Oh geez. Legal did not give them the go ahead to make the unqualified statement: “We are not aware of any successful spyware attacks” they had to explicitly qualify it with “mercenary”.
There are more weasel words "we are not aware" - means they actually don't know if such attack was successful, "successful" - what is the definition of success? Maybe attackers got access, but didn't find anything interesting?
I think you are, the words make perfect sense. They know of a lot of attack attempts, and so far they have no reason to believe any were successful. Success can mean a lot of different things, why list it all out (were able to extract data, install malicious software, encrypt files with ransomware, delete any data, etc).
We knew 30 years ago that message attachments (mostly email at that time) were a huge security problem. All those binary file types to parse... what could go wrong ;)
It's good to see Apple's Lockdown mode having such success by simply disabling message attachments.
I know you're not being serious, but for anyone who may not realize that, it does more than disabling attachments. Lockdown Mode's "optional, extreme" protection substantially changes the experience of using your device. https://support.apple.com/en-us/105120
> On March 23, 2026, the Hong Kong government changed the implementing rules relating to the National Security Law. It is now a criminal offense to refuse to give the Hong Kong police the passwords or decryption assistance to access all personal electronic devices including cellphones and laptops. This legal change applies to everyone, including U.S. citizens, in Hong Kong, arriving or just transiting Hong Kong International Airport. In addition, the Hong Kong government also has more authority to take and keep any personal devices, as evidence, that they claim are linked to national security offenses.
This doesn't answer your question, but I use lockdown mode and know many others who do the same. I use it on my personal phone and laptop, but I have another phone and laptop for development work.
I did this because I think many more people have the ability to find and exploit security gaps as models get better, to the point that attacks might done "for fun" by individuals rather than from someone using NSO's products for gain. Lockdown mode lessens that surface. So far, the impact has been negligible, though some apps and websites just don't work.
Every day users? Probably not many. It forcibly disables lots of nice-to-have features.
But users who need a highly secure phone? It’s entirely possible to use the phone without media embeds in iMessage, or shared photo albums, or websites loading in 900 fonts. It’s a trade off likely worth making in some situations.
You can make a shared photo album with family members. It’s everyone else that is problematic with the feature enabled. In my case I only want to share with my wife and son so it wasn’t a detractor for me.
I’ve used it on my personal iPhone since the feature was released. The impact to my life has been minor. I can’t share some thing with my wife in the health app and my son can’t SharePlay with me in the car while I use CarPlay.
> “We are not aware of any successful mercenary spyware attacks against a Lockdown Mode-enabled Apple device,” Apple spokesperson Sarah O’Rourke told TechCrunch on Friday.
Completely off topic. I went solo hiking in Azerbaijan in August of 2022, heading towards some hilltop castle thing I saw on Google Maps. Along the way I met some locals who invited me to join them. We got to the castle around midday and I was preparing to walk back to my car alone, and they all strongly advised against it. They said it was dangerous and invited me to go camping with them, which was pretty fun as they gave me my own tent, food, etc. While at the campground, one guy pulled out his phone to show me pictures of the local wildlife, including a big ol' brown bear. I was too stupid to think about what might eat me out in the woods alone, as I lacked the instinct to check for man-eating predators having grown up in an area where I didn't need to worry about such things.
Anyway, now I think about bears before solo hiking.
This is a case where bear attacks have happened, and this specific audience includes some rather delicious salmon. If salmon stop getting eaten by bears after the bear patrol is started, it's more reasonable to make that connection.
"with spyware" - a small addition. What about state actors, what about (semi)private israeli companies selling their solutions happily to all regimes regardless of consequences, what about any other kinds of hacks? As an european, by far the biggest threat to me are US state actors.
It would be such a good PR if they could just claim nobody has been hacked, period but I don't see that anywhere.
