[HN Gopher] About Lockdown Mode ___________________________________________________________________ About Lockdown Mode Author : hjuutilainen Score : 172 points Date : 2022-09-14 20:15 UTC (2 hours ago) (HTM) web link (support.apple.com) (TXT) w3m dump (support.apple.com) | Arrath wrote: | The ability to exclude apps or websites from the lockdown seems | at the face of it to reintroduce attack surface that lockdown | mode is meant to prevent. | | Countdown to some 0day no-click exploit that adds an app or | service or site to the exclusion list and then proceeds with a | further attack? | Shank wrote: | > Countdown to some 0day no-click exploit that adds an app or | service or site to the exclusion list and then proceeds with a | further attack? | | What type of exploit would be able to add something to the | exclusion list but _not_ already perform arbitrary code | execution and just attack the system directly? This seems | incredibly unlikely -- and roundabout, because you 'd still | have to get the browser to load the page. | [deleted] | Arrath wrote: | I honestly haven't a clue, really just spit-balling after | reading the link. | sideshowb wrote: | Maybe they could compromise the server of someone else's site | that's on the exclusion list? | 1f60c wrote: | The only way I can think of that could work is if an attacker | made a website (and convinced the target to visit it) that said | something like: | | > Tap Aa > Disable Lockdown Mode to view _News Org_ secure | content | | Similarly to how malicious Word docs get users to enable | macros. | yuan43 wrote: | > Lockdown Mode is an optional, extreme protection that's | designed for the very few individuals who, because of who they | are or what they do, might be personally targeted by some of the | most sophisticated digital threats. Most people are never | targeted by attacks of this nature. | | The list of restrictions doesn't seem to inhibiting - for those | who have used it, what are the points that stand out? Is this | something designed for habitual use or under specific situations? | rooster8 wrote: | Been using since it came out over a month ago. The biggest | annoyances are: | | 1. You cannot tap on any links in iMessage. You have to hold | your thumb down on the link, copy it to clipboard, switch to | Safari, paste | | 2. If someone posts a gif in an iMessage thread, it doesn't | show up | | 3. All inbound requests for FaceTime calls seem to be | automatically blocked, even when they are coming from people | who are favorites in my contacts. I haven't looked into why | yet. Maybe it's because I don't have their phone number saved | with a `+1` prefix in my contacts? | | Other than that it's hardly noticeable, and I think it's | fantastic that we now have this option. | Marsymars wrote: | > 2. If someone posts a gif in an iMessage thread, it doesn't | show up | | This sounds like a positive for me. I disable animations in | chat whenever it's an option. | tylerhou wrote: | The linked article says | | > Incoming FaceTime calls are blocked unless you have | previously called that person or contact. | | So you may have to call them first, even if they are a | favorited contact. | dereg wrote: | Seems well thought out. It prevents someone from | maliciously adding their phone number to, say, your mom in | Contacts. | oceanplexian wrote: | Is this really a feature people want? I can't imagine any | situation where I'd want to allow unsolicited FaceTime | calls (99% of the time it's some kind of spammer) | rooster8 wrote: | Thank you! TIL that I never initiate calls with the most | important people in my life. | Retr0id wrote: | I've been using it for the past few days. I mainly use my phone | as a text-based communication device, with occasional feed- | scrolling (such as reading HN or twitter). | | So far, the only annoyance is that sites relying on custom | fonts for icons can end up with indecipherable UI elements | (e.g. a button with a "refresh" icon is now just a button with | an empty square) | jason-phillips wrote: | You can add an exception for those sites in safari | ievans wrote: | Notable highlights for me: | | > Lockdown Mode is available in iOS 16 and coming soon in iPadOS | 16 and macOS Ventura. | | > Web browsing - Certain complex web technologies are blocked, | which might cause some websites to load more slowly or not | operate correctly. In addition, web fonts might not be displayed, | and images might be replaced with a missing image icon. | | The first sentence I believe is referring to disabling JIT (just | in time compilation of Javascript), which is dangerous as it | allocates W+X pages which are often used by the final stage of an | exploit. Apple did an amazing job already of hardening iOS by | severely restricting which applications can use JIT (and this is | their justification for why non-Safari browser engines are not | allowed on iOS) and even enabling