Lockdown Mode in iOS - A fantastic Internet crap reduction tool

Updated: December 14, 2023

For a while now, I've been hearing about this tool. Mostly in regard to high-profile zero-day, zero-click, hands-free, security vulnerabilities in iPhones and subsequent hacking of said devices by nation-state actors. Sounds blockbustery, which piqued my interest. I am usually rather disdainful of mainstream media reporting of tech affairs, but that does not mean there isn't something genuinely cool behind flashy, scary headlines. And so I decided to test the Lockdown Mode.

To be able to that, I needed an iPhone. Bingo! I had a pretty sweet chance to do a somewhat long-ish test of an iPhone 13 Mini, which I reviewed not that far back here on Dedoimedo. The little iPhone turned out to be a fairly good and capable phone, and it exceeded my expectations quite some. More importantly, it runs iOS 16/17, and I was able to give the Lockdown Mode a proper whirl. So let us begin, then.

Teaser

What does it do?

Well, as you can imagine, based on the name and the headlines, the Lockdown Mode is an optional security feature, which Apple calls "extreme", designed to protect high-profile targets from hacking. To achieve that, the operating system reduces the attack surface quite some. To achieve that, the system disables a lot of the standard functionality you normally get with your iPhone.

Lockdown mode explanation Lockdown activated

Some experiences will be completely unavailable - my Internet dream since 2013 or so.

Specifically, most attachments are blocked in Messages, websites that use JavaScript engines that run Just-in-Time (JIT) compilers or use remote fonts will not render their pages correctly, various app invitations and calls are blocked from people you haven't approved beforehand, location information for shared photos is excluded, Wi-Fi connectivity to insecure networks is limited, and so on.

When I read this list, only one thing popped into my mind ...

Why is this not a default on any phone, anywhere, all the time?

If you think about it some more, the Lockdown Mode should be the default mode for ... mobile devices. And not because of the security implications. Those are an added bonus. Because of the stupidity implications.

Pretty much everything in the list above makes absolute sense. None of the "restricted" features are actually important or desired. Think about it. Calls from people you don't know? Check! Photo location blocking? Check! Web pages with pointless remote fonts? Double check! Sounds like an Internet reset, going back to 2010, when the computing world was nicer, saner, cleaner!

Let's face it, by and large, applications developed for mobile devices are chatty, intrusive, hyperactive, in-yer-face interfaces, primarily designed to cater to the lowest common denominator of intelligence, impulsiveness, lack of self-control, and instant gratification. To that end, they serve the common chimp really well, but they make the lives of serious people more difficult. Everything else is an almost random by-product of the greed formula.

This is why, through sheer necessity, whenever I buy a new phone, I spend 2-4 hours sanitizing the devices. I go about disabling anything and everything I can think of, because a) privacy b) network bandwidth c) peace and quiet d) battery life and performance e) finally, if there's a security benefit, that too. Yes, for me the security considerations are only fifth in the priority order. Important, yes, but not as important as combating stupidity! Also, as it happens, I believe that smartphones usually have decent default security, but the general usage model is simply annoying.

An essential part of my phone setup (Android) is to install Firefox and then install the lovely UBlock Origin (UBO) extension, which blocks ads and tracking and makes the modern Internet usage palatable. Without these, there's almost no point using the Internet. I absolutely detest the ad-ad-ad-ad-ad TV model being replicated onto the Internet, a part of the bigger process you may have heard coined as "enshittification" but which I've always called "low-IQ nonsense" since forever.

UBlock Origin (UBO) and its compadre Noscript can do wonders in transforming the Internet into a nice and quiet landscape. And you can do many of the lovely things that the iPhone Lockdown mode does, like say blocking remote fonts! Golly. I've written about this ages ago. There's no reason why you should load remote fonts in a site. That's bad design through and through. Want pretty fonts? Buy them. Security, once again, is a secondary if important consideration here. You win on the security front but not because of the security! It's the prevention of sloppy non-professionalism and idiocy that's the key factor, remote fonts and everything else included.