No amount of hardware/software hardening will save you if you delete "with spyware" and replace it with "with social engineering". If there have been cases of people being hacked through social engineering, it would be dishonest to make a blanket statement "nobody's been hacked", but it doesn't detract from the effectiveness of the technical measures.
You won't see that anywhere without their usual procedure of redefining the problem definition.
Sorry but you still need to be wary of state actors and the handing over of data to authorities, which is a far simpler approach than breaking security boundaries. The hacking statement is pure marketing.
This is overly reductive, black-and-white thinking.
Yes, it is impossible to be 100% ironclad secure from all possible methods of either digitally surveilling you or exfiltrating your data.
This does not mean that measures like those in the iPhone's Lockdown Mode are not genuinely helpful to a subset of the population that is at high risk for certain types of attacks.
A state actor will do those things if they're willing to be overt about their actions. Many aren't, both for the sake of preserving their image, and due to tactical concerns (e.g. you don't want to kill the golden goose).
Trash headline from TechCrunch; the exact statement from Apple was:
> We are not aware of any successful mercenary spyware attacks against a Lockdown Mode-enabled Apple device.
Good call-out, and it's also nice to see that Apple tried to speak accurately here.
Oh geez. Legal did not give them the go ahead to make the unqualified statement: “We are not aware of any successful spyware attacks” they had to explicitly qualify it with “mercenary”.
There are more weasel words "we are not aware" - means they actually don't know if such attack was successful, "successful" - what is the definition of success? Maybe attackers got access, but didn't find anything interesting?
Apple is digging itself into a hole.
I think you are, the words make perfect sense. They know of a lot of attack attempts, and so far they have no reason to believe any were successful. Success can mean a lot of different things, why list it all out (were able to extract data, install malicious software, encrypt files with ransomware, delete any data, etc).
Isn't that assumed? Obviously Apple can't check every iPhone owner to see if they have been hacked now or in the past
No... they can't... obviously...
TechCrunch misrepresented Apple's statement.
Yep. It's business as usual for that rag.
We knew 30 years ago that message attachments (mostly email at that time) were a huge security problem. All those binary file types to parse... what could go wrong ;)
It's good to see Apple's Lockdown mode having such success by simply disabling message attachments.
I know you're not being serious, but for anyone who may not realize that, it does more than disabling attachments. Lockdown Mode's "optional, extreme" protection substantially changes the experience of using your device. https://support.apple.com/en-us/105120
Related somewhat:
> On March 23, 2026, the Hong Kong government changed the implementing rules relating to the National Security Law. It is now a criminal offense to refuse to give the Hong Kong police the passwords or decryption assistance to access all personal electronic devices including cellphones and laptops. This legal change applies to everyone, including U.S. citizens, in Hong Kong, arriving or just transiting Hong Kong International Airport. In addition, the Hong Kong government also has more authority to take and keep any personal devices, as evidence, that they claim are linked to national security offenses.
https://hk.usconsulate.gov/security-alert-2026032601/
Are we aware of any attacks (or claims of attacks) against any previous version of the iPhone's Lockdown mode?
how many users are using lockdown mode
This doesn't answer your question, but I use lockdown mode and know many others who do the same. I use it on my personal phone and laptop, but I have another phone and laptop for development work.
I did this because I think many more people have the ability to find and exploit security gaps as models get better, to the point that attacks might done "for fun" by individuals rather than from someone using NSO's products for gain. Lockdown mode lessens that surface. So far, the impact has been negligible, though some apps and websites just don't work.
I’ve been using it for more than a year.
Parts of it are pretty inconvenient, like with iMessage and FaceTime not working normally, but aside from that it’s not noticeable for my use case.
Despite the inconveniences, unless animated emmojis are important to you I don’t know why you wouldn’t enable it given how strong its protections are.
I turned it on, out of curiosity, and the impact is minimal, for me.
Every day users? Probably not many. It forcibly disables lots of nice-to-have features.
