Citizenlab: update your Apple device's

Update Apple Devices Now

We urge everyone to immediately update their devices.

We encourage everyone who may face increased risk because of who they are or what they do to enable Lockdown Mode.

We believe, and Apple’s Security Engineering and Architecture team has confirmed to us, that Lockdown Mode blocks this particular attack.

We commend Apple for their rapid investigative response and patch cycle, and we acknowledge the victim and their organization for their collaboration and assistance.


That’s the second attack Lockdown mode prevents, neat stuff.


Updated this morning


With Lockdown Mode’s effectiveness tested by multiple, state-level attacks it may prove to be the most important privacy/security win for the general public since default device encryption for iPhones (and later Androids).

Hopefully Google gets the message and develops a similar feature for at least their Pixel devices. This would offer world class protection for millions of users who would not be the the type to use security focused custom ROMs but desire or need Lockdown Mode level protection on their Android device.

I won’t hold my breath for it, but who knows it may happen eventually. Google can do good security (if not privacy) when they want to as demonstrated by the Advanced Protection Program.

Hopefully Citizen Lab can make more info public as I would like to see if DNS-level protection would have been another layer of protection for this attack as well as if something like iVerify would have detected the malware post-compromise as intended.


Looks like another related attack was uncovered by Citizen Lab as well. This one involved manipulation of the cell network by the government launching the attack to re-direct the victim phone to a malicious site:

Important takeaways:

  1. Same exploit targeted Android devices (patched Sep 5 by Google)

  2. Lockdown mode blocked this attack as well

Is that now four lockdown successes?