Apple’s new “Lock Mode” adds “extreme” protection to your iPhone

Apple introduced enhanced “Lockdown Mode” which is designed to prevent sophisticated attacks, including the installation of commercial spyware purchased and used by governments against individuals such as journalists, activists and politicians. This setting strengthens iPhone, iPad, and Mac defenses by blocking methods used to compromise devices in highly targeted attacks.

“While the vast majority of users will never be victims of highly targeted cyber attacks, we will work tirelessly to protect the small number of users who are,” said Ivan Krstic, Apple’s director of security engineering and architecture.

Lockdown mode will be introduced this fall with macOS Ventura, iOS 16 and iPadOS 16. The mode is optional and will greatly limit some features, with the aim of protecting vulnerable users.

Lock Mode blocks most message attachments except images, disables link previews, turns off certain web browsing technology by default, blocks calls and FaceTime calls from unknown sources, blocks wired connections to computers or peripherals while the device is locked, and prevents adding new configuration profiles or turning on into mobile device management (MDM).

Apple calls this an “extreme, optional” level of protection in response to the increasing use of commercial spyware bought by governments, such as the Pegaz tool developed by Israeli firm NSO Group.

Apple has long been criticized for not working with security researchers to find and fix flaws in its platforms like other major tech companies, before launching an iOS bug bounty program in 2016. Eventually, the company expanded the program to other devices in 2019.

Now, Apple has announced that it will pay up to $2 million to researchers who uncover bugs in Locked Mode, through its bug bounty program, the largest reward ever offered in the industry.

For years, researchers have warned about off-the-shelf hacking tools sold to governments by private companies that are used to spy on human rights activists, journalists and political opponents, including attacks that could compromise devices without any user interaction.

Last September, the University of Toronto’s Citizen Lab reported on one such attack, a “zero click,” which they called ForcedEntry. This bug was used by the NSO Group to enable its clients, state agencies, to install spyware on the phones of journalists and activists. The researchers said at the time that the bug allowed Pegaz spyware to be installed without a single click, meaning the target didn’t have to do anything to be infected.

Next month, Apple has filed a lawsuit against NSO Group and announced that it will donate $10 million to organizations that conduct research on cyber surveillance tools, as well as the full amount of damages if it wins the case.



Source: Informacija.rs by www.informacija.rs.

*The article has been translated based on the content of Informacija.rs by www.informacija.rs. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!

*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.

*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!