Brendon
Baxter

What is Apple lockdown Mode?

Brendon Baxter

Nov 10, 2022

9 min read

“Seal the doors, guard the towers and tighten the security. We don’t want anyone trespassing the castle,” said the king.

Apple introduced a new feature called the Apple lockdown to improve its security system. Known for its tight security features, Apple’s lockdown mode is another extreme security feature designed to stop unwanted entry into any Apple device. Initially, the feature was released for iPhones, but later Apple decided to extend it to the other Apple devices too.

According to Apple’s official documentation, the lockdown feature is not meant for the common folks since the feature tends to be too restrictive in terms of usability. Instead, the feature was designed to protect high-risk individuals from targeted attacks. Apple lockdown is an optional feature in iPhones, iPads and Macs, which, when turned on, tightens the device’s defenses. In order to strengthen the device’s defenses, certain device functionalities are disabled, which reduces the attack surface that could be exploited by malware or even mercenary spyware.

What is mercenary spyware?

At this point, everyone probably knows what malware is, but what is mercenary spyware? Why is it worse than malware? Mercenary spyware is used to describe highly targeted spyware, which is typically state-sponsored tools used to gather data from high-profile individuals or even other governmental organizations. Spyware of this sort is intended to break mobile phones and extract large amounts of information stored or processed by the system. This includes instant messages, location, call interceptions, camera and micro recordings, and app information.

How does Apple lockdown mode secure your devices?

As mentioned above, once switched-on certain functionalities won’t work on the device. These functionalities are:

  • Messages – Most message attachment types except for specific photos, videos, and audio are prohibited. Other features like links and link previews will be unavailable once lockdown is enabled.
  • Web browsing – Some complex web technologies will be blocked and this can cause some websites to load more slowly or not function properly. Additionally, some web fonts may not be visible and images may be substituted with a missing image icon.
  • FaceTime – Incoming FaceTime calls are banned unless you’ve already spoken to the contact or individual.
  • Apple services – Unless you’ve already invited the person, incoming invitations for Apple services are restricted, such as invitations to manage a home in the Home app.
  • Shared Albums – The Photos app will no longer support shared albums, and new invitations to create shared albums are no longer accepted. These shared albums are still accessible on other devices without Lockdown Mode turned on. In your device’s Settings, you must switch Shared Albums back on after disabling Lockdown Mode.
  • Device connections – Your iPhone or iPad must be unlocked in order to be connected to an accessory or another computer. Your Mac needs to be unlocked and explicit permission must be given in order to connect your Mac laptop with Apple Silicon to an accessory.
  • Configuration profiles – While the device is in Lockdown Mode, configuration profiles cannot be installed, and it cannot be registered for Mobile Device Management or device supervision.

Other common features like calls and plain text messages won’t be affected by lockdown mode.

Requirements for Apple lockdown mode:

  • iOS 16 or above.
  • iPadOS 16 or above.
  • macOS Ventura or above.

Do you really need Apple lockdown mode on your device?

Cybersecurity is a sensitive term in this digital era, and everyone aims to get their hands on the best security tools to protect them from online threats. But do you need Apple lockdown on your Apple device? Is such an extreme security measure necessary to protect your data online?

Apple’s answer was that you don’t need the Apple lockdown mode unless you are a high-profile person, or a top-level government employee trusted with highly sensitive data. The feature aims to protect such individuals from sophisticated cyber-attacks like the Pegasus attack in 2020.

However, you can use the feature if you need that extra layer of protection on your device. Apple doesn’t suggest the lockdown feature for standard users because the feature is highly restrictive, and you probably can’t use the device as you usually would.

To see if you need it or not, you can weigh the pros against the cons:

Pros

  • The device becomes highly secure once it is switched on.
  • Apple specifically tells who needs it.
  • It is a built-in feature, so there is no need for any external or third-party apps or software.

Cons

  • Only released for the latest versions of Apple devices.
  • Many key functionalities are restricted.
  • Not completely foolproof since it is a newer technology.

So, our advice is that you won’t need the lockdown mode unless you fall into the group of individuals that require extreme security for their device. To know more about securing your iPhones, click here.

How to turn on Lockdown Mode on your device?

