Apple's iOS16 Lockdown Mode

Apple’s iOS16 mobile operating system was released on September 12, 2022, and with it came an intriguing new feature called Lockdown Mode. And while many privacy enthusiasts may be well… enthusiastic at the prospects of hardcore privacy-preserving functionalities, it’s best to understand how the feature works and what it does (and doesn’t do) before enabling it.

So in this post, we’re going to do just that. Keep reading to find out everything you need to know about Apple’s new lockdown mode, and whether or it is something you should be using.

Lockdown Mode

Apple announced lockdown mode in early July. It pitched the feature as an “extreme” level of protection against sophisticated “zero-click” attacks. Zero-click attacks can hack into your iPhone without any interaction on your part. They’re “invisible” to the user and target existing vulnerabilities in the iPhone’s core features, such as calling, messaging, and web browsing.

While Apple, like most vendors, does its best to fix vulnerabilities as they’re discovered, it’s an eternal cat-and-mouse game between hackers and software/hardware vendors. And it’s a game in which one can never assume they’re ahead of their adversary. So something that cuts off access to potential vulnerabilities will be a much more reasonable approach than assuming (more like pretending) a device and its software are un-hackable. And that’s Apple’s privileged approach with its new Lockdown Mode in iOS16.

So what is it, exactly?

Metaphorically, Lockdown Mode allows users to turn off some of their data faucets. With Lockdown Mode, users can temporarily switch off some of the device’s most vulnerable features, making it much more difficult for bad actors to gain a foothold in their iPhones and funnel their private information. By disabling hackers’ favorite access points, Lockdown Mode dramatically reduces your attack surface and hence, your risk of falling victim to a zero-click attack.

Lockdown mode limits what you can do with your phone and who can contact you. Security has always come at the expense of convenience, and Lockdown Mode is no different in that regard. However, even with the feature enabled, I didn’t find it to be so prohibitive as to be unusable. But if you’re the kind of iPhone user that likes to self-document your life on TikTok, the feature may not be for you.

And that brings up the question of who the feature was designed for.

Who needs Lockdown Mode?

Apple makes it quite clear that Lockdown Mode isn’t for your average iPhone user. Apple’s feature is geared towards those who are at high risk of being specifically targeted for individual surveillance as opposed to the indiscriminate surveillance that happens to everyone using a smartphone, tablet, or computer, every day.

So who are we talking about here? We’re talking about journalists, activists, whistleblowers, human rights defenders – and maybe even celebrities. These folks can be the target of sophisticated hacking campaigns by nation-state actors or powerful hacker collectives (usually state-sponsored).

NSO Group’s infamous Pegasus malware, which targets both iOS and Android devices, was designed to pull off these kinds of targeted attacks. And while they’re indeed quite rare insofar as they affect a tiny number of people, the damage they can cause is devastating. In 2021 Apple stated it had identified these types of targeted attacks on its users in over 150 countries. Combined with its strong stance on user privacy, this may be the motivation for Apple to make this feature available to all of its users so that the most vulnerable can protect themselves against these threats.

As the Cupertino company puts it on its Lockdown Mode support page, “Lockdown Mode is an optional, extreme protection that’s designed for the very few individuals who, because of who they are or what they do, might be personally targeted by some of the most sophisticated digital threats. Most people are never targeted by attacks of this nature.”

So, Lockdown Mode wasn’t designed for the masses. However, everyone is free to enable it if they please. Let’s now look at how we enable the feature.

How to enable Lockdown Mode

Lockdown Mode is only available in Apple’s latest operating system: iOS16. So having a device running iOS16 is a prerequisite. Once you’ve updated to iOS16, you will be able to use it.

Here’s how to enable lockdown mode:

  1. Access the Settings app.
  2. Scroll down to the Privacy section. The Privacy page opens.
  3. Scroll to the bottom of the Privacy page. You will see an entry for Lockdown Mode.
  4. Click Lockdown Mode. The Lockdown Mode disclaimer is displayed.
  5. Click Turn On Lockdown Mode. A list of disabled functionality is displayed.
  6. Scroll down to the bottom and click Turn On Lockdown Mode again. A prompt is displayed for you to confirm you want to enable Lockdown Mode.
  7. Click Turn On & Restart. Your phone will reboot. Once it’s back up, Lockdown Mode is enabled.

If you head back to the Lockdown Mode Settings page (Settings/Privacy/Lockdown Mode), a list of all the affected apps and functionality is displayed. Let’s go through that list to really understand what it means to use an iPhone in Lockdown Mode.

Lockdown Mode specifics

Let’s look at what specific functionality is disabled when you enable Lockdown Mode.

Messages

  • Link previews in message bubbles are disabled (see below) Apple Locldown Mode - Messages
  • Attachments other than images cannot be opened

Web browsing

  • Some web browser technologies like JIT (just-in-time) rendering and others are disabled. You can, however, exclude trusted sites from Lockdown Mode. These web browsing restrictions apply to all browsers available on iOS (Safari and third-party browsers).
  • The download of remote fonts is disabled.

Apple services

  • Apple service requests and incoming invitations, including FaceTime calls and Shared Albums, are blocked for all users except those you previously invited prior to enabling Lockdown Mode.

Miscellaneous

  • All wired connections with a computer or accessory (USB) are blocked when the device is locked (screen off).
  • The ability to install configuration profiles (.mobileconfig) is disabled. Configuration profiles automatically apply settings to an iOS device instead of having to configure it manually. It’s widely used within enterprise settings. The device also cannot be enrolled into a mobile device management service (MDM).
  • Shared Albums are not displayed in the Photos app, and, as mentioned above, new invitations for Shared Albums are disabled.

Also, a software engineer, Alexis Lours, who recently conducted in-depth manual testing of Lockdown Mode, found that the following services get disabled when you enable Lockdown Mode.

  • WebAssembly
  • MP3 Playback
  • MathML
  • Gamepad API
  • Web Audio API
  • WebGL
  • JPEG 2000
  • Speech Recognition API
  • MediaDevices.getUserMedia()
  • RTCDataChannel
  • PDF Viewer
  • SVG Fonts

You can get more details on Lockdown Mode and the disabled services by reading his report.

Those are the protections that are available right now. But according to Apple, it will add more protections to Lockdown Mode over time to enhance the security provided by Lockdown Mode.

Wrapping up

So that, in a nutshell, is Apple’s Lockdown Mode. You now know what it is, what it does, how to enable it, and that it isn’t designed for your everyday user, though you’re free to enable it if you like. We’ve been living with the internet for a while now, and I think most of us now realize that despite all of the cat videos it hosts, the internet is a hostile place with no shortage of bad actors looking to exploit you.

For iOS users at particular risk of a targeted attack, Apple now provides some help with its Lockdown Mode. It’s a welcome feature that’s bound to grow, and we commend Apple for implementing it.