Lockdown Mode
Apple (MacRumors, Hacker News):
Apple today detailed two initiatives to help protect users who may be personally targeted by some of the most sophisticated digital threats, such as those from private companies developing state-sponsored mercenary spyware. Lockdown Mode — the first major capability of its kind, coming this fall with iOS 16, iPadOS 16, and macOS Ventura — is an extreme, optional protection for the very small number of users who face grave, targeted threats to their digital security.
[…]
Messages: Most message attachment types other than images are blocked. Some features, like link previews, are disabled.
Web browsing: Certain complex web technologies, like just-in-time (JIT) JavaScript compilation, are disabled unless the user excludes a trusted site from Lockdown Mode.
Apple services: Incoming invitations and service requests, including FaceTime calls, are blocked if the user has not previously sent the initiator a call or request.
And no configuration profiles. This sounds great, though I would rather see something like Little Snitch for iOS to help protect against rogue apps.
See also: Lorenzo Franceschi-Bicchierai, Ron Deibert.
Previously:
- iOS 15.2 and iPadOS 15.2
- Apple Sues NSO Group
- Record App Activity
- Zero-click iMessage Attacks
- Scanning Your iPhone for Pegasus
- Through the Blast Door
- Data Privacy Day at Apple
Agreed, this is more implicit trust in Apple; what's wanted is user audits and controls over traffic. Also, it's a shame you can't enable features independently: I can see a use for disabling link previews and attachment types, but not restricting communication from outsiders. Let's hope this all amounts to someding useful.