Turning on lockdown mode is a bit different for different devices. These are the platform-wise steps to follow to set up lockdown mode:

  • iPhones and iPads
    • Open the Settings app.
    • Tap Privacy & Security.
    • Under Security, tap Lockdown Mode and tap Turn On Lockdown Mode.
    • Tap Turn On Lockdown Mode.
    • Tap Turn On & Restart, then enter your device passcode.
  • Mac
    • Choose the Apple menu  > System Settings.
    • From the sidebar, click Privacy & Security.
    • Scroll down to Lockdown Mode, then click Turn On.
    • If prompted, enter the user password.
    • Click Turn On & Restart.

Once the lockdown mode is enabled, you can exclude an app or website in Safari from being impacted and limited. Exclude only trusted apps or websites and only if necessary. To do this:

  • On iPhone and iPad
    • To exclude a website while browsing: Tap the Page Settings button AA, then tap Website Settings. Then turn off
    • Lockdown Mode.
    • To exclude an app or edit your excluded websites:
    • Open the Settings app.
    • Tap Privacy & Security.
    • Under Security, tap Lockdown Mode.
    • Tap Configure Web Browsing.
  • On Macs
    • To exclude a website while browsing: Choose the Safari menu > Settings for [website]. Then deselect the Enable
    • Lockdown Mode checkbox. To include the website again, reselect the checkbox.
    • To edit your excluded websites:
    • From the menu bar in Safari, choose the Safari menu > Settings.
    • Click Websites.
    • In the sidebar, scroll down and click Lockdown Mode.
    • From the menu next to a configured website, turn Lockdown Mode on or off.

Is Apple lockdown mode the solution for all cyberthreats?

Apple is moving in the right direction towards total security at a device level with the lockdown feature, but is it the final nail in the coffin? Definitely not. In fact, they are much further away than we think they are from achieving that goal.

Even though the Apple lockdown feature is meant to be an extremely rigid security feature, it has a few vulnerabilities since it is in the initial phase. Apple has a bounty program for discovering problems in the Apple lockdown feature. They are offering $10 million to people who can find out security concerns regarding the lockdown feature.

One possible vulnerability of Apple’s lockdown feature is that websites can find out the lockdown status of devices. This is possible because Apple blocks specific web fonts when the lockdown feature is enabled, and this is traceable by the website owners. Though it might seem like a minor issue, this vulnerability can cause considerable problems in the future. The malicious websites can find devices, not in lockdown mode and target those devices.

Currently, the feature can’t be described as an all-round solution to all security concerns regarding Apple devices. Still, with future updates, this feature has the potential to be a powerful cyber-security tool.

What does this mean for device management?

Apple has mentioned that installing configuration profiles on the device is impossible once lockdown mode is enabled. This means the devices can’t be added to a device management tool once the Lockdown Mode is switched on. In addition, Apple has also mentioned that supervision can’t be switched on once devices are put in lockdown mode.

Don’t worry, you will still be able to manage all the devices already added to the device management solution. But if you want to add a locked device to your device management solution, they have to turn off Lockdown Mode, install the profile, and re-enable Lockdown Mode, if necessary.

The main idea behind Apple preventing profile addition in lockdown mode is to prevent malicious profiles from being installed accidentally on devices. Once malware infiltrates it, it is relatively easy to install profiles on an Apple device.

Locked devices already added to the device management solution can be controlled like any other device added to the same solution. Furthermore, the system administrator can even add and remove configuration profiles through the management solution, which is impossible without using a management solution.

Lockdown Mode is not a configurable option for device management solutions by system administrators, as it’s designed for the very small number of individual users who extreme cyber-attacks might target. However, this means you can’t toggle the Lockdown Mode remotely, like other settings, using the device management solution.

In conclusion,

Apple lockdown is a security feature with a lot of potential in terms of the level of security it can offer. If nurtured properly, the feature can grow into something huge and be helpful even for the general public. At this point, the feature might look like Apple can only fend off some malware or spyware attacks, but it is a sign of better things to come.

Share

Brendon Baxter

Product Evangelist@Hexnode. Read. Write. Sleep. Repeat.

Share your thoughts