per-thread memory page | permissions. Many more details are in this fantastic post from | Google's project Zero: | https://googleprojectzero.blogspot.com/2020/09/jitsploitatio... | | Overall it's very interesting to see Apple invest so | significantly in something that will benefit relatively few users | -- not that I'm complaining! | sneak wrote: | > _Overall it 's very interesting to see Apple invest so | significantly in something that will benefit relatively few | users_ | | Apple has been doing this for decades with heavy investment | into assistive technology, far better than other platforms. | prox wrote: | Looking at you Google. The only things they make is to spy | _more_ | withinboredom wrote: | Apple isn't much better. They just have better marketing. | Angostura wrote: | I was mucking about on my Mac the other day playing with the | accessibility settings and came across this: | https://support.apple.com/en-gb/guide/mac- | help/mchlb2d4782b/... - s system that lets you move the mouse | with movements of your head as picked up by the web cam. Woks | _very_. Scrunch nose to click etc. | alerighi wrote: | > Apple did an amazing job already of hardening iOS by severely | restricting which applications can use JIT | | Well they did that not because they care about users but | because they want all software to pass trough the App Store | (and thus the review and policies of Apple). If you would allow | to run efficiently code from other sources (for example | downloaded at runtime, put in a W+X memory page and executed) | that code doesn't pass through the review process of Apple, | thus one can publish an app that does something and then modify | its code to make it do another thing (even load an entirely | different thing). | | In the end I don't think this is a good thing for users. | GekkePrutser wrote: | Indeed this, it's more about platform control. | | I really hope the EU will succeed in forcing Apple to allow | third party app stores. That would be a game changer. People | that are happy to stay in the walled garden can simply not | use any other app stores but for someone like me it will open | up iOS as an actual option I can choose. Right now there's | too many things I can't do on iOS. | | Though honestly, I'd be even happier with a real third option | instead. | prox wrote: | What do you need iOS to do? | withinboredom wrote: | I'd like to write an app for myself, side load it, and | Apple not have to give me special permission to do what I | want. Right now, I have to have a "shortcut" start my own | app (for simming) to change some device settings, then | remember to change them back after the session. But if | Apple would allow you to do whatever you want without | their permission (on your own device), my life would be a | bit simpler. | unethical_ban wrote: | >Overall it's very interesting to see Apple invest so | significantly in something that will benefit relatively few | users -- not that I'm complaining! | | I would say that this is at the very least a strong marketing | point. "We are secure by default, and the most secure phone | out-of-the-box on the planet if needed". | | The hardware itself must be trusted to an extent, too. Is there | an android-compatible device/ROM combination that can advertise | the same level of security as this lockdown mode, without | spending two days configuring it? | koen_hendriks wrote: | fsflover wrote: | Not Android-compatible, but: | https://news.ycombinator.com/item?id=19360189 | saagarjha wrote: | Pixel with one of the security-focused ROMs, maybe? | encryptluks2 wrote: | Chrome and Chromium has flags to disable JIT as well, but there | is definitely a significant performance penalty. | | One area of greatest concern for me is client hints and the | various JS APIs that leak way too much, from OS to memory and | more. You would think that an extension as popular as uBlock | Origin would exist that would make this information as generic | as possible to mimic the most common browser profile. Without | it, it is still incredibly easy to identify a user with JS | enabled and unfortunately disabling JS also makes you unique. | | This doesn't even address the Canvas API issue that needs to be | virtualized to protect privacy. The web standard as a whole | hasn't really put a lot of thought into privacy. | Dylan16807 wrote: | > which is dangerous as it allocates W+X pages which are often | used by the final stage of an exploit | | Are you sure? There's no need to ever have a page that is W and | X at the same time, and I would not expect any current | professional JIT to make one. | helloooooooo wrote: | There are still RWX pages in Chrome, something to do with | WASM I think. I don't know about Safari. Old MS Edge used to | solve the remapping of the W JIT page to X by moving JITTing | to another process and then having it RW in there, but only | ever be RX in the primary