As a paranoid journalist, I’m an enthusiastic person of Apple’s opt-in “extreme protection” characteristic, Lockdown Mode.
Apple launched Lockdown Mode in 2022, and since then the safety characteristic is taken into account a must-use for dissidents in corrupt nations, human-rights defenders in oppressive regimes, and journalists talking fact to energy.
Lockdown Mode is designed to change off some options in iPhones, iPads, and Macs, with the objective of lowering the probability that hackers armed with subtle spy ware or zero-days — unknown flaws in techniques that permit attackers to stealthily exploit them — can efficiently break Apple’s working system protections and spy on its customers.
In apply, Lockdown Made removes some regular Apple gadget options, akin to fonts loaded from the web that may monitor you, the power to obtain sure forms of information, your location knowledge from pictures that you just share, assist for 2G mobile connectivity, and letting individuals who haven’t contacted you earlier than attain you over FaceTime and iMessage; though it’s unclear if the latter is the case (extra on that later).
In alternate for these nuisances, Lockdown Mode makes it more durable so that you can get hacked, even by a number of the most superior hackers on the market.
Lockdown Mode already has a monitor report of blocking these superior assaults. Apple says it’s not conscious of any profitable hack in opposition to its customers who’ve enabled Lockdown Mode, and digital rights group Citizen Lab have documented an tried spy ware assault blocked by Lockdown Mode. I, too, have personally heard some individuals within the offensive safety trade complain about Lockdown Mode making their exploits tougher.
However three years after its debut, precisely how Lockdown Mode works continues to be shrouded in obscurity, and lacks explanations into the reasoning behind what actions Lockdown Mode takes. And, a few of Lockdown Mode’s notifications are downright complicated, unexplained, or seemingly random, which could discourage some customers from utilizing Lockdown Mode altogether.
Blocked, however why?
Let me preface this by saying that people who find themselves in danger from authorities hackers should use Lockdown Mode, even contemplating the restrictions that include it.
These restrictions aren’t the issue. Lockdown Mode’s notifications have develop into more and more puzzling.
Working example: The opposite day, I acquired this Lockdown Mode notification (beneath) out of nowhere, mentioning somebody by identify who I haven’t talked to in months, and from whom I didn’t obtain a message or a name afterwards. Following this notification, after I requested if she tried to contact me, she mentioned that no, she didn’t.
Somebody additionally instructed me that as they had been scrolling by means of their contacts, one in every of their buddies noticed a “Lockdown Mode blocked…” notification along with his identify on, suggesting Lockdown Mode may be triggered just by viewing somebody’s contact.
However…why?
For months I’ve been getting the identical notification telling me that Lockdown Mode blocked somebody “from contacting” me, each time I exploit iMessage, and it all the time mentions somebody I do know, and who’s already in my contacts.
These notifications usually pop up when I’m already messaging that particular person on iMessage, which makes it unclear if I’m going to cease getting their messages, or worse, that a few of their messages have already disappeared because of Lockdown Mode.
Hell, perhaps this implies I get hacked, or a minimum of focused? Ought to I get my cellphone checked each time I get one in every of these notifications?
It seems I can nonetheless maintain chatting with the very folks that Lockdown Mode claims to have blocked. These persons are fairly actually contacting me, and I’m chatting with them. What’s Lockdown Mode really doing right here?
Contact Us
Have you ever seen any unusual Lockdown Mode notifications? Or do you do safety analysis on Lockdown Mode? From a non-work gadget and community, you possibly can contact Lorenzo Franceschi-Bicchierai securely on Sign at +1 917 257 1382, or through Telegram and Keybase @lorenzofb, or e-mail. You can also contact TechCrunch through SecureDrop.
Tapping on Lockdown Mode notifications does nothing. You aren’t redirected to an Apple web site that explains what Lockdown Mode is or does, nor does it clarify what these notifications particularly imply.
“I don’t think these messages are helpful. They do not include any context and are not actionable, nor is there a way to figure out what’s going on,” Runa Sandvik, a hacker who has a startup that helps journalists and different excessive threat individuals defend themselves, instructed TechCrunch. “I’d love to see Apple either share more information so that we know what to ‘do’ with them, or not display them at all.”
Sandvik and I aren’t the one ones left scratching our chins each time we see Lockdown Mode notifications. Once I wrote about my considerations about Lockdown Mode on social media, a number of individuals responded publicly — and in non-public — saying they’ve had comparable experiences, and are additionally confused.
My editor Zack Whittaker, for instance, has for months been sporadically getting Lockdown Mode notifications saying “an unknown contact attempted to share control of Apple Music,” in addition to a notification that Lockdown Mode “blocked Focus Sharing,” and received’t be shared with different individuals when in Lockdown” (I additionally get this notification now and again.)
To the lab we go
I made a decision to run an experiment with the assistance of Harlo Holmes, chief data safety officer and the director of digital safety at Freedom of the Press Basis, a non-profit that helps assist the free press. I puzzled if it made any distinction — when it comes to triggering the complicated notifications — whether or not somebody not in my contacts tried to achieve out to me with Lockdown Mode enabled on my cellphone, and what sort of content material it might block.
We each deleted one another from our contact lists (we’re nonetheless buddies although), and began chatting for the primary time ever on iMessage. When Holmes texted me — and neither of us had been in every others’ contact lists — I acquired the “Lockdown Mode blocked…” notification, this time displaying her cellphone quantity. I nonetheless acquired her message.
We exchanged textual content, emojis, a cat image, and iMessage “stickers.” All of those went by means of, apart from the stickers, which turned to both a Unicode character of a query mark, or a nondescript file attachment, which may’t be opened, even for those who faucet on it:
When this occurred, each Holmes and I may nonetheless see the stickers we despatched from our personal telephones, which means the blocking was solely seen to the recipient. That can be the case for the “Lockdown Mode blocked…” notification. I acquired the notification, however Holmes didn’t know I obtained it.
This is smart, as Apple wouldn’t need to tip-off authorities hackers that their try and hack somebody not solely didn’t work, but additionally alerted the focused person who one thing went flawed.
That’s good to know, and once more, I’m blissful Lockdown Mode blocks one thing, and makes me safer, however I nonetheless don’t know what these notifications are supposed to inform me.
I reached out to Apple asking them for some explanations, however an Apple spokesperson didn’t present on the report remarks by press time. At the least the spokesperson acknowledged receiving my message, so I do know Lockdown Mode didn’t block it.
