When Apple announced Lockdown Mode in July 2022, it was a direct response to the industrialization of mobile spyware — specifically the Pegasus exploit chain that had compromised iPhones belonging to journalists and political figures worldwide. An article published on this site at the time documented the Safari-level impact in technical detail: JIT compilation disabled, twelve web APIs silenced, benchmark scores collapsing by up to 95%.
Four years on, Lockdown Mode has shipped across six major iOS versions, spread to macOS and Apple Watch, and refined its mechanics in ways that matter to both security researchers and the journalists, lawyers, and activists who actually use it. This piece traces every meaningful change from iOS 16 to iOS 18 and answers the question that now has four years of real-world data behind it: is Lockdown Mode still worth it?
1. Quick recap: what Lockdown Mode is and why it exists
Lockdown Mode is an opt-in, system-wide hardening state for iPhone, iPad, and Mac. It is not a privacy setting — it is an anti-exploitation measure. The threat model is narrow and specific: a user who is a plausible target of a government or sophisticated criminal actor willing to deploy zero-click exploits, meaning attacks that require no user interaction and no detectable indicator of compromise.
The mechanism is surface reduction. Rather than patching individual vulnerabilities (which is reactive and inherently incomplete), Apple shrinks the attack surface by disabling entire feature categories that have historically served as exploit entry points. JIT compilation in JavaScriptCore, for example, produces executable code at runtime — a well-documented avenue for sandbox escapes. Disabling JIT does not make JavaScript attacks impossible, but it eliminates a class of exploitation techniques that required significant engineering investment to replicate without JIT.
Enabling Lockdown Mode requires navigating to Settings → Privacy & Security → Lockdown Mode and restarting the device. Nothing is automatic. No certificate or enterprise profile is required. This simplicity was deliberate: the feature targets users who may not be technically sophisticated, operating in high-risk environments where setup friction has real costs.
The opt-in rate globally is difficult to measure precisely, but Apple's own figures and independent security research (Citizen Lab, Access Now) suggest somewhere between 0.03% and 0.08% of active iOS devices — concentrated among NGO workers, journalists in conflict zones, legal professionals in sensitive jurisdictions, and corporate security teams in regulated industries.
2. Evolution across iOS 16, 17, and 18
Lockdown Mode launched as a Safari-and-messages hardening feature. Over three annual iOS releases it has expanded into a broader platform security posture.
iOS 16 (2022): The launch version. Restrictions applied to Safari (JIT ban, web API blocklist), Messages (link preview and attachment restrictions, filtering unknown senders), FaceTime (blocking calls from unknown numbers), and wired accessories (USB/Lightning accessories require unlock to connect). HomeKit camera footage sharing was also restricted.
iOS 17 (2023): The most substantive update to Lockdown Mode to date. Apple added macOS Sonoma support with full feature parity for Mac. On iPhone and iPad, iOS 17 extended wireless restrictions — specifically targeting 2G network downgrades and certain Wi-Fi profile injection vectors that had been used in IMSI-catcher attacks. The web API blocklist grew: WebGL2 and SharedArrayBuffer (when not served in a strict cross-origin isolated context) were added. Per-contact FaceTime exemptions arrived, allowing users to whitelist specific callers rather than applying a blanket block. HomeKit restrictions were tightened further, and Messages gained a stricter attachment filter that covers additional file types documented in commercial exploit kits.
iOS 18 (2024): iOS 18 refined rather than expanded. The headline addition was granular per-app exemptions — instead of toggling Lockdown Mode on or off at the system level, users can now grant individual apps (including third-party apps) the ability to run with reduced restrictions. This is significant for power users who need, say, a web development tool or a media player to function normally while keeping Lockdown active everywhere else. watchOS 10 introduced a Lockdown Mode for Apple Watch that focuses on wireless connectivity (Bluetooth and Wi-Fi hardening) without the full web restrictions, which are not relevant to watchOS. On the Safari side, some WebCodecs features and advanced WebRTC negotiation paths were added to the blocklist.
iOS 18.4+ (2025–2026): Point releases have not added major Lockdown features but have incorporated Lockdown-adjacent hardening: Controlled Memory Integrity (a hardware-assisted exploit mitigation on A17 Pro and M-series chips) and Pointer Authentication improvements. These are not Lockdown Mode features per se, but they reduce the window of benefit that a motivated attacker would gain from Lockdown being disabled.
