d A full armor mechanism, which specifically disables certain functions and services on the iPhone, iPad and Mac to minimize the attack surface of cybercriminals. It is the new Lockdown Modea hyper-secure mode designed by Apple to reduce the risk of high profile cyber attacks. It will arrive in the fall on the final versions of iOS 16, macOS Ventura and iPadOS 16, but developers will already be able to test it on the beta of the new operating systems available from today (Wednesday, July 6). In Italian it will be called isolation mode.
Apple called it “extreme protection”, intended not so much for the general public as for a small number of sensitive individuals such as journalists, activists or politicians who risk being targeted by spy agencies and mercenary cybercriminals. The attacks that Lockdown Mode will help prevent are similar to those conducted with software like Pegasus, developed by the Israeli agency NSO Group and sold to government agencies around the world. While it can be used to identify and track criminals and fugitives, it is one of the favorite tools of authoritarian regimes and spy agencies in conducting surveillance operations.
It is the spyware that was used for example by the Mexican secret services to intercept El Chapo Guzman, but also by the Saudi ones to monitor the phone of the journalist Jamal Khashoggi before his assassination in Turkey.
Towards autumn
From iPhones to Macs, to VR headsets: all the Apple news on the way
by Andrea Nepori
How Lockdown Mode works
ll Lockdown Mode blinda l’iPhone, il Mac o l’iPad reducing potential attack surfaces for spyware. Specifically, these are the detailed defenses so far from Apple:
- All types of attachments other than images are blocked in Messages. Some specific features, such as link previews, are disabled
- Browsing the Web: the most complex web technologies (such as the Just In Time – JIT – compilation of the Javascript code) are not available, unless the visited site has not been manually exempted by the user
- Apple services: invitations and connection requests, included FaceTime callsthey do not work unless the user first invites the other party to establish contact
- Le cable connections to a computer are armored automatically when the phone is locked
- Cannot install configuration profiles and the device cannot be enrolled in Mobile Device Management, the systems that companies use to remotely manage fleets of devices provided to employees.
“Lockdown mode is an unprecedented feature that reflects our commitment to protect users from even the rarest and most sophisticated forms of cyberattacks,” he explained. Ivan Krsti ?, the head of Apple’s Security Engineering and Architecture division. “While most users will never fall victim to highly targeted cyberattacks, we also work to protect the few who risk being so. This effort includes designing specific defenses for these users and our support for researchers and organizations doing critical work to combat the mercenary companies that create these types of attacks. ”
The anniversary
15 years after its launch, the iPhone is still in Apple’s future
by Bruno Ruffilli
Rewards for flaws
Apple will strengthen Lockdown Mode over time to accommodate new and increasingly sophisticated threats. To succeed, the company will offer ethical hackers an even greater reward for report iOS, iPad OS and macOS security bugs to the company. For the first time since the announcement of its bounty program in 2019, Apple has in fact decided to bring the maximum payment for those who discover zero day flaws and possible exploits capable of bypassing the Lockdown Mode protections to 2 million. For the other safety reports, the maximum outlay envisaged remains the one that already exists, equal to one million dollars.
Apple has specified that the figures of its bounty programs are not based on the black market rates of the security holes, from which they draw heavily unscrupulous companies such as NSO Group. Instead, the company explained to us, they are commensurate with the time and effort that researchers have taken to discover and validate the security bug and any proofs of concept, designed to demonstrate how the flaw could be used for malicious purposes.
Gadget
The new Apple Watch will also tell you if you have a fever
by Andrea Nepori
Apple’s bounty program, launched in 2019, has been at the center of various controversies in the past. At the end of 2021, researcher Denis Tokarev had complained about a lack of transparency and adequate communication with the company and had decided – with a much criticized and unorthodox choice – to publish three zero holes for iOS after Apple did not, according to him, the right importance to his reports. However, researchers and experts confirmed that the situation improved in the first half of 2022, confirming a greater commitment of Apple’s Security division in communication and interaction with the industry community.
Ten million against state spyware
At the same time as the announcement of Lockdown Mode, Apple has made it known that it has established a $ 10 million fund to fund research and investigation into the development and dissemination of state-owned malware. The research grants will be managed and awarded by the Dignity and Justice Fund managed by the Ford Foundation. The first will arrive between the end of 2022 and the beginning of 2023 and will support both technical research and public awareness initiatives against the phenomenon of so-called “mercenary malware”.
To the 10 million, they say from Apple, will be added the eventual damages obtained from the trial against NSO Group. The Cupertino-based company sued the creators of Pegasus in 2021 by detailing how the Forcedentry, an iOS exploit developed specifically by the Israeli agency (already solved for some time) to install spyware on Apple’s smartphones. The cyberattack was discovered and documented by Citizen Lab, a research group at the University of Toronto.
“Our research has produced irrefutable evidence of how the surveillance industry facilitates the spread of authoritarian practices and human rights abuses around the world,” explains Ron Deibert, director of Citizen Lab. “This new research fund sends an important message. It will also support independent researchers and pressure groups who will fight for spyware vendors to face up to their responsibilities for all the damage they inflict on innocent people. ”