Apple's "lockdown mode" highlights security tradeoffs

In announcing a new "lockdown mode" for iPhones, iPads and Macs, Apple has proved that it's possible to protect devices against even the most sophisticated attacks — but at a high cost in ease of use.

Why it matters: Product design is all about tradeoffs, and tech companies are always trying to navigate them amid a cacophony of voices demanding they prioritize privacy, or security, or simplicity, or other concerns.

Driving the news: Apple is adding a special "lockdown" mode across its product line designed for people such as dissidents, journalists or human rights workers who could become the targets of high-end spyware, such as NSO Group's Pegasus.

• The new option, coming to Macs, iPads and iPhones with this year's fall software update, could make it much harder for attackers to access such phones, but also significantly complicates everyday tasks from messaging to web browsing to video chat.

The big picture: The debut of lockdown mode comes amid a larger conversation about the need for better protection of user data, not just from malicious attacks, but also from overzealous governments or data-gobbling companies.

• Apple has made privacy a key focus of its marketing efforts and focused on minimizing the amount of data it can access. It has done so by storing data on device and encrypting sensitive information, such as health data.
• Even Google, which relies extensively on user data to serve up ads, has added more user controls and, in recent days, announced plans to proactively delete certain location data.

How it works: Apple's feature can be turned on with a single change to user settings, but there's a big impact on how the phone works.

• Most message attachment types other than images are blocked. Some features, like link previews, are disabled.
• Some more advanced web technologies that enable sites to provide more services are disabled unless and until the owner marks the site as trusted.
• Requests for FaceTime calls or other invitations are blocked unless the phone owner has previously interacted with the person.
• Wired connections to other computers or accessories are blocked when an iPhone is locked.

Of note: The lockdown mode also won't work in conjunction with the kinds of device management software often used by larger organizations.

Yes, but: This isn't intended for average users who just prefer to be on the safe side.

• Apple says "Lockdown Mode" is an "extreme, optional" protection to be used only by those with reason to suspect they might be personally targeted for a highly sophisticated attack. "Most people are never targeted by attacks of this nature," reads a warning shown before a user turns on the feature.

What they're saying:

• Apple head of security engineering Ivan Krstić: "While the vast majority of users will never be the victims of highly targeted cyberattacks, we will work tirelessly to protect the small number of users who are."
• Citizen Lab's John Scott-Railton: "Lockdown Mode is radical reduction of the threat surface of an iPhone. Cannot overstate how big a change this is for Apple."

Our thought bubble: Apple deserves the plaudits for its effort to help users who fear high-end attacks. But it's also very much in the company's interest to protect its devices and be known as the "safer" choice in the smartphone market.

What's next: In a post-Roe world where every piece of personal data devices record could become a prosecutor's target, users will clamor for increasingly sweeping, effective and convenient tools to protect their data — and companies will continue to struggle with the tradeoffs.