July 6, 2022
Update
Apple is expanding its industry leader’s commitment to protect users from highly targeted spyware
Apple is anticipating a remarkable security capability that will provide special protection to high-risk users of high-end cyber-attacks by government-sponsored spyware companies. Apple is providing details of $ 10 million to strengthen research that exposes such concerns.
Apple today lists two initiatives that can help protect users who may be targeted by some of the most sophisticated digital threats. Locking Mode – The first major feature of this type that comes with iOS 16, iPadOS 16 and macOS Ventura this fall – is for the very youngest users of digital security threats and grave protection. Apple announced last November that it would support $ 10 million in support of civil society organizations, which employ spyware and spyware services.
“Apple builds the most secure mobile devices on the market. We work tirelessly to protect a small number of users. This includes continuing to design defenses for these users in particular, as well as supporting researchers and organizations around the world who are playing a vital role in exposing the companies that cause these digital attacks.
Lock mode provides an extremely safe level of security for very few users who are affected by some very complex digital threats, such as NSO Group and other private companies. Developing a government-sponsored spyware. Turning on lock mode in iOS 16, iPadOS 16 and macOS Ventura further strengthens device defenses and severely restricts certain functions, greatly reducing the attack page that can be exploited by highly targeted spyware.
When starting, lock mode includes the following protections:
- Messages to be deleted – most of the message attachments are excluded from images. Some features, such as link previews, have been disabled.
- Web Browser Some complex web technologies, such as JIT compilation (JIT), have been disabled unless the user has trusted a trusted site in lock mode.
- Incoming and outgoing requests and service requests, including FaceTime calls, have been blocked if Apple’s services user has not previously sent a call or request to the launcher.
- When the iPhone is locked, wired connections to a computer or accessory are disconnected.
- Configuration profiles cannot be loaded, and the device cannot register to mobile device management (MDM), when lock mode is on.
Apple will continue to strengthen its lock mode and add new defenses over time. To invite feedback and collaboration from the security research community, Apple has set up a new category to reward and improve researchers who have found lock-in modes in the Apple Security Bounty program. Bonuses are doubled for achievements in Lockdown Mode, up to a maximum of $ 2,000,000 – the highest gift offer in the industry.
In addition to the damage caused by the lawsuit against NSO Group, Apple is providing $ 10 million in support of high-end private spyware, including government-sponsored spyware companies that investigate, expose and protect high-profile cyber-attacks. The grant is funded by the Ford Foundation’s Honor and Justice Fund – a private foundation for the promotion of justice around the world – and a fundraiser for the promotion of social justice globally. The Honor and Justice Fund is a budget-funded New Venture Fund 501 (c) (3) public charity.
“Global spyware targets human rights activists, journalists and dissidents. Lori Magglinche, director of the Ford Foundation’s Technology and Community Program, facilitates violence, strengthens dictatorships, and supports political oppression. “The Ford Foundation is proud to support this extraordinary initiative to address civil society research and hiring spyware. We must increase Apple’s commitment and invite companies and donors to join the Honor and Justice Fund and provide additional resources for this collective struggle.”
The Honor and Justice Fund expects to make initial subsidies by the end of 2022 or early 2023, which will initially provide funding to expose employee spyware and protect potential targets that include:
- Increase organizational capacity and increase field coordination of new and existing civil society cyber security research and advocacy groups.
- Support the development of standard forensic methods for identifying and verifying spyware infiltrators that meet evidence requirements.
- Enabling civil society to partner more effectively with device manufacturers, software developers, business security organizations, and other relevant companies to identify and address vulnerabilities.
- Raise awareness among investors, journalists and policymakers about the global hired spyware industry.
- Increase the capacity of human rights activists to identify and respond to spyware attacks, including security audits for organizations that pose a significant threat to their networks.
The Honor and Justice Fund’s support mechanism is recommended by an independent, international technical advisory committee to investigate, monitor and account for the improved cyber weapons trade. The first members include:
- Ron Debert, Professor of Political Science and Director of Citizen Lab at Munk Global Affairs and Public Policy, University of Toronto
- Ivan Krstić, Head of Apple Security Engineering and Architecture
Ron Debert, director of the Citizen Sweat Research Group, said: “There is undeniable evidence from Citizen Sweat and other organizations’ research that the recruitment industry is facilitating the spread of dictatorial practices and gross human rights abuses around the world.” University of Toronto. “I would like to thank Apple for its invaluable assistance in developing and delivering strong and independent research and advocacy organizations to help spyware providers take responsibility for the harm they do to innocent people.”
Load contacts
Scott Radcliffe
Apple
sradcliffe@apple.com
Apple Media Helpline
media.help@apple.com
(408) 974-2042