> We are not aware of any successful mercenary spyware attacks against a Lockdown Mode-enabled Apple device.
The key word being "mercenary", which does not rule out first-party spyware.
- can give away your data for free - get hacked by nation-state such as Iran - get hacked by mercenary spyware and not notice
and their statement would still be correct. Now that's an awful lot of qualifiers. Plus that's just what they say.
Apple is digging itself into a hole.
In light of the correct legal interpretation of their words, being only the specific letters, we can see that your interpretation is incorrect.
> They know of a lot of attack attempts
No, their statement says nothing about attack attempts.
> so far they have no reason to believe any were successful
No, their statement says nothing about their belief, only their explicit knowledge. Their statement says nothing about their investigation practices or whether they even attempted to investigate and learn about attacks. Their statement says nothing about non-mercenary attacks.
Their statement is technically correct as long as any successful attacks they know about are not explicitly known to be committed by mercenarys.
That's a good point. The best way not to know about any successful attacks is not to know about any of them. I also can definitively state that I'm not aware of any successful attacks, but for obvious reasons this is a basically meaningless statement. Without more data, it's not clear how meaningful the statement they gave is, and while it probably is more meaningful than mine, it doesn't make sense to jump from what they said to "there have definitively been no successful attacks" based on it.
At risk of stating the obvious, isn't success "hacked it and no one ever found out (at the time)"? By definition, Apple could probably only be aware of unsuccessful attacks. Though that's not guaranteed either, considering all the myriad failure modes that there must be.
> On March 23, 2026, the Hong Kong government changed the implementing rules relating to the National Security Law. It is now a criminal offense to refuse to give the Hong Kong police the passwords or decryption assistance to access all personal electronic devices including cellphones and laptops. This legal change applies to everyone, including U.S. citizens, in Hong Kong, arriving or just transiting Hong Kong International Airport. In addition, the Hong Kong government also has more authority to take and keep any personal devices, as evidence, that they claim are linked to national security offenses.
It's good to see Apple's Lockdown mode having such success by simply disabling message attachments.
I also wish there was a regular option in iOS Messages to disable link previews.
Like "No facetime and message attachments from strangers, no link previews, no device connections", yes, please, I don't want dickpics from strangers.
"No javascript JIT or shared photo albums" no, I actually do want to be able to see friend's albums, and also want my battery to last longer due to optimizing JS.
How hard is it to keep the Lockdown Mode toggle, but also add "no link previews, no facetime calls from strangers, never join insecure wifi networks automatically" as separate option toggles I can turn on if I just want those?
Are we supposed to enable Lockdown mode always or only we enable manually when we think we're under attack?
According to instructions in settings, it is supposed to be enabled when under attack, isn't it too late already?
What are we missing...
You’re welcome to turn it on even if you’re not in one of these groups, just accept that it increases the friction of using your phone in a bunch of little ways.
I find Lockdown Mode challenging, because you basically have to use it on every device you own in the Apple ecosystem to have it enabled.
Parts of it are pretty inconvenient, like with iMessage and FaceTime not working normally, but aside from that it’s not noticeable for my use case.
Despite the inconveniences, unless animated emmojis are important to you I don’t know why you wouldn’t enable it given how strong its protections are.
But users who need a highly secure phone? It’s entirely possible to use the phone without media embeds in iMessage, or shared photo albums, or websites loading in 900 fonts. It’s a trade off likely worth making in some situations.
It’s mostly that I don’t want to be that guy that leaks my company’s secrets.
> “We are not aware of any successful mercenary spyware attacks against a Lockdown Mode-enabled Apple device,” Apple spokesperson Sarah O’Rourke told TechCrunch on Friday.
Anyway, now I think about bears before solo hiking.
It would be such a good PR if they could just claim nobody has been hacked, period but I don't see that anywhere.
Sorry but you still need to be wary of state actors and the handing over of data to authorities, which is a far simpler approach than breaking security boundaries. The hacking statement is pure marketing.
Yes, it is impossible to be 100% ironclad secure from all possible methods of either digitally surveilling you or exfiltrating your data.
This does not mean that measures like those in the iPhone's Lockdown Mode are not genuinely helpful to a subset of the population that is at high risk for certain types of attacks.
Apple needs to get their shit together and stop gaslighting people.