IOS LOCKDOWN MODE DETECTION TEST PROOF OF CONCEPT
What is Cryptee?
Cryptee is a safety and privacy focused, encrypted and cross-platform personal data storage service. You can write personal documents, notes, journals, store photos, videos and all sorts of other files.
On Cryptee your data is encrypted on your device and you hold the keys. So we can't read your documents, see your photos or videos, and no one else can either.
Cryptee has all the features you'd expect from a modern document editor, like live sync with unlimited devices, rich document editing, to-dos, markdown, hotkeys, code highlighting, latex math, embeds, attachments, support for tables, ability to attach and open pdf files, read epub ebooks, listen to audio-memos, as well as open and link other various file formats.
What does this proof of concept have anything to do with Cryptee?
We started Cryptee in 2018 with a simple goal: to create a safe & private space on the internet. A calm & quiet place, where there are no trackers, no ads, no metrics or addictive features.
In order to build tools that help keep you safe & private, we spend a lot of our time and resources researching technological threats that could put you at risk.
While researching, we noticed that iOS 16's Lockdown Mode might make it one-step easier for websites or ads to identify / fingerprint users and visitors. So we decided to publish this proof-of-concept, share our findings with the world, and start a conversation around the topic.
Why did Cryptee publish this proof-of-concept?
First, we would like to emphasize that we think Lockdown Mode is amazing, folks at Apple have done a great job, having Lockdown Mode is a great step-up, and if you are an at-risk user, you should absolutely enable Lockdown Mode.
We wanted to raise awareness of the fact that by enabling iOS 16's Lockdown Mode, users can make their devices more secure, but they also make their devices one-step easier to fingerprint by websites / ads.
While for some people this may be an acceptable tradeoff, for others — depending on their threat model and where they live — being fingerprinted / identified using their IP address associated with "using lockdown mode" may pose a risk.
It is our opinion that there isn't a perfect/right answer, nor a one-size-fits-all security/privacy solution that can possibly work for everyone. — and we see this every day with users of Cryptee, who all have different needs and threat-models.
With this proof-of-concept, our goal was to start a conversation around the topic of security/privacy trade-offs and what enabling Lockdown Mode could mean for at-risk users.
Perhaps everyone's going to be okay with this trade-off, but we figured it's important to have this conversation first.
How worried should you be about this?
If you are an at-risk user, you probably know if you need iOS Lockdown Mode or not.
Lockdown Mode is great for your "security". By enabling Lockdown Mode, you disable tons of features that could potentially make your device more vulnerable.
All this safety comes at a cost of course, which is that these disabled features, may make your internet and mobile experience inconvenient and different as a side effect.
So if you want to stay extra-safe you have to make some trade-offs.
Some of these are convenience trade-offs, like not being able to tap on links shared with you on iMessages.
Others are privacy trade-offs. And the subtle difference between "security" and "privacy" in this context is extremely critical to understand in order to figure out if you should be worried about our research findings or not.
Imagine this: If you wanted to make your home extra-safe and secure, you could put a barbed-wire fence around your house, employ armed guards, dogs, etc. It would certainly make your house extra-safe. But it would also make your house stand out in the neighborhood and very easy to notice — even from a distance.
Similarly, Lockdown Mode makes your device extremely safe, at the cost of making you a bit more noticable while browsing the internet. i.e. it disables fonts, the ability to play mp3 audio on the web, WebAssembly, WebGL, just-in-time compilation, gamepad features etc... Making it possible for websites to check to see if some of these features are disabled and determine if you're using Lockdown Mode. Since websites can also see if your IP address (if you're not using a VPN all the time), combination of these pieces of information can potentially make it possible for websites to identify / fingerprint you with ease.
So if you are an at-risk person, and getting identified on the internet as someone who uses Lockdown Mode could pose risks to your wellbeing, it may be worth for you to look into taking further measures to keep yourself private while also keeping safe using lockdown mode.
Can Apple do something to remedy this?
Technically no. But they can make things harder for websites.
As we mentioned in the previous answer above, to detect Lockdown Mode, this proof-of-concept checks for features disabled by Lockdown Mode. — features which are disabled to keep you safe —.
And this security vs privacy trade-off is the exact reason why we wanted to build this proof-of-concept tool, and start a conversation around the differences between security and privacy, as well as the trade-offs worth considering when making extreme-security choices.
To make it harder for websites to associate Lockdown Mode use with your IP address and identify you, Apple could include and enable iCloud Private Relay by default in Lockdown Mode. This would help make your IP address blend in with the crowd. — However, sadly iCloud Private Relay is not available in all countries or regions.
Can I do something to remedy this?
Technically no, you cannot remedy this entirely.
You can make it harder for websites to identify you with your IP address, by using things like iCloud Private Relay or VPNs. However even this won't guarantee you won't get fingerprinted. i.e. Platforms like Facebook, TikTok, WeChat etc which may have your real name can detect you are using Lockdown Mode.
What if I never use Safari or don't browse the internet on my phone?
Can apps detect if I'm using Lockdown Mode?
While we haven't tried this yet, we think it's possible for apps to detect you're using Lockdown Mode as well. So avoiding the web isn't a solution either.