Security
Headlines
HeadlinesLatestCVEs

Headline

iOS 16 Has Two New Security Features for Worst-Case Scenarios

Safety Check and Lockdown Mode give people in vulnerable situations ways to quarantine themselves from acute risks.

Wired
#vulnerability#ios#mac#apple#git#asus#ssl

Apple has long said that it offers software that is secure and private enough for all users by default, without special tiers or paid services. As digital threats to its users expand, though, the company has had to evolve this philosophy. And today’s release of iOS 16 comes with two new features meant to help protect people facing very specific crises in their lives.

Safety Check and Lockdown Mode are very different tools, but Apple has built them both into its latest mobile operating system release as lifelines for digital worst-case scenarios.

Apple designed Safety Check as a feature for users who are at risk for, or currently experiencing, domestic abuse. The tool centralizes a number of controls in one place to make it easier for users to manage and revoke access to their location data and reset privacy-related permissions. Lockdown Mode, on the other hand, is meant for users who potentially face targeted spyware attacks and aggressive state-backed hacking. The feature comprehensively restricts any nonessential iOS features so there are as few potential points of entry to a device as possible. As more governments and repressive entities around the world have begun purchasing powerful commodity spyware to target individuals of particular importance or interest, iOS’s general security defenses haven’t been able to keep pace with these specialized threats.

“I do think that things like Lockdown Mode and Safety Check are good,” says Thomas Reed, director of Mac and mobile platforms at the antivirus maker Malwarebytes. “People criticize Apple for not opening up iOS enough, and those folks would say this is just a token effort to silence critics. I don’t agree, though. For the nation-state-type stuff and risks users may be facing from people close to them, I think these new features will absolutely help within the paradigm of Apple’s current security model.”

Many mobile security researchers, including Reed, see major tradeoffs in Apple’s philosophical approach to securing iOS. The mobile operating system is extremely locked down and can’t be monitored for suspicious activity the way other operating systems can be. The benefit of this is that attackers are boxed out in the same way defenders are, but when hackers find and exploit a vulnerability, they can do it without being seen. Given this premise, the creation of purpose-built protective tools like Safety Check and Lockdown Mode is not just a logical progression but a necessary one.

“The more Apple locks down iOS to improve end user security, the harder it becomes for the security research community to investigate and identify vulnerabilities,” says Amanda Gorton, CEO of the of the mobile virtualization company Corellium. “I think it’s commendable that Apple is taking measures to address security threats that are only ever likely to impact a tiny fraction of its user base.”

For iOS users dealing with harassment or abuse at home, Safety Check offers a few options to take back some digital control. For a user who has concerns and wants to rein in the access other people may have to their location information and other data, Safety Check offers a tool called Manage Sharing & Access. This tool details the people and apps that have access to different information, like who is connected through Find My Friends or which apps can use a device’s microphone. It also includes walkthroughs so users can review their security settings. The Emergency Reset feature, meanwhile, is like a panic button if you think someone has gotten access to your device and set it so you are easier to track and surveil. Emergency Reset can revoke all access at once, resetting privacy permissions, signing you out of iCloud on all other devices, and limiting where your account can send and receive texts through Messages.

Apple says that “Safety Check can be helpful to users whose personal safety is at risk from domestic or intimate partner violence by quickly removing all access they’ve granted to others."

To access the features, go to Settings, then Privacy & Security, and then Safety Check.

Lockdown Mode is different in the sense that it is almost a parallel universe that users can move their iPhones into where luxuries like link previews in Messages, shared albums in Photos, and FaceTime calls from phone numbers and accounts you haven’t called before are all blocked. In exchange, the goal is to make it much more difficult for commercial spyware vendors to discover and take advantage of complex exploit chains that combine vulnerabilities in multiple iOS features to take control of devices.

“While the vast majority of users will never be the victims of highly targeted cyberattacks, we will work tirelessly to protect the small number of users who are,” Apple’s head of security engineering and architecture, Ivan Krstić, said when the feature was announced in July. “That includes continuing to design defenses specifically for these users.”

Turn on Lockdown Mode in iOS 16 by going to Settings, then Privacy and Security, then Lockdown Mode.

Though Apple doesn’t intend either feature to become a hot trend for most users, the fact is that the tools may find audiences and use cases beyond their intended populations. And when it comes to Lockdown Mode, in particular, one can only imagine what strategies researchers and attackers alike may develop to attack even this most hardened version of commercial iOS. But both features offer new and expanded opportunities for users to make it more difficult for adversaries of all sorts to achieve the level of access they seek. And both make it easier for Apple to fix new vulnerabilities and workarounds that arise more easily. Rather than having to make substantial changes, Apple can simply refine Safety Check and Lockdown Mode to address the latest concern.

“There’s been some debate about whether Lockdown Mode will actually prevent spyware attacks like infections from NSO Group’s Pegasus,” Malwarebytes Reed says. “It’s possible it won’t prevent all possible means of infection, but it reduces the attack surfaces and makes it harder for attackers. As much as I’d personally like to be able to have greater visibility into iOS, I think Apple’s doing the right thing."

Apple’s App Store, though, is one domain that Lockdown Mode and Safety Check don’t address. Researchers have found malicious apps that got approved for the App Store in the past, and as other avenues are closed off to attackers, they may increasingly refine their techniques for developing stealthily malicious apps in an attempt to make up ground.

“The specific elements of Lockdown Mode give us insight into what Apple sees as the most common attack vectors on an iPhone today,” Corellium’s Gorton says. But “Lockdown Mode doesn’t seem to restrict access to third-party apps. It’s possible that as Apple limits the attack surface for native features, the attack focus may increasingly shift to apps from the App Store. That could be problematic for a couple of reasons. One, we know these these apps undergo relatively limited review before making it to the App Store. And two, this would increase the burden of security mitigations on third-party developers, but the locked-down nature of iOS makes it increasingly difficult for app developers to adequately test the security of their own apps.”

Apple’s changing philosophy on specialized security and privacy protections is a welcome step, but it may apply its own evolutionary pressures to the iOS security field that move attackers’ focus without dampening their zeal.

Wired: Latest News

More Spyware, Fewer Rules: What Trump’s Return Means for US Cybersecurity