[nneonneo]

I think one reason to make this feature public is to get more people to use it, and therefore dilute Lockdown Mode as a signal. As you say, it’s pretty easy for an attacker to detect this mode: with a browser, just check that the Safari version is high enough but that certain features are not available. If even 1% of iPhone users are using Lockdown mode, it’ll far exceed the number of people who really need the feature to stay ahead of nation-state targeting.

[Syonyk]

This would be another good reason for "lots of random people to use it," certainly - same as Tor.

[O__________O]

Using Tor is legal justification for a warrant to remotely hack systems using it:

https://www.nolo.com/legal-encyclopedia/what-does-rule-41-sa...

As such, highly likely most systems running Tor nodes have been hacked and that Tor is not secure.

Very possible lockdown mode might be as well a legal justification for a warrant, given it “conceals” systems.

[O__________O]

Issues is automatically targeting users would be easy.

If Apple tracks users that have both lockdown mode and iCloud on, all a nation state with jurisdiction has to do is request list of users with both on; having lockdown mode on might even qualify as justification for a search warrant and legally hack anyone using it, which is already the case for Tor:

https://www.nolo.com/legal-encyclopedia/what-does-rule-41-sa...

Find it horrifying that Apple has this feature, but makes no effort to inform users about the risks of iCloud; in my opinion, if you have lockdown mode on, iCloud should not be option, should trigger an off boarding from iCloud and wiping of any data on iCloud; also pointed this out in comments here:

https://news.ycombinator.com/item?id=32006436

To me, as is, lockdown mode sounds like a honeypot:

https://en.m.wikipedia.org/wiki/Honeypot_(computing)