process. | MintPaw wrote: | Does the distinction matter? Is changing W pages into X pages | meaningfully safer? | 0x457 wrote: | It depends on the kind of vulnerability. Say you have a | vulnerability that allows writing to arbitrary pages, then | an attacker on RWX system can write malicious code into | pages that would get executed. In W^X environment, the | attacker needs to find a W page and write to it before it | becomes the X page. | | This isn't a 100% mitigation, but it does make it harder to | exploit. | | JavaScript JIT been source of so many RCE vulnerabilities. | bpye wrote: | Yes. It means that you can't use a write primitive to | simply modify an already executable page. | lisper wrote: | How does that help? | remexre wrote: | It means an attacker with an arbitrary-write vuln needs | to be able to target a page as the JITted code is being | written to it, rather than being able to target any | existing page with code in it. | ievans wrote: | Thanks for the correction; my knowledge is a bit out of date, | Firefox at least (not sure about Safari) switched to W^X JIT | a good while back: https://jandemooij.nl/blog/wx-jit-code- | enabled-in-firefox/. That's cool. | | W^X is more difficult to exploit for sure, but as other | commenters point out, unfortunately still possible. | CJefferson wrote: | Technically pages alternate between W and X as you say, but | this will disable even that (which is already true AFAIK for | non-Apple iOS apps, they can't have JITs). | saagarjha wrote: | No, Apple uses mirror mappings or fast permission | restrictions to flip the bits if available. | tinus_hn wrote: | I just looked it up in the Armv8 manual and there is a | control setting that makes the processor ignore the | executable permissions for any writable pages. It states | these controls 'are intended to be used in systems with very | high security requirements.' which suggests there are | drawbacks. | | https://armv8-ref.codingbelief.com/en/chapter_d4/d44_1_memor. | .. | lancebeet wrote: | >Overall it's very interesting to see Apple invest so | significantly in something that will benefit relatively few | users -- not that I'm complaining! | | Getting world leaders, celebrities and CEOs to use their | devices might make this part of their marketing budget. | 1f60c wrote: | I think the primary user base will be human rights activists | and journalists, similar to Google's Advanced Protection | Program. | GuB-42 wrote: | I don't think human right activists and journalists are the | most at risk here. They are more at risk than you and me | but at least, they can keep a low profile. | | CEOs and celebrities and politicians are not only at risk | because of their influence and insider knowledge, but they | also have a huge target painted on them at all times. They | simply can't keep a low profile due to their occupation. | They also have money, much more than journalists and | activists, so they attract "regular" criminals too. | | Human right activists and journalists probably won't be | their main user base but it will be the most prominent for | public relations reasons, because who doesn't like human | right and investigative journalism? VIPs are less | marketable and let's not talk about criminals. To keep | things clear, I think it is a good feature, even if it can | help criminals. After all, human right activists are often | technically criminals where they act. | makeitdouble wrote: | Many journalists whole job is to not keep a low profile | and pull attention from the public. I'm not sure | politicians get killed that much more in comparison [0]. | Money is usually enough to solve political problems. | | [0] https://www.euronews.com/green/2022/02/18/30-environm | ental-r... | mataug wrote: | > Overall it's very interesting to see Apple invest so | significantly in something that will benefit relatively few | users -- not that I'm complaining! | | My theory on this is that apple is one of the few companies | where everything they build seems to be well integrated into | their ecosystem. This is part of their appeal. | | Another part of Apple's appeal is that they've positioned | themselves to appear as the company that cares the most about | consumer privacy and security. Lockdown mode seems to be one of | those features that's great for marketing and PR in certain | circles, while being extremely useful in situations where it's | needed. | | I imagine someone writing an article claiming how lockdown mode | saved them, and that's practically free viral marketing in the | security circles. | t0mas88 wrote: | Same for Tesla's Bioweapon Defense Mode. Nearly nobody ever | needs it but it gets them some low cost marketing / viral | clicks. | optimiz3 wrote: | > Bioweapon Defense Mode. Nearly nobody ever needs it | | Raging wildfires causing smog all over the west coast beg | to differ. Having built-in HEPA filtration is fantastic. | SV_BubbleTime