user enables Lockdown Mode, they sacrifice some important functionality in the name of preventing sophisticated spyware from being able to run. Here are the protections it will offer when it is launched this fall as part of iOS 16, iPadOS 16, and macOS Ventura, though Apple says it will strengthen and add new protections to Lockdown Mode over time.
- Messages: Most message attachment types other than images are blocked. Some features, such as link previews, are disabled.
- Web browsing: Certain complex web technologies, like just-in-time (JIT) JavaScript compilation, are disabled unless the user excludes a trusted site from Lockdown Mode.
- Apple services: Incoming invitations and service requests, including FaceTime calls, are blocked if the user has not previously sent the initiator a call or request.
- Wired connections with a computer or accessory are blocked when iPhone is locked.
- Configuration profiles cannot be installed, and the device cannot enroll into mobile device management (MDM), while Lockdown Mode is turned on.
New security bounties and a $10+ million grant
In addition to the new Lockdown Mode feature for end users, Apple will aim to improve its security with its mountainous pile of cash by issuing new rewards and grants.
The company’s Security Bounty program will get a new category to reward researchers that find bugs or bypasses to Lockdown Mode and help strengthen its protections. That bounty can award up to $2 million, which Apple claims is the highest payout in the industry.
Apple is also making a $10 million grant to the Dignity and Justice Fund (established by the Ford Foundation) in order to “support organizations that investigate, expose, and prevent highly targeted cyberattacks, including those created by private companies developing state-sponsored mercenary spyware.” In addition, Apple is pledging to the fund any damages awarded by its lawsuit against NSO Group over the Pegasus spyware. The fund expects will make its first grants in late 2022 or early 2023 to organizations that expose mercenary spyware and help protect its victims.
