Apple

Apple's "authoritarian" Lockdown Mode is "harmful", academics claim

Study criticises security feature that "protects devices against extremely rare and highly sophisticated cyber attacks".

Jasper Hamill

02 Dec 2024 — 3 min read

An Apple security mode designed to protect at-risk people from cyber-attacks has been criticised as "paternalistic" in an in-depth study from a team of German academics.

Lockdown Mode was introduced in iOS16 back in 2022. Apple described it as an "optional, extreme protection that’s designed for the very few individuals who, because of who they are or what they do, may be personally targeted by some of the most sophisticated digital threats".

To "protect devices against extremely rare and highly sophisticated cyber attacks" and "reduce the attack surface that could potentially be exploited by highly targeted mercenary spyware", the functionality of key apps, websites and certain is strictly limited.

Most text message attachments are blocked, for instance. Location details are removed from pictures whenever they're shared, FaceTime calls are forbidden unless you've previously called the person and devices will not automatically join non-secure Wi-Fi networks. Notifications are sent to users whenever they do something risky, reminding them to make more secure choices.

An explanation of Lockdown Mode (Image: Arxiv)

Is Lockdown Mode secure?

A five-person team from Friedrich-Alexander-Universität in Germany conducted an autoethnographic study of Lockdown Mode - a type of research involving the analysis of academics' personal feelings. Their paper is called "I Blame Apple in Part for My False Expectations".

It's basically a long review to "document the hands-on experiences of using Lockdown Mode" based around journalling and testing, but with some surprising claims about the feature's efficacy.

"The lack of information from Apple about the underlying threat model and details on affected features may hinder adequate assessment of Lockdown Mode, making informed decisions on its use challenging," the researchers claimed. "Besides encountering undocumented restrictions, we also experienced both too much and too little visibility of protection during Lockdown Mode use.

"Finally, we deem the paternalistic security approach by Apple’s Lockdown Mode harmful, because without detailed knowledge about technical capabilities and boundaries, at-risk users may be lulled into a false sense of security."

A timeline of the researcher's journalling during lockdown mode testing

Testing Apple's security feature

The first author of the paper is a 23-year-old man who's tech-savvy and conscious of both privacy and security.

He has a "strong opposition to surveillance, both at an individual and societal level, combined with a healthy scepticism towards state agencies and corporations".

The researchers' criticism of Lockdown Mode focuses on its "authoritarian" approach to security, which they claimed was "harmful to users". This security stance appears to work on a "need to know" basis in which users are not given complete information about the measures used to protect them in order to stave off further attacks

"We think that a lack of precise information from Apple about the intended user group, the threat model and affected features makes it difficult for users to
properly assess and understand Lockdown Mode, and to make an informed decision about using or not using it," the academics wrote.

The team also criticised "notification overload" and claimed to have experienced "undocumented blocking of some important functions, such as incoming attempts
of destination sharing and contact sharing."

The researcher who tested Apple's security mode also reported that they were expecting a tighter level of security.

"The first author actually expected more restrictions due to Lockdown Mode than they experienced," the team wrote. "While this can be seen as an unexpected but welcome phenomenon, at times it made them feel uneasy about the invisibility of protection."