EFF’s “Cover Your Tracks” Will Detect Your Use of iOS 16’s Lockdown Mode


powered by Surfing Waves
EFF’s “Cover Your Tracks” Will Detect Your Use of iOS 16’s Lockdown Mode

Apple’s new iOS 16 offers a powerful tool for its most vulnerable users. Lockdown Mode reduces the avenues attackers have to hack into users’ phones by disabling certain often-exploited features. While providing a solid defense against intrusion, it is also trivial to detect that this new feature is enabled on a device. Our web fingerprinting tool Cover Your Tracks has incorporated detection of Lockdown Mode and alerts the user that we’ve determined they have this mode enabled.

Screenshot showing text with iOS detection on the Cover Your Tracks page

Over the last few years, journalists, human rights defenders, and activists have increasingly become targets of sophisticated hacking campaigns. With a small cost to usability, at-risk populations can protect themselves from commonly used entry points into their devices. One such entry point is downloading remote fonts when visiting a webpage. iOS 16 in Lockdown Mode disallows remote fonts from being loaded from the web, which would otherwise have the potential to allow access to a device by exploiting the complex ways fonts are rendered. However, it is also easy to use a small piece of JavaScript code on the page to determine whether the font was blocked from being loaded.

While a large win for endpoint security, this is also a small loss for privacy. Lockdown Mode is unlikely to be used by many people, compared to the millions who use iOS devices, and as such it makes those that do enable it stand out amongst the crowd as a person who needs extra protection. Web fingerprinting is a powerful technique to determine a user's browsing habits, circumventing normal mechanisms users have to avoid tracking, such as clearing cookies.

Make no mistake: Apple’s introduction of this powerful new protection is a welcome development for those that need it the most. But users should also be aware of the information they are exposing to the web while using this feature.



* This article was originally published here

PUBLISH WITH US!

The Washington Gazette works at our discretion with businesses, non-profits, and other organizations. We do not work with socialists, crony capitalists, or disinformation groups. Click the green button below to view our services!



HTML Button Generator

powered by Surfing Waves

HELP STOP THE SPREAD OF FAKE NEWS!

SHARE our articles and like our Facebook page and follow us on Twitter!




Post a Comment

0 Comments