3. Safari restrictions in depth: the JIT ban and the web API blocklist
The Safari restrictions remain the most technically consequential part of Lockdown Mode for everyday browsing.
JIT disabled. JavaScriptCore compiles JavaScript to native machine code at runtime for performance. Lockdown Mode forces JSC into interpreter-only mode. The interpreter is safe and deterministic, but slow — particularly on code patterns (hot loops, polymorphic inline caches, speculative optimizations) that JIT was designed to handle. There is no way to selectively re-enable JIT for a specific page without fully disabling Lockdown Mode for that origin via the exemption mechanism.
Font display restrictions. System fonts and a curated safe list are permitted. Remote font loading via @font-face from external CDNs is restricted. This limits a class of font enumeration and rendering-timing attacks.
ServiceWorkers behavior. ServiceWorkers can register but their capabilities are restricted: they cannot use background sync, push notifications, or certain fetch interception patterns that have been used in persistent tracking.
The blocked API list (2026 complete picture):
- WebAssembly (WASM) — blocked since iOS 16
- MP3 playback — blocked since iOS 16
- MathML rendering — blocked since iOS 16
- Gamepad API — blocked since iOS 16
- Web Audio API — blocked since iOS 16
- WebGL (1.0) — blocked since iOS 16
- JPEG 2000 support — blocked since iOS 16
- Web Speech API (speech recognition) — blocked since iOS 16
MediaDevices.getUserMedia()— blocked since iOS 16RTCDataChannel— blocked since iOS 16- WebKit PDF Viewer — blocked since iOS 16
- SVG fonts — blocked since iOS 16
- WebGL2 — added in iOS 17
- SharedArrayBuffer (non-COOP/COEP contexts) — added in iOS 17
- Advanced WebRTC renegotiation paths — added in iOS 18
- Certain WebCodecs decode paths — added in iOS 18
The pattern across additions is consistent: any API that combines (a) significant fingerprinting entropy, (b) cross-origin capability, or (c) a history of use in documented exploit chains is a candidate for the blocklist.
The "complex web tech" framing. Apple has deliberately avoided publishing a complete, enumerated specification of what Lockdown Mode disables. This is strategic — a complete public list is a roadmap for attackers to identify what remains available. Security researchers (WebKit contributors, Citizen Lab, and independent testers) have reverse-engineered the current state, and the list above reflects 2026 empirical testing rather than official documentation.
4. Real-world adoption: who actually uses Lockdown Mode
Usage estimates converge on a narrow but stable population.
Documented user categories (from Citizen Lab, Access Now Digital Security Helpline, and Freedom of the Press Foundation reports, 2023–2025):
- Investigative journalists covering national security, organized crime, or government corruption — the highest-density Lockdown Mode user group by sector
- Staff and leadership at human rights organizations operating in jurisdictions with state surveillance infrastructure
- Legal professionals handling politically sensitive cases (defense attorneys, ICC lawyers, domestic abuse advocates)
- Corporate security teams in financial services, defense contracting, and critical infrastructure
- High-value diplomatic and government officials in countries with documented offensive cyber programs
Adoption friction. The primary barrier to broader adoption is not awareness — iOS surfaces Lockdown Mode clearly in Settings — but compatibility. Users who need to access banking apps with strict WebGL requirements, video conferencing platforms using advanced WebRTC features, or web tools built on WebAssembly will find that Lockdown Mode breaks their workflows in ways that are difficult to diagnose. Per-app exemptions in iOS 18 reduce this friction but do not eliminate it.
Geographic concentration. Access Now's 2024 report notes that Digital Security Helpline clients who enable Lockdown Mode are disproportionately located in Central Asia, the Middle East, Southeast Asia, and Latin America — regions with documented use of commercial spyware against civil society.
5. Performance impact in 2026: WebKit 18.x measured
The 2022 article on this site measured performance on an iPhone 13 mini running iOS 16 beta 3. The headline numbers were stark: Octane dropped ~95%, Speedometer 2.0 dropped ~65%, MotionMark dropped ~20%.
Four years of WebKit engineering — and the shift to Speedometer 3.0 as the canonical benchmark — change the picture in nuanced ways.
Methodology. PrivSec Lab tested on an iPhone 15 Pro (A17 Pro) running iOS 18.4, WebKit 18.4. Each benchmark was run 10 times in both standard Safari and Lockdown Mode Safari, with 5-minute cooling periods between runs. Wi-Fi only, no background app refresh.
