Lockdown mode comment: Good thing Apple, move on! But…

It came as a complete surprise, not even a hint of information was made public beforehand: With iOS 16, iPadOS 16 and macOS 13 Ventura, Apple will better protect its most important platforms from increasingly malicious spyware, which comes from governments in particular, but also from criminal hackers for a long time is used.

Consequences of hacks

This new lockdown mode is consistent – especially in view of the fact that in recent months one spy attack after the next has been successfully carried out, especially on the iPhone, which is actually considered safe. Politicians’ Apple smartphones were spied on, journalists, activists and human rights activists were attacked, data scandal followed data scandal. And Apple, in turn, seemed unable to finally adequately seal its platforms.

The lockdown mode should now make this easier. This also raises a number of questions. Apple emphasizes in its announcement that it is about protecting users “against highly targeted spy software with mercenary intentions”, i.e. users who are “endangered by targeted cyber attacks by private companies with state-sponsored spy software”. According to Apple, this, in turn, occurs very rarely, which is why it then has this “extreme[n|, optionale[n] Protection for the very small number of users who see themselves exposed to serious, targeted threats to their digital security”. But is that really true? After all, online criminals are also increasingly using sophisticated methods.

Mac & i editor Ben Schwan has been writing about technology topics since 1994 and now focuses his attention particularly on Apple devices. He likes the design of the Mac, iPhone and iPad and believes that Apple often delivers the more user-friendly products. However, the hardware and software world from Cupertino is not always perfect for him.

But for Apple users, the new function, which will come to iPhone, iPad and Mac from autumn, is initially optional. Among other things, it ensures that attack surfaces are reduced. Attachments – except for images – are filtered out of iMessage messages, JavaScript features in the browser (JIT), which have been exploited in the past, are deactivated. Communication via Apple services such as FaceTime is only possible if you have already deliberately addressed a person – this should also help to make unknown gaps not vulnerable in the first place. Other hacks, such as Mobile Device Management (MDM) and configuration certificates, are also no longer as easily possible, as is physical access via USB-to-Lightning cable.

It becomes uncomfortable

As sensible and useful as it is to seal the iPhone, iPad and Mac better, one wonders at various points why this is associated with a restriction in comfort. No more documents via iMessage and “real” surfing only via whitelist is not really much fun. And that is also the central point of criticism of the lockdown mode: why does Apple not succeed in securing its operating systems by default in such a way that gateways do not even arise with a greater range of functions? There is a system in the news app called “Blastdoor” that is supposed to isolate attachments. However, it has already been circumvented by clever (even diabolical) attackers with sufficient money and time. Why not make this better? (Apple sure does, but doesn’t seem to consider it sufficient.)

Well, Apple also announced further investments in security and is also donating money to human rights activists. The Pegasus developers have been sued by the NSO Group (who, by the way, also cooperate(d) with German authorities, which is something you have to let melt in your mouth). There’s also a new, expanded bug bounty program that awards up to $2 million for breaking lockdown mode. But you still have the feeling that all this can only be a beginning.

Apple’s reputation rests heavily on offering a secure platform, one that’s less of a security buggy than say Windows or Android. The last few months have shown that this is not (always) true, at least in the case of highly developed spyware. Accordingly, the initiative that was launched on Wednesday evening can be understood as an indication that the group has finally woken up. This should also have something to do with the anger of the in-house developers and security experts at being constantly confronted with such attacks. But that’s the way it is, this world of slouches and criminals – and users of Apple hardware are considered particularly attractive victims. It could be that we all need the lockdown mode more often in the future.