Lockdown Mode is a new option in iOS 16 that limits system features for maximum security. Apple designed it to protect its products from sophisticated spyware, like NSO Group’s Pegasus spyware, which has been used to target journalists, politicians, dissidents and activists around the world.
Spyware like Pegasus may seem like an unlikely threat. But for some, Lockdown Mode could be life or death. U.S. citizens need not worry at the moment, but it doesn’t take a wild imagination to picture how such spyware might be embraced by slightly more fascist administrations.
Right now, Lockdown Mode is meant for high-profile activists and journalists. And I mean real journalists — the kind who expose state secrets — not bloggers like me. Read on to find out how to enable Lockdown Mode and how it affects your device’s functionality.
Lockdown Mode: Maximum security for your iPhone
The details of how Pegasus works are truly perplexing. With Lockdown Mode in iOS 16, you can rest assured that your precious pocket computer is much, much harder to exploit remotely.
According to Apple’s press release, Lockdown Mode does the following:
- Shared photo albums won’t appear in your photo library.
- Messages blocks most message attachments other than images.
- Messages doesn’t preview web links.
- JavaScript just-in-time compilation and some other web features are blocked unless the website is marked as trusted.
- You can only receive incoming invitations and service requests, like FaceTime calls, from someone you’ve communicated with before.
- Wired connections to a computer are blocked when your iPhone is locked.
- No new configuration profiles (like Apple’s iOS beta profiles) can be installed.
- The device cannot be enrolled in mobile device management systems, like Kandji or Jamf.
Some of these limitations might sound weird or arbitrary, but many of these features have been exploited in the past as vulnerabilities — especially Messages links.
How to activate Lockdown Mode on iPhone
Screenshot: D. Griffin Jones/Cult of Mac
To use Lockdown Mode, you need to install iOS 16. iOS 16 is compatible with every iPhone released in 2017 and later: the iPhone 8, X, XS, 11, 12, 13, 14 models and iPhone SE (both second and third generation). The feature is also coming to iPad and Mac – iPadOS 16 and macOS Ventura will be released sometime later in October.
Go to Settings > Privacy & Security > Lockdown Mode (at the very bottom). Tap Turn On Lockdown Mode. A pop-up will appear to make sure you know what you’re getting in to.
Screenshot: D. Griffin Jones/Cult of Mac
Scroll down to the bottom of the pop-up, tap Turn On Lockdown Mode again, then tap Turn On & Restart.
Rebooting is very fast — much faster than a normal system reboot. Shortly after unlocking my phone, I got a system alert that said something about security, but it disappeared after a split second. Hope that wasn’t important.
Testing Lockdown Mode in iOS 16
Browsing the web in Lockdown Mode, I wasn’t very much caught off-guard by the lack of JavaScript just-in-time compilation. Instead, what I immediately noticed is that custom fonts aren’t loaded. My website uses Cooper Old Style, but in Lockdown Mode, it replaces it with Times New Roman, which I find viscerally unsettling. The Cult of Mac homepage swaps our iconic font Museo for Helvetica, which looks boring in its place.
The “Lockdown Enabled” text appears above the address bar to remind you that it’s on. Since it’s enabled on every website by default, I think a “Lockdown Disabled” warning would be more helpful.
Screenshot: D. Griffin Jones/Cult of Mac
A friend sent me money on Messages shortly after I enabled Lockdown Mode. I have Wallet set to automatically accept incoming Apple Cash, so I received the money, but the message didn’t load. When I tap on the attachment, I get an alert saying, “Cannot open message in Lockdown Mode.”
A similar result happens if someone tries to send you a PDF or a Microsoft Office document in Messages. You can still receive these on other devices signed into Messages, but not your locked-down iPhone.
Screenshot: D. Griffin Jones/Cult of Mac
The Photos app was a little buggy the first time I opened it after turning on Lockdown Mode. I tapped around, saw my shared albums were gone, tapped the For You tab, and the app immediately became unresponsive. Force-quitting and reopening it did the trick, and it never happened again. Weird, but then this was a beta I was testing.
Other devices signed into my Photos library, like my Mac, can still manage my shared albums; they aren’t deleted or unshared. This only affects the iPhone with Lockdown Mode enabled.
Screenshot: D. Griffin Jones/Cult of Mac
Complex web apps and games like Sand Boxels and Poolsuite work just fine. They might be running a little slower, but I couldn’t tell.
Apple’s chips have a few of the most common JavaScript operations baked into the processor itself. That means that iPhones with the A12 chip from 2018 or newer can perform floating-point-to-signed-fixed-point conversions extremely fast, with or without just-in-time compilation.
Turning off Lockdown Mode
Screenshot: D. Griffin Jones/Cult of Mac
To disable Lockdown Mode, just go to Settings > Security & Privacy > Lockdown Mode, tap Turn Off Lockdown Mode and tap Turn Off & Restart.
Everything will go back to normal when you turn off Lockdown Mode. You can go back to your wild, maverick, carefree life full of shared photo albums and custom web fonts.
How to check for Pegasus spyware on your iPhone
Pegasus uses a “zero-click” attack, which means those who get infected most likely never know about it. But there are tools you can use to find out if your iPhone is infected or not.
An open-source tool called MVT (Mobile Verification Toolkit) that detects traces of Pegasus has been released by Amnesty International, but it is designed for technologists and researchers. It’s not really for typical iPhone users.
However, iMazing released a really simple Pegasus-detection tool that’s free to use. If you are worried your iPhone may have been infected with Pegasus spyware, iMazing’s free Pegasus detector will tell you if your handset is safe or not.
First you need to download iMazing, which can be done anonymously without signing up for an account, and install it on a Mac or PC. Then, connect your iPhone to your computer and follow the steps outlined in this Pegasus detection how-to. It’s very simple and quick.
Note: iMazing cannot prevent or uninstall a Pegasus infection — it can only tell you if your iPhone has been infected.
This article was first published on July 27, 2022. It was republished after the release of iOS 16.