wrote: | Different take... Apple is going to push the idea wider and | this is their test audience. | | It wouldn't surprise me if the anti-googled, that is | instead of enforcing adoption of a web technology because | they own the browser market, stopping all the misused | technologies they don't want to have to explicitly protect | for. | vineyardmike wrote: | > Lockdown mode seems to be one of those features that's | great for marketing and PR in certain circles, while being | extremely useful in situations where it's needed. | | Also, it gives them additional room to play with security | research and engineering at large. They already have an | incentive to improve security on device (drive by attacks, | jail breaking), and this just enables them to play with | things that are safer but break too much. They're basically | training their other tech teams to be more secure, and find | where security and UX clash, identify and build the fix, even | if off by default. | fossuser wrote: | I suspect this is a direct response to the NSO Group related | hacks. | arecurrence wrote: | I was very happy to see this feature announced! I turned it on | immediately and so far it has had little negative impact on my | life. | | Some apps like Gmail will warn you that Lockdown mode is | activated and that it will impact your experience but I have not | encountered any drawbacks beyond iMessage links not opening the | browser. This is easily worked around by copying them. | | I hope this also blocks incoming calendar invites. Apple has as a | feature the automatic addition of calendar invites... spammers | soon noticed this and send out calendar invites with their | favorite links that can clutter it up. | altairprime wrote: | Er, are you both under threat by nation-state attackers and | also posting about your device security decisions on a public | web forum? If so, you may wish to reconsider! | ruune wrote: | Fairly certain it's just another person wanting to go the | extra mile of security. Sure, it may not do anything useful | if you're just some guy Pegasus won't ever encounter. But if | lockdown mode doesn't restrict OP in any way, what's the | drawback of just enabling it to sleep that little bit better | at night? | [deleted] | altairprime wrote: | Seems most likely, but there's nothing I need to say in | _that_ scenario. May as well cover the long-odds case in | the off chance that I save someone's life. | mark_l_watson wrote: | I have been running Lockdown Mode for several weeks. It is very | rare that my iPhone can not access a web page correctly, etc. | iMessage behaves a little differently but I am used to it. | calsy wrote: | Obviously these types of features are welcome, even though they | are apply to an incredibly small group of people. I cant help but | feel the 'personal security' push from Apple and its marketing is | rather self serving. | | Apple is under more legal pressure than ever for its apparent | 'anti-competitive' practices. They have on many occasions pushed | the line of user privacy and security to defend their business. | Features like this benefit a small group of people, but help | Apple enormously in defending itself from litigation. | | Edit: Downvote? Why are companies given the benefit of the doubt | as if they were human and caring when they are clearly not! Large | listed tech companies like Apple will ALWAYS act in their own | interest first. User privacy is the advantage Apple has over its | competitors who rely on free services and advertising. It is in | their OWN INTEREST to pursue this path which in turn impacts | others ability to compete. Must we continue to be so grossly | naive? | miles wrote: | Still waiting for Apple to allow restricting network access (both | cellular and WiFi) for specific apps on all devices, not just | those sold in China: | https://apple.stackexchange.com/a/312430/51806 . | Tomte wrote: | I think lockdown mode prevented me from copying text on my iPad | and pasting it on the iPhone in WhatsApp, but let me paste it in | Apple Notes. | | I'm not sure though, it might have been a bug, it might have been | a user error, but I wonder if inter-device copy and paste is | limited, too. I haven't read anything about it, though. | | Otherwise I've noticed nothing, except a popup when starting apps | for the first time after activating lockdown mode, that lockdown | mode is active for the app. | | To me, lockdown mode is a no-brainer. But I don't use very JS- | intensive web sites, and never use Apple messages. | GekkePrutser wrote: | Are you sure this is the lockdown mode? If your phone is | enrolled in an MDM the admin can control which apps you can | copy/paste between and normally this includes just the | corporate-sanctioned apps. | ffhhj wrote: | > 3. Under Security, tap Lockdown Mode and tap Turn On Lockdown | Mode. | | > 4. Tap Turn On Lockdown Mode. | | Tap twice? ;) | duskwuff