[neom]

Well that's good at least, I presume if you're under threat of being targeted by an NSO pwn, you're hopefully running lockdown mode.

How crippled does the device feel? Is it usable? The two things you mentioned wouldn't be a problem for me. I've been considering enabling it for a while but wondered how restrictive it will realistically feel.

[naturalpb]

I'd suggest turning it on and seeing if you can live with it. Some issues that I've had:

1.) FaceTime calls from people not in your recent calls will be blocked with a silent notification. Sometimes I don't see it for hours

2.) Incoming iMessages will be stripped of Live Photos and document attachments

3.) Using Starbucks in a browser did not work until I disabled Lockdown Mode in Safari for the domain. Fortunately these exceptions are easy to make and persist

I'm not a target for state-sponsored attacks but will generally trade usability for security when reasonable.

[olliej]

Losing Live Photos sounds like a feature to me :)

(3) is weird. Conceivably it’s using wasm (I recall many years ago wasm had no interpreter mode, no idea of current state), or webgl (which seems plausibly like something that would be blocked)

[kmeisthax]

Microsoft Edge's Lockdown Mode equivalent ships with a WASM interpreter called DrumBrake: https://microsoftedge.github.io/edgevr/posts/Introducing-Enh...

[olliej]

Yeah sorry I meant to say "wasm in JSC" (which is the only wasm implementation I was ever aware of the technical details for), but was typing on my phone and apparently missed that fairly critical piece of information. Alas it's too late to correct my comment :-/

[Syonyk]

> How crippled does the device feel? Is it usable?

Not. And yes.

I did some analysis of it when it came out to figure out what all is blocked and such: https://www.sevarg.net/2022/07/20/ios16-lockdown-mode-browse...

Animated gifs in text threads don't animate - which, personally, I consider a feature.

And webfonts aren't loaded, which means a lot of forums that load icons as a webfont have a lot of squares instead of arrows for reply and such.

You can disable it on a per-website basis, and I don't do much in the way of facetime and such, so I've not really noticed it. It does remove a LOT of complex attack surfaces, though, which is worth a lot.

[Veserv]

Why should they be running lockdown mode? It says it only blocked some, but not all attacks which means that they were successfully attacked. For a targeted individual who "might be personally targeted by some of the most sophisticated digital threats" that does not cut it when your life is on the line. No, this is a existence proof that the Apple marketing that explicitly states that it can protect against such threats is bullshit and criminally irresponsible.

The only smart thing to do if you are such a individual is to not have a smartphone at all otherwise you are 100% going to be successfully attacked because every commercial smartphone is trivial to hack for a dedicated threat actor. In addition, you should never purchase a smartphone from any existing smartphone vendor for the foreseeable future regardless of what dangerous lies their marketing spins because all of their security organizations are structurally incompetent with respect to protecting against sophisticated digital threats. It would require a wholesale replacement of their security leadership, technology, and ideology for it to even be possible to actually protect against sophisticated digital threats.

[ghostpepper]

I’ve been testing it out and from what I can tell, the HN reply box doesn’t render correctly. It still functions though