top | item 46838923

(no title)

jkubicek | 1 month ago

Lockdown mode works by reducing the surface area of possible exploits. I don't think there's any failures here. Apple puts a lot of effort into resolving web-based exploits, but they can also prevent entire classes of exploits by just blocking you from opening any URL in iMessage. It's safer, but most users wouldn't accept that trade-off.

discuss

varispeed|1 month ago

Claiming reduced attack surface without showing which exploit classes are actually eliminated is faith, not security.

And Lockdown Mode is usually enabled _after_ user suspects targeting.

goalieca|1 month ago

If you did RTFA for this story, you’ll see on page 67 what I pasted with a link to the support article describing to end users exactly what’s blocked. It does greatly reduce the attack surface.