wrote: | This is correct. The first one is a menu option; the second one | is in a dialog explaining what you're getting yourself into. | [deleted] | randyrand wrote: | A big shortcoming - 3rd party apps. | | Many hacks these days exploit Whatsapp incoming message | processing, etc. | | Every app with push notification support increases your attack | surface. | HL33tibCe7 wrote: | This further cements my opinion that Apple is just leaps ahead of | anyone else wrt security and privacy these days. They should be | applauded for this. | | I look forward to when this comes to iPad. An iPad with a | Bluetooth keyboard is an excellent option over a traditional | laptop for a high-risk target, and this'll make it even better. | skybrian wrote: | Compare with Google's "enhanced safe browsing" for Chrome and | Gmail [1] and lockdown mode on Android. | | [1] https://support.google.com/accounts/answer/11577602?hl=en | 3pt14159 wrote: | Privacy, yes. | | Security qua security (ie, not counting security loss due to | privacy loss) it's pretty tight between Android and iOS: | | https://zerodium.com/program.html | judge2020 wrote: | While rootkits et al. are bad, privacy loss can be just as | bad ie. "reads your email" or "passively reads clipboard | [containing passwords]". | gpt5 wrote: | To be fair, this mode is a direct counter to the zero-click | attacks that Zerodium is offering the high payouts for. It | specifically blocks all the (currently) known attack vectors. | | Maybe Zerodium will offer a new tier for a zero-click attack | on an iPhone on Lockdown mode in the future. | 3pt14159 wrote: | I wouldn't say that is fair in that very few people can use | that mode, so the net security win is minor and there exist | hyperlocked down Android versions for _years_ on the open | market. A friend of mine even worked on one. | | This space is murky at the top end. | | The Zerodium payout offering is a rough proxy, but for | 99.99% of consumers the security win for a iPhone are | mostly about how they don't have to think about the | manufacturer (tell your tech illiterate friend to buy an | iPhone is easier than saying "Android but only Google or | XYZ manufacturer") and how the privacy differential helps | out a bit. | | Also, plenty of people can't enable crazy hyper secure mode | without bleeding information that they've enabled it. So | this isn't as helpful as it may seem. | gpt5 wrote: | > I wouldn't say that is fair in that very few people can | use that mode | | Very few people are being targeted by nation-states who | are willing to pay for / develop these attacks. But more | importantly, these are not a random set of people. These | are head of states and companies, free speech activists | and journalists, and people with access to top secret | information. I suspect that a large set of them are aware | that they are potential targets. | lizardactivist wrote: | Important to understand is that "provisioned access" as given to | the US government is not considered to be a cyber attack, and | lockdown mode will not help you there. | | Also, it appears you cannot use configuration profiles in | lockdown mode, meaning you may not be able to use DNS over TLS or | HTTPS. | mwint wrote: | Do you have a source for this provisioned access claim, or in | fact that it exists at all? | | --- | | It says you can't install new configuration profiles while | lockdown mode is enabled, not that you can't run lockdown mode | with a profile enabled. | teeray wrote: | > Lockdown Mode is not a configurable option for Mobile Device | Management by system administrators | | This is the best news. Otherwise, you can bet your IT department | would be throwing that switch on for everyone. | deathgripsss wrote: | I imagine in lockdown mode the device would be pretty much | useless as a work device. | amself wrote: | Negative. I've been using it since the update with no issues. | kerblang wrote: | I would be interested in hearing more about your experience | and whatever sort of things have come up... | Syonyk wrote: | I've been using Lockdown for a month or two now with the | beta, and did some writing on it: | https://www.sevarg.net/2022/07/20/ios16-lockdown-mode- | browse... | | Results of enabling it and using my phone as I normally | would: | | - Some websites don't display images. I've no idea what | they encode to, but they won't display. Fine, don't care. | | - Animated GIFs don't play in Messages when coming in via | SMS (perhaps iMessage too, haven't tried). Annoying when | people communicate in animated GIFs, but... people just | expect my tech to be weirdly broken, so this doesn't | actually impact things significantly. | | And that's it. I couldn't tell you the performance delta | in casual internet use, though I don't use my phone very | heavily either. | _joel wrote: | Could they not just implement the functionality in MDM policy | anyway, or close enough? | bpye