Comment by varispeed

Comment by varispeed 14 hours ago

3 replies

View on Hacker News

If Pegasus can break the iOS security model, there’s no reason to think it politely respects Lockdown Mode. It’s basically an admission the model failed, with features turned off so users feel like they’re doing something about it.

jkubicek 14 hours ago

Lockdown mode works by reducing the surface area of possible exploits. I don't think there's any failures here. Apple puts a lot of effort into resolving web-based exploits, but they can also prevent entire classes of exploits by just blocking you from opening any URL in iMessage. It's safer, but most users wouldn't accept that trade-off.

Reply View 2 replies
  • varispeed 12 hours ago

    Claiming reduced attack surface without showing which exploit classes are actually eliminated is faith, not security.

    And Lockdown Mode is usually enabled _after_ user suspects targeting.

    Reply View 1 reply
    • goalieca 11 hours ago

      If you did RTFA for this story, you’ll see on page 67 what I pasted with a link to the support article describing to end users exactly what’s blocked. It does greatly reduce the attack surface.

      Reply View 0 replies