iOS 16—What You Need To Know About iPhone Lockdown Mode | #itsecurity | #infosec


Apple’s soon-to-launch iOS 16 operating system will include a new feature called Lockdown Mode, the iPhone maker has announced. By limiting the functionality of the iPhone, the iOS 16 security feature will offer additional protection to users who may be at risk from targeted cyberattacks featuring spyware.

Apple calls Lockdown Mode “the first major capability of its kind”.

Lockdown Mode is a “ground-breaking capability that reflects our unwavering commitment to protecting users from even the rarest, most sophisticated attacks,” says Ivan Krstić, Apple’s head of security engineering and architecture.

Lockdown Mode isn’t for everyone—as Krstić points out, the vast majority of iPhone users will never be a victim of highly targeted cyberattacks, such as the “zero click” attack using the Pegasus spyware.

Pegasus, which was made by NSO Group to be used against criminals, was found on the phones of people close to Khashoggi, the journalist who was murdered in 2018.

Lockdown Mode: “Extreme security”

Lockdown Mode offers “an extreme, optional level of security,” according to Apple. But while Lockdown Mode hardens device defenses, it also strictly limits certain functionalities—the inevitable trade-off for such strong security.

For example, using Lockdown Mode, most message attachment types other than images are blocked and features such as link previews are disabled. Incoming invitations and service requests, including FaceTime calls, are blocked if the user has not previously sent the initiator a call or request. Wired connections with a computer or accessory are blocked when the iPhone is locked.

Lockdown Mode—good optics for Apple

There’s no doubt that Lockdown Mode offers good optics to demonstrate Apple’s ability to protect against these high-risk attacks that target a small number of people. The last year has made us realize how easily iPhone attacks can happen without people’s knowledge. So-called zero click attacks don’t need any interaction at all from the user, and these can allow spyware onto your phone.

Lockdown Mode may be the first protection of its kind, but additional security safeguards for high-risk users are also offered by Google in its Advanced Protection Program, which for example, requires a security key for authentication.

But Lockdown Mode is far more extreme—it seriously limits many of your iPhone’s core features. “People also need to be aware of the cost-benefit relationship here,” says Forbes contributor Davey Winder.

He points out that most people will not be attacked by the sort of advanced spyware that the iOS 16 security feature is designed to stop. “If you do activate Lockdown Mode, it’s not a magic bullet but it will disable most message attachments; most websites will run more slowly as it will disable Just In Time JavaScript, which is used to speed up sites. So it’s one of those things that looks good, sounds good, but I don’t think most people are going to need it.”

Forbes’ Zak Doffman thinks Apple’s Lockdown Mode is “an instinctive knee-jerk reaction to all of the exposures they’ve seen over the last year.”

Taking this into account, he suggests Lockdown Mode will be version one of Apple’s extra security protection. “There is no point launching Lockdown Mode if it hobbles your iPhone so much it becomes unusable. People just won’t use it.”

So should you use Lockdown Mode? If you are a regular iPhone user, there’s really no need to. However, if you are at risk of attack­—such as a journalist or dissident—it’s worth taking advantage of.



Original Source link

Leave a Reply

Your email address will not be published.

82 + = ninety one