FBI couldn't get into WaPo reporter's iPhone because Lockdown Mode enabled

Original Article ↗ Hacker News Discussion ↗

Lockdown Mode, iPhone Security & Exploit Limits

  • Commenters see this case as evidence Lockdown Mode meaningfully reduces attack surface, likely blocking certain zero-days or forensic tools that might otherwise work.
  • Some speculate agencies could still have undisclosed capabilities or rely on vendors like NSO/Cellebrite, but others note such capabilities are expensive, rare, and jealously guarded.
  • There’s discussion of whether exploits persist after OS updates or reboots; multiple comments emphasize iOS’s secure boot chain and difficulty of long-term persistence, especially after a hard reboot.

Macs, Touch ID, and Signal Desktop Weaknesses

  • A key failure was on the reporter’s laptop: Touch ID was enabled and law enforcement compelled her to unlock it biometrically, exposing Signal desktop.
  • Many highlight that Signal Desktop is much less safe than mobile apps once an attacker has your laptop, especially if keys and attachments are stored in plaintext or outside secure enclaves.
  • Questions arise about whether she “forgot” she set up biometrics; explanations offered include simple user error, bluffing, or (more speculatively) parallel construction, though the latter is viewed as unlikely.

Biometrics vs Passwords & Legal Compulsion

  • Widely repeated advice: avoid biometrics for devices that may face legal seizure; courts can often compel fingerprints/FaceID but not memorized passcodes (with jurisdiction-specific exceptions like “foregone conclusion” doctrine).
  • People discuss mitigations: forcing passcode on iPhone (power-button gestures), using long FileVault passwords plus separate shorter logins, hardware keys, or duress schemes.
  • Debate continues over whether forcing biometrics should be lawful; several see it as a loophole undermining the right against self-incrimination.

Lockdown Mode UX, Granularity, and Alternatives

  • Many like the protection but dislike the “all-or-nothing” design: disabling JS JIT, blocking shared photo albums, configuration profiles, and some family features.
  • Some argue coarse controls discourage adoption; others reply that any per-feature carve‑out can re-open an exploit path.
  • Users note partial alternatives: iOS wired-accessory restrictions, long-standing “pair lock” supervision, and GrapheneOS-style USB data blocking.

Trust, Narratives, and Power

  • Several express skepticism, reading stories about FBI “failures” as either marketing for Apple or intentional understatements of state capabilities.
  • Others push back, arguing agencies must conceal zero-days and that legal-process limits still matter, even if extra-legal pressure and contempt detention remain real risks.