Tag: pegasus

iPhone Lockdown Mode: Proof of Concept Website Can Detect if It is Enabled on Your Phone

iPhone Lockdown Mode was announced by Apple as a way to help people who face grave, targeted threats to their digital security. Apple calls this an extreme but optional protection for a small number of users, including journalists, politicians, and for human rights advocates, who are in the crosshairs of state-sponsored spyware, like Pegasus, which was developed by Israel-based NSO group. However, it looks like that a simple, proof of concept website can detect whether you have the mode enabled and may potentially make you a target.

As per a report by Motherboard, a proof of concept website developed by John Ozbay, who is a privacy activist and the CEO of privacy focused company Cryptee, can instantaneously detect whether you are using the Lockdown Mode on your iPhone or not.

Apple developed this feature to add a new layer of protection after at least two Israeli firms exploited flaws in Apple’s software to remotely break into iPhones without the target needing to click or tap anything. Pegasus software by NSO Group can carry out such attacks by injecting malware and accessing private user data. Once Lockdown Mode is enabled, it will not function as it typically does. Apps, websites, and features will be strictly limited for security, and some experiences will be completely unavailable.

“Let’s say you’re in China, and you’re using Lockdown Mode. Now, any website that you visit could effectively detect you are using Lockdown Mode, they have your IP address as well. So, they will actually be able to identify that the user with this IP address is using Lockdown Mode. It’s a tradeoff between security and privacy. [Apple] chose security,” Ozbay was quoted as saying. Ozbay says that among the various features that Lockdown Mode disables, the lack of loading custom fonts is “the easiest thing to detect and exploit.”

“It took us five minutes to put the code together and see if this was working,” he told Motherboard. The privacy activist also says that this issue is technically not a bug but a specific drawback of how Lockdown Mode is designed and there may be no way around it. He says that there is only one way Apple can mitigate this issue and that is by fundamentally changing how the Lockdown Mode works.

Apple claims that Lockdown Mode in iOS 16, iPadOS 16, and macOS Ventura further hardens device defences and strictly limits certain functionalities. iOS 16 is likely to be released next month and iPadOS may debut in October.

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

DC Films Eyes Lego Franchise Producer Dan Lin as New Head, in the Vein of MCU’s Kevin Feige: Report



Check out our Latest News and Follow us at Facebook

Original Source

Apple to Release New Lockdown Mode to Battle Spyware, Provide Extra Layer of Protection

Apple on Wednesday said it plans to release a new feature called Lockdown Mode this fall that aims to add a new layer of protection for human rights advocates, political dissidents and other targets of sophisticated hacking attacks.

The move comes after at least two Israeli firms have exploited flaws in Apple‘s software to remotely break into iPhones without the target needing to click or tap anything. NSO Group, the maker of the Pegasus software that can carry out such attacks, has been sued by Apple and placed on a trade blacklist by US officials.

Lockdown Mode will come to Apple’s iPhones, iPads and Macs this fall and turning it on will block most attachments sent to the iPhone’s Messages app. Security researchers believe NSO Group exploited a flaw in how Apple handled message attachments. The new mode will also block wired connections to iPhones when they are locked. Israeli firm Cellebrite has used such manual connections to access iPhones.

Apple representatives said that they believe sophisticated attacks the new feature is designed to fight — called “zero click” hacking techniques — are still relatively rare and that most users will not need to active the new mode.

Spyware companies have argued they sell high-powered technology to help governments thwart national security threats. But human rights groups and journalists have repeatedly documented the use of spyware to attack civil society, undermine political opposition, and interfere with elections.

To help harden the new feature, Apple said it will pay up to $2 million (nearly Rs. 15 crore) for each flaw that security researchers can find in the new mode, which Apple representatives said was the highest such “bug bounty” offered in the industry.

Apple also said it is making a $10 million (nearly Rs. 80 crore) grant, plus any possible proceeds from its lawsuit against NSO Group, to groups that find, expose and work to prevent targeted hacking. Apple said the grant will go to the Dignity and Justice Fund established by the Ford Foundation, one of the largest private foundations in the United States.

© Thomson Reuters 2022

 

Check out our Latest News and Follow us at Facebook

Original Source

Exit mobile version