Email or username:

Password:

Forgot your password?
Top-level
Rich Felker

@evacide Platforms where folks you don't know can cold call you (email, SMS, iMessage) should ideally never support anything but pure text. If that ship has already sailed, loading non pure text content should be only on request.

7 comments
Rich Felker

@evacide Aside from avoiding 0day vulns and phishing, it'd avoid having to see the faces of spamming political candidates.

lj·rk

@dalias @evacide While it's not the default, I encourage everyone to turn on lockdown mode on iOS.

Rich Felker

@ljrk @evacide Does lockdown mode do this? That sounds good. Sadly though a lot of things are coupled under one switch, so unless you can accept all the individual inconveniences it entails, you can't get any of the benefits, so there's strong incentive to leave it off.

evacide

@dalias @ljrk The CL blog post has just added a note saying that they believe High Security mode is safe against this exploit.

lj·rk

@evacide @dalias I'm *pretty* sure I read in their docs that it disables parsing of untrusted message media content, but of course also restricts Js in the browser etc.

We're daily-driving an iPad in Lockdown Mode but didn't face any issues tbfh, the restrictions aren't noticeable to us. We mainly use it for browsing and media streaming.

Go Up