Mercenary spyware is one of the hardest threats to combat. It targets an infinitesimally small percentage of the world, making it statistically unlikely for most of us to ever see. And yet, because it selects only the most influential individuals (think diplomats, political dissidents, and lawyers) sophisticated malware private companies sell to nation-state governments—many with documented human-rights abuses—has a devastating effect that’s far out of proportion to the small number of people infected.
This puts device and software makers in a bind. How do you build something to protect what’s likely well below 1 percent of your user base against malware built by companies like NSO Group, maker of clickless exploits that instantly convert fully updated iOS and Android devices into sophisticated bugging devices.
No security snake oil here
On Wednesday, Apple previewed an ingenious option it plans to add to its flagship OSes in the coming months to counter the mercenary spyware menace. The company is upfront—almost in your face—that Lockdown mode is an option that will degrade the user experience and is intended for only a small number of users.