A tweet made by the American Mobile, IOT, and Crypto researcher Jonathan Scott has been surfacing the internet where he says that Apple’s iOS 16.0 LockDown Mode is not so “groundbreaking” as the company claims it to be.
Apple has filed a lawsuit against NSO Group which is a technology firm primarily known for developing spyware Pegasus, for targeting and performing surveillance on Apple users. The Citizen Lab which is the University of Toronto affiliated interdisciplinary laboratory provided Apple the information on data exploitation by NSO Group.
The complaint filed by Apple in 2021 says, “On information and belief, from at least February until September 2021, Defendants (NSO Group) deployed their Pegasus spyware through an exploit that Citizen Lab named FORCEDENTRY. FORCEDENTRY was first detected in March 2021, and subsequent forensic analysis by researchers at Citizen Lab and Amnesty International made a high-confidence attribution of the exploit to Defendants (NSO Group).”
According to Mr. Scott’s report, Apple’s new security feature iOS 16 beta 3 is only available for developers so that they can preview and test it and another feature LockDown Mode has not been made available to users by the company yet.
Although Apple says regarding Lockdown mode, “A groundbreaking capability that reflects our unwavering commitment to protecting users from even the rarest, most sophisticated attack.”
The Citizen Lab’s malware researcher John Scott-Railton further supports LockDown mode saying, “Apple’s LockDown Mode is the radical reduction of the threat surface of an iPhone.”
The security researcher Jonathan Scott says that he needed to perform his own analysis after listening to what Apple and The Citizen Lab needed to say regarding the safety feature.
According to Mr. Scott when the LockDown Mode is turned on using the device connected to a Macbook Pro after following the detailed steps to turn on LockDown Mode the user will be advised to restart the device so the Mode can be activated. The device will show an I/O live output as it restarts and a data connection will be visible. One can run the following commands that are visible to exfiltrate data. This is the moment Mr. Scott emphasized when user data can be exfiltrated and programmatically sent into recovery mode. This moment provides spyware to bypass the lock and inject applications.
The security researcher further claimed that Apple’s LockDown Mode is not so “extraordinary feature” that the Citizen Lab claims it to be. The Lab’s endorsement of this feature should be investigated. Since the Citizen Lab is the top most security institution providing expert analysis and is also trusted by many companies.
I just published Defeating iOS 16.0 LockDown Mode & Bypassing Security Restrictions
The claims made by @Apple & endorsed by @citizenlab of LockDown Mode being "A groundbreaking capability" fail.
It is evident this was just another NSO Group attack.https://t.co/v7Hkt38B6X
— Jonathan Scott (@jonathandata1) July 8, 2022
