Hired spyware is one of the most difficult threats to combat. It targets an infinitesimal percentage of the world, making it statistically unlikely for most of us. And yet, because sophisticated malware only targets the most powerful people (diplomats, political dissidents, and lawyers, for example), its destructive effect falls far short of the small number of infected people.
This puts device and software manufacturers in a stalemate. How do you build something to protect what is probably well below 1 percent of your user base from malware created by companies like NSO Group, creator of proximity exploits that instantly turn fully updated iOS and Android devices into sophisticated listening devices.
There’s no security snake oil here
On Wednesday, Apple unveiled an original option that it plans to add to its flagship operating systems in the coming months to counter the menace of spy mercenaries. The company explicitly states – almost to your face – that blocking mode is an option that will degrade the user experience and is only for a small number of users.
“Lockdown mode offers an extreme extra layer of security for the very few users who, because of who they are or what they do, can be personally targeted by some of the most sophisticated digital threats, such as those from the NSO Group and other private companies developing sponsored government mercenary spyware,” the company said in a statement. “Enabling Lockdown Mode in iOS 16, iPadOS 16, and macOS Ventura further enhances device security and severely restricts certain features, drastically reducing the attack surface that can potentially be exploited by highly targeted spyware for hire.”
Full list of restrictions:
- Messages. Most message attachment types other than images are blocked. Some features, such as link previews, are disabled.
- Apple Services: Incoming invitations and service requests, including FaceTime calls, are blocked unless the user has previously sent a call or request to the initiator.
- Wired connections to a computer or accessory are blocked when iPhone is locked.
- Configuration profiles cannot be installed and the device cannot enroll in mobile device management (MDM) while lockdown mode is enabled.
The lockdown mode is significant for many reasons, not the least of which is that it comes from Apple, a company that is very sensitive to customer perceptions. Officially admitting that her clients are vulnerable to mercenary spies is a big step.
But the move is great because of its simplicity and concreteness. There is no security snake oil here. If you want to improve your security, learn how to avoid the services that pose the greatest threat. John Scott-Railton, a Citizen Lab researcher who knows a thing or two about counseling NSO spyware victims, said Lockdown Mode is one of the first effective ways for vulnerable individuals to follow if not completely shutting down their devices.
“When you notify users that they have been exposed to sophisticated threats, they inevitably ask, “How can I make my phone more secure?” He wrote.’ “We didn’t have many great, honest answers that really made an impact. Strengthening the consumer phone is really unattainable.”
3. Among the developers of large platforms and OS, there is a common psychological barrier associated with the introduction of functions with a high level of security.
Lots of unavoidable considerations such as:
– Worst user experience (especially compared to competitors!)
– Violation of functions
– Need more customer support resources, etc.
— John Scott-Railton (@jsrailton) July 6, 2022
Now that Apple has opened the door, it’s inevitable that Google will follow suit with its Android OS, and it’s no surprise that other companies will follow suit as well. It could also be the start of a useful discussion within the industry about expanding the approach. If Apple will allow users to turn off unwanted messages from unknown people, why can’t it provide an option to turn off the built-in microphone, camera, GPS, or cellular capabilities?
One thing everyone should know about Lockdown Mode, at least as described by Apple on Wednesday, is that it doesn’t prevent your device from connecting to cellular networks and broadcasting unique identifiers like IMEI and ICCID. This is not a criticism, just a natural limitation. And compromises are a major part of security.
So, if you’re like most people, you’ll never need lockdown mode. But it’s great that Apple will offer it, because it will make us all safer.
#Apples #lockdown #mode #coolest #security #ideas