Apple's secure Lockdown Mode may reduce web browsing anonymity

Lockdown Mode

Lockdown Mode is an extreme security setting meant for high-risk groups — like journalists and political figures — who may find themselves targeted by nation-states or other malicious actors. It works by disabling a number of system functions, like blocking message attachments and web technologies.

However, Lockdown Mode's feature restriction could make it easy for websites to figure out if someone is using the high-security setting, John Ozbay, CEO of privacy firm Cryptee, told Motherboard.

That's because websites can detect if some regular features — such as custom fonts — are missing on a device. This is called fingerprinting, and it relies on collecting information about a user's browser, device, and other metrics

When you take into account that websites can tie your iPhone's Lockdown Status to your IP address, it becomes clear that the high-risk security mode could be a privacy risk itself.

In other words, it's trading anonymity online with higher security. As Ozbay explained to AppleInsider, "Lockdown Mode makes you safer, but also makes you easier to identify in a crowd."

To prove his point, Ozbay and the Cryptee team put together a proof of concept that can detect whether a user is in Lockdown Mode. According to Ozbay, the code took about "five minutes" to write.

The fact that websites can detect when a device is in Lockdown Mode is not a bug but a result of how the system is designed to make iPhones more secure. There's no way to mitigate the privacy drawbacks.

"Apple is doing a good job, but I wanted to raise awareness of a tradeoff that happens with Lockdown Mode," Ozbay told AppleInsider. "Think about it this way, if you were to set up tall barbed wire around your house, add cameras, hire guards, dogs, etc., it would keep you 'safe' but attract attention, and you could be identified."

Similar privacy - or security-focused platforms, like as the Tor browser, have similar issues. For example, while Tor goes to great lengths to reduce website fingerprinting, users of the anonymous browser typically end up standing out because their browsers are the only ones with a set of specific settings.

Ozbay reportedly reached out to Apple and spoke with an engineer. That Apple staffer explained that the feature intentionally disables web fonts to reduce the online attack surface. Because of the threat model that Lockdown Mode addresses, they said that it wouldn't make sense to make an exception for custom fonts.

Ryan Stortz, an independent security researcher, says that if enough people turn on Lockdown Mode, they'll blend in and it will be harder for websites to detect an interesting target.