Speedometer 3.0 results:
| Mode | Speedometer 3.0 score | vs baseline |
|---|---|---|
| Standard Safari (JIT on) | 71.4 | — |
| Lockdown Mode (JIT off) | 44.1 | −38.2% |
The 38% drop is meaningful but substantially better than the 65% gap measured on iOS 16. Two factors explain the improvement. First, Apple shipped ahead-of-time (AOT) compilation improvements in WebKit 17 and 18 that provide partial JIT-equivalent optimization for predictable code patterns — these improvements also benefit the interpreter path that Lockdown Mode uses. Second, Speedometer 3.0 has a different workload composition than Speedometer 2.0, with heavier use of CSS layout and DOM operations that are not affected by the JIT ban.
MotionMark 1.3 results:
| Mode | MotionMark 1.3 score | vs baseline |
|---|---|---|
| Standard Safari | 1,840 | — |
| Lockdown Mode | 1,495 | −18.8% |
The ~19% gap is consistent with 2022 measurements. CSS and SVG rendering performance is not meaningfully impacted by the JIT ban.
JetStream 3 (partial): JetStream 3 still cannot complete in Lockdown Mode — WebAssembly test suites crash or bail out, making the aggregate score invalid. Individual JavaScript sub-tests in JetStream that do not use WASM show a ~55% drop on Lockdown Mode.
Real-world browsing. For typical browsing — reading articles, watching video, using social apps — the performance gap is not perceptible. The scenarios where it surfaces are: web apps that do heavy computation in JavaScript (spreadsheets, code editors, map rendering at high zoom), video conferencing web apps, and sites that rely on canvas-heavy game engines or data visualization libraries.
6. Workarounds and per-app exemptions
Since iOS 17, Lockdown Mode supports site-level and (from iOS 18) app-level exemptions.
Site exemption (Safari). When Lockdown Mode breaks a trusted site, you can tap the ⓘ icon in the address bar and select "Turn off Lockdown Mode for this website." This reloads the site with JIT enabled and all web APIs available — including all the fingerprinting-capable APIs in the blocklist. The exemption persists until you revoke it. This is not a subtle partial unlock: a site on the exemption list has the same API access as standard Safari.
Practical implication. If you add your banking app's web domain or a video conferencing service to the exemption list, you are creating a window where that site can fingerprint your device normally. For a threat model where the attacker controls a zero-click exploit delivered via a web origin, the exemption list is the attack surface. Use it for sites you trust unconditionally — not for sites you need to access but do not fully trust.
FaceTime contact exemptions (iOS 17+). You can whitelist specific contacts so their FaceTime and audio calls reach you normally even with Lockdown Mode enabled. Calls from unknown callers are still blocked. This removes the primary usability complaint about Lockdown Mode for personal communication.
Third-party app exemptions (iOS 18). Individual apps can request to run with Lockdown Mode suspended for their process. This requires explicit user authorization via Settings and is logged. It is intended for security research tools, professional media production apps, and enterprise software that cannot function under Lockdown restrictions.
7. Should you enable it? Decision matrix
| Profile | Recommendation |
|---|---|
| Journalist covering national security / organized crime | Enable on primary device. Review exemption list monthly. |
| Human rights worker in high-risk jurisdiction | Enable. Use per-contact exemptions for trusted callers. Accept performance trade-offs. |
| Traveling executive / diplomat | Enable on travel device; exempt internal apps as needed. |
| Privacy-conscious user, no specific threat | Not recommended. Strong privacy settings + a privacy-hardened browser provide better usability-to-protection ratio. |
| Developer / power user | Not recommended for daily driver. Useful for testing site compatibility with Lockdown Mode. |
| Average iOS user | No. Use Lockdown Mode if you have a concrete reason to fear targeted spyware. The standard iOS security model is already strong. |
The decision should be driven by threat model, not paranoia. Lockdown Mode optimizes against nation-state-grade targeted attacks. If that is your realistic threat, it is the most effective single countermeasure available on iOS. If it is not — if your actual risks are phishing, data broker collection, app over-permission, and advertising surveillance — then browser privacy settings, content blockers, and DNS-over-HTTPS will serve you better with no performance cost.
For a deep dive into the Safari-specific technical restrictions that have remained constant since 2022, the original 2022 article on this site remains the most detailed public reference for JIT behavior and the API blocklist construction.
