Are you paranoid about surveillance? You probably shouldn’t be, but if you are, Apple has something to protect you. It’s called Lockdown Mode, most people don’t need it, and should probably use VPN services, such as NordVPN, Express VPN, or Windscribe1 and a rock solid Apple ID password instead.
But what if you’re not most people?
Lockdown Mode is for the kind of high-value people governments and serious criminals target. In recent years, really frightening examples of such attacks have emerged, including one from the NSO Group which only needed you to open an iMessage. High-ranking politicians, civil rights advocates, journalists, and even US State Department employees have all been attacked.
Not everyone needs to worry. These attacks use complex, hard-to-find vulnerabilities which cost millions to create and run, which is why you probably haven’t been targeted. Apple’s Lockdown Mode closes some of the typical ways these sophisticated attacks undermine your security. It’s not perfect, nothing is, and when it is switched on some of the things you do just won’t work. These include:
Most message attachments other than images are blocked and link previews are disabled.
Some websites won’t function correctly.
Incoming invitations for things like Facetime or shared albums in Photos may be blocked.
You won’t be able to use accessories.
If you use a VPN service, as so many people do, you need to set your device up for use with that service before entering LockDown Mode as it isn’t possible to register a device with a VPN service once it is locked down.
It’s the same if your employer runs software to manage your device (Mobile Device Management, or MDM). So long as that software is installed on your device before it’s locked down it will continue to work.
You switch your iPhone or iPad to Lockdown Mode in Settings> Privacy & Security where you’ll find the Lockdown Mode button. On a Mac, you’ll find the move in Privacy & Security in System Preferences. You’ll need to restart your device to lock it down, and you’ll need to repeat the process to unlock it again later once you’ve tried it.
Security experts warn that while this locked down state does limit the ‘attack surface’, attackers will find other vulnerabilities to abuse, such as malware-laden apps or targeted social engineering attacks.
Lockdown Mode is really intended for the kind of targets governments will spend millions to attack. Most people simply don’t need it. If you want to make yourself safer online it’s easier to take a common sense approach: don’t click links or open attachments from strangers, install the latest security patches, use strong and unique passcodes, two-factor authentication, and only install apps from trusted sources like the App Store. But if you think you are being watched, you can now try Lockdown Mode.