Even on the iPhone, you can install Adblock Plus (ABP) for Safari in order to make it friendlier and more useful. Or you can try Firefox Focus, although that one blocks only some ads, and you won't get the full quiet experience you seek. But the solutions do exist.

And there's more. Like not receiving content from strangers! No, really. What a surprise! But then, the phone ecosystems have been designed to expose the low-IQ user to as many stimuli as possible so they can get involved and engaged and spend their money and whatnot. There's nothing technically difficult about making your communications a whitelist - you only talk to people you know and you want to talk to. Sort of like a limited PUSH mechanism. But then how do you discover friends? You don't. Simple.

In the end, what the Lockdown Mode does is make iPhones less accessible and prevent random stuff from loading and running. The intent is security. But the real blessing is the reduction of noise and stupidity across the board. And let's face is:

This is similar to what I wrote in my Return to Monke article. You may be hacked once or twice in your entire lifetime, but you will have your data lost, stolen, sold, leaked, or whatnot ALL THE TIME by incompetent online commerce companies or companies that carelessly store stuff in the cloud or companies that don't care about security and so on and so on.

The Lockdown Mode is designed as a security tool, but for me, it's the stupidity reduction tool. And with that in mind, let's have a look at this thing.

An overview of the Lockdown Mode

You get a whole bunch of explanations and warnings. Confirm. Reboot. The iPhone will load without any visible signs that it's actually running in a "restricted" mode. Now. Launch Safari, and you will see a notification displayed below the address bar. This is the first indication that the phone is using the Lockdown Mode. But that does not mean you will be affected. Far from it. I spent quite some time browsing, and I didn't notice any website not working correctly. Then again, the sites I go to are normal, sane sites, with no sensory overload.

Whenever you launch a new app AFTER you've activated the Lockdown Mode, the system will show a popup telling you that the program may be restricted. Again, this is more alarming than the reality. I tried a bunch of apps, and none of them were in any way affected. Only a couple of Apple's own apps were. The rest did their stuff without any problems.

But even if your websites or apps are restricted, you still have a great deal of flexibility. Notably, go back into Settings > Privacy and Security, and click on Lockdown Mode once again. In the sub-menu, you will be able to review what pages and apps have been affected by the operating system. And now, you have the option to exclude them from Lockdown! You can allow certain websites to run outside of this security sandbox. And the same applies to your apps. Click the toggle, on/off, Bob's your uncle! This is no different than using an adblocker, and then selectively turning it off for the pages where you feel all of the content can or ought to be shown.

App notification Apps list

Funnily enough, in a whole week of testing, I've not been able to trigger one "bad" website that wouldn't show or render correctly, so my website exclusion list stayed totally empty. I did decide to add an exclusion or two in Safari, just to see how it works. Here, next to the address bar, you need to click the aA button > Website Settings.

Open website settings

Site settings Turn on/off for website

Lockdown off in Safari List of excluded sites

I found the Lockdown Mode to be quite easy to work with. I was afraid the system would be horribly crippled, but no. Far from it. Everything was peachy. It also shows that you can design security that does not impact usability, as these are often the opposing forces. Looking good, one must say.

Conclusion

The Lockdown Mode seems to be a rather cushty, elegant solution to Internet stupidity. But that's the beauty with a lot of great inventions. WD-40, dynamite, various medicines, a lot of these cool things started with one premise and ended being totally amazing for radically different and unintended purposes. The same is true for Apple's Lockdown Mode. It's there to protect high-profile people against high-profile targets, but what it does best is sanitize the mobile phone usage for everyone, low and high!

I'm not saying you should buy an iPhone because of this feature. Nope. Apple products ain't for everyone, peasants like me included. But if you are already using an iPhone and you don't like the modern Internet landscape, then you should try the Lockdown Mode as a cure. On top of that, you ALSO benefit from increased security. How about that. Well, of all the things I didn't expect to discover today, the Lockdown Mode was the one I didn't expect the most. Verinajs, I like. And with those happy words, I bid you farewell. P.S. If you're an Android user, try Firefox + UBO for cleaner, quieter surfing, and you will have your own personal little Lockdown Mode. Kind of. That would be all. Bye bye.

Cheers.