Summary created by Smart Answers AI
In summary:
- Macworld reports that the FBI was unable to retrieve data from a Washington Post reporter’s seized iPhone 13 due to Apple’s Lockdown Mode feature.
- Introduced in iOS 16, Lock Mode provides extreme privacy protection against targeted spyware by disabling features and requiring the device to be unlocked to connect accessories.
- This incident demonstrates that Apple’s robust security measures can effectively thwart even forensic law enforcement tools and demonstrate strong protections for user privacy.
FBI techs were unable to access the journalist’s iPhone because it was in locked mode, court filings show.
As part of an investigation into a suspected leak of classified data by a Pentagon contractor, the FBI raided the home last month The Washington Post reporter Hannah Natanson and seized a wide variety of devices, including an iPhone 13 and two MacBook Pros. They were able to gain access to one of the MacBooks by pressing Natanson’s finger on the Touch ID sensor (which was allowed under the terms of the search warrant), but had no such luck with the iPhone.
“The iPhone was found turned on and charging, and its display noted that the phone was in ‘Locked Out’ mode,” FBI agents report in a filing (via 404 Media ) opposing the device’s return. “Because the iPhone was in locked mode, (the Computer Analysis Response Team) was unable to extract the device.”
As 404 reports, the submission was made roughly two weeks after the raid, meaning FBI specialists were unable to break Lockdown for that long. This gives us a rare insight into the function’s effectiveness.
Lockdown Mode is a specialized and little-discussed iPhone security feature, an ultra-high-privacy setting that was added in the iOS 16 software update back in 2022. It’s intended for iPhone owners working in specialized fields, such as journalism and political activism, where they could be targeted by state-sponsored spyware. The mode disables many features and impacts performance, but it’s much more difficult to target your device.
While its main goal is to thwart mercenary spyware attacks, Lockdown Mode can also prevent data extraction by changing the way the locked device interacts with external accessories: namely, that the iPhone must be unlocked in order to connect the accessory. As 404 points out, many digital forensics tools used by law enforcement depend on establishing a physical connection in a way that Lockdown mode prevents.
It’s debatable how Apple will handle the headlines this way. On the one hand, the situation serves as a reminder that iPhones have excellent security features and that Apple is so committed to device privacy that it has made enemies in law enforcement. There are echoes of the 2015/2016 San Bernardino case, when Apple refused to write its own iPhone OS to help the FBI gain access to the mass shooter’s communications.
But on the other hand, Apple is taking a slightly more conciliatory approach to the political establishment these days. How would Tim Cook react if the president posted messages on Truth Social complaining about Lockdown Mode and demanding it be removed in future versions of iOS? It’s hard to say, but I think he’d like to avoid that conversation.