September 12, 2022 at 5:16 PM
"Turning on Lockdown Mode in iOS 16, iPadOS 16, and macOS Ventura further hardens device defenses and strictly limits certain functionalities, sharply reducing the attack surface that potentially could be exploited by highly targeted mercenary spyware," Apple said.
Once toggled on, Lockdown Mode provides additional messaging, web browsing, and connectivity protection that blocks commercial spyware (like NSO Group's Pegasus) used by government-backed attackers to monitor compromised Apple devices.
More often than not, such attacks use zero-click exploits targeting web browsers or messaging apps such as Facetime and WhatsApp.
However, with Lockdown Mode enabled, they will be blocked automatically since vulnerable features exploited to install spyware like link previews will be disabled.
Among the other features that will be disabled to defend against spyware attacks, Apple also lists message attachment types different than images, complex web technologies such as just-in-time (JIT) JavaScript compilation, uncalled for incoming invitations or service requests, configuration profile installation, and MDM joining.
The company has also announced new Apple Security Bounty categories to provide security researchers with monetary rewards for finding and helping close down security bugs that could be used to workaround Lockdown Mode defenses.
"To invite feedback and collaboration from the security research community, Apple has also established a new category within the Apple Security Bounty program to reward researchers who find Lockdown Mode bypasses and help improve its protections," Apple said in July.
"Bounties are doubled for qualifying findings in Lockdown Mode, up to a maximum of $2,000,000 — the highest maximum bounty payout in the industry."
