20.6 C
New York
Wednesday, September 28, 2022

Apple Lockdown mode adds ‘extreme’ protection to your iPhone, iPad and Mac

Apple is taking steps to make people like journalists, activists, and politicians safer with a new setting in iOS 16, iPadOS 16, and macOS Ventura called Lockdown Mode. This setting hardens the defenses of an iPhone, iPad, or Mac in a way that disrupts the methods we’ve seen used to compromise devices in highly targeted attacks.

Lockdown mode blocks many types of message attachments, disables link previews, disables some default web browsing technologies, blocks FaceTime invitations and calls from unknown sources, locks wired connections to computers or accessories when the device is locked and disables the ability to add new configuration profiles or enroll in mobile device management (MDM).

These are the areas we know may be vulnerable, as Google’s Project Zero team detailed how the iPhones of people targeted by the Pegasus software could be compromised in a zero-click scenario by using a GIF to exploit. iMessage in the background. Other attacks have repeatedly targeted MDM solutions or used malicious websites to exploit rendering flaws, and lockdown mode closes those doors from the start.

Lock Mode Screen in iOS 16

Lock Mode Screen in iOS 16
Image: Apple

Apple calls this an “extreme, optional” level of protection which is a clear response to the growing use of state-sponsored mercenary software like the Pegasus tool developed by the NSO Group. Evidence of the software has been found on the devices of journalists like Jamal Khashoggi. According Bloomberg journalist Marc GurmanApple has just released iOS 16 Developer Beta 3 which includes Lock Mode.

In recent years, Apple had been criticized for not working with security researchers to find and fix flaws in its platforms as much as other big tech companies before launching an iOS bug bounty program in 2016. It eventually expanded the program to cover other devices in 2019, while saying it would distribute special security research devices to outside researchers.

According to Apple’s Head of Engineering and Security Architecture, Ivan Krstić, “Although the vast majority of users will never fall victim to highly targeted cyberattacks, we will work tirelessly to protect the small number of users. This includes continuing to design defenses specifically for these users, as well as supporting researchers and organizations around the world doing critically important work to expose the mercenary companies that create these digital attacks.

When showing off the new operating systems at WWDC 2022 in June, Apple said its new Rapid Security Response feature will enable fixes for security vulnerabilities that deploy faster and can take effect on a Mac without requiring reboot. iOS 16 and macOS Ventura are also set to include support for new password technology that will help eliminate the use of passwords.

Other tech companies have made similar efforts in some respects, like Google’s advanced protection program for its accounts or the Super Duper secure mode that Microsoft started testing in Edge last fall. Some smaller companies have also tried to offer hardened devices running Android that promise protections against various vulnerabilities, but lockdown mode is a new level of security that will be available to millions of people once it launches with the new updates. software updates later this year.

Even with those protections, finding vulnerabilities in operating systems that control so many devices is valuable business, and Apple says it’s doubling the bounty for lockdown mode “qualifying results” to $2 million, which she claims is the highest maximum bonus payout in the industry. Apple also says any damages awarded to it in a lawsuit it filed last fall against NSO Group will be added to a $10 million grant to support organizations that “investigate, expose and prevent highly targeted cyberattacks, including those created by private companies developing state-sponsored projects.” mercenary spyware.

Related Articles


Please enter your comment!
Please enter your name here

Stay Connected


Latest Articles