Saagar JhaLockdown Mode is so poorly implemented that I would be shocked if more than a handful of people at Apple had it turned on. I think everyone I know who is using it is explicitly running an insecure configuration to work around it being so bad. What a waste of a good idea
I have little confidence in its ability to prevent harm in the real world. Apple cannot explain to you what it does or what it changes about your phone. Users have no insight into what it blocks or why. Its implementation is wildly inconsistent across platforms.
Those who have it enabled invariably seem to barely use Apple services at all; they are instead on Signal/WhatsApp/etc. which is basically unaffected by Lockdown Mode. Which makes sense because it takes exactly one FaceTime call from your mom being blocked before you turn it off
Not that public reporting on ITW chains is super indicative but I do want to point out that every blog post about something being found is like “Lockdown Mode would have prevented this infection” but you never hear about Lockdown Mode actually stopping anything
Mutesplash@saagar in re the latter point: Evidence of a failed intrusion usually doesn't exist without instrumentation?
@Mutesplash Sorry, I’m not sure I understand what you are going for here
@saagar How do you report on lockdown mode succeeding if you don't have evidence of intrusion failure?
@Mutesplash Well current reporting seems to be done on devices without Lockdown Mode active at all