But users who need a highly secure phone? It’s entirely possible to use the phone without media embeds in iMessage, or shared photo albums, or websites loading in 900 fonts. It’s a trade off likely worth making in some situations.
You can make a shared photo album with family members. It’s everyone else that is problematic with the feature enabled. In my case I only want to share with my wife and son so it wasn’t a detractor for me.
I turn it on when I travel overseas, and have considered turning it on when I’m near border regions in America.
It’s mostly that I don’t want to be that guy that leaks my company’s secrets.
I’ve used it on my personal iPhone since the feature was released. The impact to my life has been minor. I can’t share some thing with my wife in the health app and my son can’t SharePlay with me in the car while I use CarPlay.
I was using it till the 26 upgrade on my iOS 13 Mini. Became very sluggish and unusable that I had to disable it. It clearly isn't tested well.
*that we know of
Which is exactly what they said:
> “We are not aware of any successful mercenary spyware attacks against a Lockdown Mode-enabled Apple device,” Apple spokesperson Sarah O’Rourke told TechCrunch on Friday.
Which is infinitely better than the cases we know about without the feature enabled.
To the best of my knowledge I too am unaware of any one using Lockdown Mode-enabled Apple device.
I don't see any bears around here. Bear patrol must be working like a charm.
Completely off topic. I went solo hiking in Azerbaijan in August of 2022, heading towards some hilltop castle thing I saw on Google Maps. Along the way I met some locals who invited me to join them. We got to the castle around midday and I was preparing to walk back to my car alone, and they all strongly advised against it. They said it was dangerous and invited me to go camping with them, which was pretty fun as they gave me my own tent, food, etc. While at the campground, one guy pulled out his phone to show me pictures of the local wildlife, including a big ol' brown bear. I was too stupid to think about what might eat me out in the woods alone, as I lacked the instinct to check for man-eating predators having grown up in an area where I didn't need to worry about such things.
Anyway, now I think about bears before solo hiking.
This is a case where bear attacks have happened, and this specific audience includes some rather delicious salmon. If salmon stop getting eaten by bears after the bear patrol is started, it's more reasonable to make that connection.
"with spyware" - a small addition. What about state actors, what about (semi)private israeli companies selling their solutions happily to all regimes regardless of consequences, what about any other kinds of hacks? As an european, by far the biggest threat to me are US state actors.
It would be such a good PR if they could just claim nobody has been hacked, period but I don't see that anywhere.
No amount of hardware/software hardening will save you if you delete "with spyware" and replace it with "with social engineering". If there have been cases of people being hacked through social engineering, it would be dishonest to make a blanket statement "nobody's been hacked", but it doesn't detract from the effectiveness of the technical measures.
https://xkcd.com/538/
You won't see that anywhere without their usual procedure of redefining the problem definition.
Sorry but you still need to be wary of state actors and the handing over of data to authorities, which is a far simpler approach than breaking security boundaries. The hacking statement is pure marketing.
This is overly reductive, black-and-white thinking.
Yes, it is impossible to be 100% ironclad secure from all possible methods of either digitally surveilling you or exfiltrating your data.
This does not mean that measures like those in the iPhone's Lockdown Mode are not genuinely helpful to a subset of the population that is at high risk for certain types of attacks.
A state actor will just kidnap your kids or throw your wife out a window.
A state actor will do those things if they're willing to be overt about their actions. Many aren't, both for the sake of preserving their image, and due to tactical concerns (e.g. you don't want to kill the golden goose).
The point of spyware is that the target isn't aware of it.
insert titanic gif here
And how do they know if they for decade apparently didn't know iOS was compromised?
Apple needs to get their shit together and stop gaslighting people.
What, all 10 of them?
Kash Patel should have had this on. https://www.reuters.com/world/us/iran-linked-hackers-claim-b...
His personal gmail was hacked, how does Apple protect your personal gmail from this? We don't even know how they hacked it. Could be password reuse.
You are replying to a bot