Apple on Wednesday announced a new Lockdown Mode coming to the iPhone, iPad, and Mac with iOS 16, iPadOS 16, and macOS Ventura.
Lockdown Mode offers an extreme, optional level of security for the very few users who, because of who they are or what they do, may be personally targeted by some of the most sophisticated digital threats, such as those from NSO Group and other private companies developing state-sponsored mercenary spyware. Turning on Lockdown Mode in iOS 16, iPadOS 16, and macOS Ventura further hardens device defenses and strictly limits certain functionalities, sharply reducing the attack surface that potentially could be exploited by highly targeted mercenary spyware.
Apple says Lockdown Mode is enabled in the third beta version of iOS 16, iPadOS 16, and macOS Ventura released on Wednesday. The feature will be available to all users when the software updates are released to the public later this year.
While Lockdown Mode is turned off by default, it can be enabled in the Privacy & Security section of the Settings or System Settings app. After being turned on, Lockdown Mode can be turned off at any time in the same section of the Settings app. Enabling or disabling Lockdown Mode requires restarting the device and entering the device’s passcode.
- Messages: Most message attachment types other than images are blocked. Some features, like link previews, are disabled.
- Web browsing: Certain complex web technologies, like just-in-time (JIT) JavaScript compilation, are disabled unless the user excludes a trusted site from Lockdown Mode.
- Apple services: Incoming invitations and service requests, including FaceTime calls, are blocked if the user has not previously sent the initiator a call or request.
- Wired connections with a computer or accessory are blocked when iPhone is locked.
- Configuration profiles cannot be installed, and the device cannot enroll into mobile device management (MDM), while Lockdown Mode is turned on.
Apple said it will continue to add new protections to Lockdown Mode over time.
Apple’s Security Bounty program will reward researchers who find Lockdown Mode flaws and help improve its protections, with bounties to be doubled for qualifying findings in Lockdown Mode, up to a maximum of $2 million.
“Lockdown Mode is a groundbreaking capability that reflects our unwavering commitment to protecting users from even the rarest, most sophisticated attacks,” said Ivan Krstić, Apple’s head of security engineering, in a press release shared today. “While the vast majority of users will never be the victims of highly targeted cyberattacks, we will work tirelessly to protect the small number of users who are.”
Apple is also making a $10 million grant, in addition to any damages awarded from the lawsuit filed against NSO Group, to support organizations that investigate, expose, and prevent highly targeted cyberattacks, including those created by private companies developing state-sponsored mercenary spyware. The grant will be made to the Dignity and Justice Fund established and advised by the Ford Foundation — a private foundation dedicated to advancing equity worldwide — and designed to pool philanthropic resources to advance social justice globally. The Dignity and Justice Fund is a fiscally sponsored project of the New Venture Fund, a 501(c)(3) public charity.
