Apple’s new blocking mode disables features to reduce the attack surface. One developer warns that this comes at the expense of data protection.
Users of Apple’s upcoming “blocking mode” stand out clearly on the web. Due to the lack of common browser functions, website operators or other providers of web content can immediately see whether the protective function is activated on iPhones, iPads and Macs, as a developer demonstrates with a proof of concept: A website set up for this purpose shows directly whether the visitor has activated the “Lockdown Mode”.
Blocking mode turns off iPhone functions
Blocking mode disables a number of specific features in iOS and macOS to reduce the attack surface. The new mode is designed specifically for users who may be victims of targeted attacks – part of Apple’s response to highly specialized spyware like Pegasus. In the past, the surveillance software was quietly smuggled into the target person’s iPhone via iMessage, sometimes without requiring any interaction from the victim.
Accordingly, the blocking mode tries to close classic gateways in the Apple operating systems, for example by disabling certain iMessage attachments or switching off browser functions such as displaying PDF files and loading web fonts. However, this deactivation immediately highlights the WebKit browser engine.
no bug
Ultimately, this is not a bug and it remains unclear whether Apple wants and can change anything about it. iOS 16 should appear in the final version in mid-September. It’s a compromise between security and privacy, and Apple has chosen security here, the developer told Motherboard magazine. Users of the blocking mode should be aware of this and use additional measures to obfuscate the IP address, such as Apple’s private relay or a VPN connection. Apple has already announced that it will continue to expand the lockdown mode in the future.
(lbe)