wrote: | Don't think MDM could do stuff like disable JIT. | _joel wrote: | Probably can't, good point | GekkePrutser wrote: | No but Apple could of course add the option. They fully | control the MDM API. | gambiting wrote: | I imagine it's just yet another protection for the mode - it | cannot be controlled by external policy, so no one can force it | off externally. | gregsadetsky wrote: | Sorry, I'm not sure that I follow. Why would it be a bad idea | if some IT departments enabled Lockdown Mode (LM) via MDM..? | | The article says that in LM, you can't enrol the device in MDM | -- I suppose that if you want LM functionalities, it makes some | sense that you wouldn't want parts of your device to be | remotely controllable by an entreprise (or your MDM profile | overriding some of the Lockdown options..?) | | But... I don't understand what you mean by it being a bad thing | that IT admins would want Lockdown Mode for everyone. Thanks | bgro wrote: | There are a lot of cases where you have to be available on | chat. Either sit at your desk and do nothing for 12 hours | straight, or do anything you want and just have your phone on | you. This could either be a slow day at work, or an actual | off day like being on call on a Saturday. A lot of companies | aren't going to buy you a separate work phone. | | If there's a lazy security option that can be enabled, a lot | of companies are just going to inappropriately turn it on | because it doesn't bother them that your phone can't do | anything fun. That doesn't cost them money. Even if you're a | web designer for a small shoe store where obviously nuclear | power plant level of security doesn't really make sense. | | I remember android phones like 10 years ago or so had some | corporate policy option so any time the screen is locked, you | need to enter a 20 character password that has uppers, | lowers, capitals, symbols, and numbers. | | Any patterns / words it decided were too easy to guess were | rejected for a password. This wasn't a "Lock after an hour of | inactivity." It was "Lock immediately, and set screen timeout | to 30 seconds." | blep_ wrote: | This is how you get me to start stubbornly claiming I don't | have a smartphone. | | If you have special requirements for the devices I use, | it's your responsibility to provide separate devices from | my personal ones. | withinboredom wrote: | I refuse to sign in to my work gmail on my android exactly | for this reason. It basically wants to lock down my phone. | It doesn't do that for my iPhone though, but I'm not logged | in their either, FWIW. | | I refuse to use my personal devices for work, as a matter | of principle. Need me to be on call?, flip phones are | pretty darn cheap. | Syonyk wrote: | > _The article says that in LM, you can 't enrol the device | in MDM_ | | My understanding is that you can't _change_ the MDM settings | /enrollment while in Lockdown, but you can enroll in it, and | then enable Lockdown, and be fine. | _jal wrote: | Unless I'm missing something, I think I plan to just run this all | the time. I see very few downsides, personally. | | > web fonts might not be displayed | | Great, I almost always prefer system default fonts. | | > Incoming FaceTime calls are blocked | | Perfect, I don't use it, it is always some scammer. | | > Incoming invitations for Apple Services | | Perfect, I don't care. | | > Shared albums are removed from the Photos app | | I don't use this stuff, I don't care. | | > To connect your device to a USB accessory or another computer, | the device needs to be unlocked. | | This seems like it should have always been the default. | | > Configuration profiles can't be installed | | Perfect, nobody should be trying to manage my phone. | nickv wrote: | >> Incoming FaceTime calls are blocked | | > Perfect, I don't use it, it is always some scammer. | | You get spam/scam FaceTime calls? (Not attacking, just | generally curious... I've never in my life ever gotten or know | anybody who has been spammed via FaceTime). | _jal wrote: | Yep, happened multiple times. | | In fairness, there is a setting to turn Facetime off | entirely, that didn't have to wait for this feature. | ThinkBeat wrote: | These things are godo and bad. | | It is nice to make the effort, and it might be dome good. and | allow a lot of people to feel l33t | | It is bad if people at proper risk think they are safe once it is | enabled. (and those, to me, appear to be the people this is | marketed for) | GekkePrutser wrote: | You're never 'safe' by toggling any switch. Opsec needs to be | approached holistically and goes far beyond technology. This | setting could be part of that but not the core. I would expect | the people really at risk to be fully aware of this (or have | people in their entourage that are). The best thing to do if | you have state-sponsored adversaries is to assume your phone is | being hacked. | | I have