TIL about “lockdown mode”
When you enable Lockdown Mode, Apple applies a strict set of rules that block or limit the riskiest paths attackers use to get in:
- Messages: Most attachment types are blocked; link previews and some features are disabled.
- Web browsing: Certain complex web technologies (like JIT compilation) are restricted – you can whitelist trusted sites if needed.
- […]
In case someone doesn’t know, Android has this option as well.
The ‘lockdown’ option on android just disables biometric unlock, smart lock (staying unlocked when on-body or within a geo-fence), and notifications displayed on the lockscreen, until the device is next unlocked. This has to be explicitly enabled by selecting ‘lockdown’ from the power off screen at the time of locking the device (turning the screen off) every time you lock the device.
Apple’s implementation does quite a bit more; blocking incoming messages, links, and invites from unknown numbers, restricting potentially hazardous web browsing, and restricting wired connections.
Not a big Apple fan, but they did pretty good with this.
I use a PIN and disabled lock screen info. I don’t know of anything that keeps my phone from locking.
I already ignore anything from unknown numbers.
I’ll have to check what happens when I plug the phone into my computer while locked.
While obviously this is laudable, and better than not having such a mode, it still suffers from that same massive fatal flaw. Apple software is proudly closed source. If we can’t audit their software, in the end we’re just taking their word for it.
Well now you have the FBI’s word for it as well.
Though I have a feeling that they’d keep quiet about what they can’t break and loudly exclaim that something can’t be broken when they find a way to crack it.
Good