seen some people in such positions and sometimes they | don't even use a smartphone at all. I don't think they would be | tricked into feeling 'safe' with something like this. I wonder | if it will actually prevent the attack vectors used by | something like Pegasus. | | I think it will make a lot of people feel badass though :) Like | most people that bought Phil Zimmermann's Blackphone. | geoffeg wrote: | I find it interesting that Lockdown Mode doesn't (yet) enable | multiple lock screen authentication methods. Requiring Face ID | AND a pass code could be useful. (There are rumors that Apple | will add Touch ID back to their phones in the future. I'm not | sure they'd keep Face ID on a phone with Touch ID but combining | those two methods AND requiring a pass code would seem to be the | most secure.) | | I'd also like to see some method for quickly wiping the phone or | severely disabling it. A friend mentioned that a new scheme for | thieves is to ask you for your unlocked phone at gunpoint and | then use a cash app to transfer money to one of their accounts. | Some way to very quickly (and covertly) wipe your phone would | help defend against that attack. (Related: | https://www.startribune.com/warrant-grifters-targeting-cash-...) | gregoryl wrote: | "If you wipe your phone, I will shoot you." | | A more practical defence is keeping a low balance on any | account that can be easily accessed from the phone. Not seeing | any real use for this functionality when faced with an | adversary physically. | 1123581321 wrote: | In the theft as described from the article, it would've | helped since the scam was based on escalating a phone | borrowing to theft while acting like a crime wasn't | happening. | geoffeg wrote: | True. If there was some way to de-auth or remove high target | apps that might allow some level of deniability? (edit: I | used the wrong word initially.) | 1123581321 wrote: | Lock or mark iPhone as lost from the watch would be a nice | feature. | yosito wrote: | I wonder why all of these settings are grouped together into a | "mode" rather than giving users control over each of them | individually. | | What if I want to block USB devices, but I want to be able to use | shared photo albums? | oneplane wrote: | I'd guess the following: if Apple is a company that is mostly | trying too sell UX and seamless integration as a part of that, | but has to break quite a lot of that every time an 'extreme' | protection measure is used, then it stands to reason that | they'd make the 'mess up the UX' thing all contained in one | option. | | It makes for a very clear demarcation as to why the product | doesn't work as it normally should, and an abundance of | differentiation would remove all of the guessing as to "why is | feature X not doing what I expect" for the user of the device. | gpt5 wrote: | I imagine that it's more than that - by grouping them into | one feature, Apple can continue and improve upon lockdown | mode without needing to opt-in the user in every update. | unethical_ban wrote: | Hm, it would be interesting if they had toggles for each | feature with some kind of UI element/hint/incentive to have it | all on. | | Think of how Apple maintains their image, and who they claim | this is for. They don't want a journalist killed because they | thought they had Lockdown Mode on, but they had link previews | in SMS and got hit by a zero-day tracker. | saagarjha wrote: | I assume it would be difficult for most users to make informed | decisions on this | coder543 wrote: | I agree it would be nice to have the ability to toggle some of | these on without the others. | | Regarding USB devices, Apple has offered a setting for years in | "Face ID & Passcode", under "Allow Access When Locked" called | "USB Accessories". If you turn that off, then your iPhone won't | allow USB accessories to connect if the phone has been locked | for more than an hour. Not quite the same as the Lockdown | setting, but better than nothing? | SkyPuncher wrote: | You can do that via MDM profiles, already. | | The value of grouping this into a mode is ensuring end | operators don't miss important details. | maybelsyrup wrote: | Does anyone think that Lockdown Mode was allowed to roll out | without the American security state feeling comfortable that | they're able to defeat it by pressing a button? | JumpCrisscross wrote: | > _Lockdown Mode was allowed to roll out without the American | security state feeling comfortable that they 're able to defeat | it by pressing a button?_ | | There is growing political consensus that given the lawless | conduct of our adversaries, and the semi-lawful conduct of | American intelligence, a smaller overall security cross section | is to our advantage. | MMS21 wrote: | Looks like they're preparing for sideloading (LFG!) ___________________________________________________________________ (page generated 2022-09-14 23:00 UTC)