> The list of lockdown features don't seem to explicitly list that in-house app sideloading is disabled - is it? If not, then this mode seems like security theater from Apple, in that it doesn't actually lock down the parts of the attack surface that are actively being leveraged. How about instead, or better yet alongside this, Apple explains how they granted entry in the Enterprise program to the spyware company, and what measures they're taking to prevent it from happening again.
Im pretty sure that iMessage is one, if not the most targeted parts of the iOS ecosystem for practical exploitation. Disabling link previews and restricting the formats that are rendered likely renders this much more difficult.
The side loaded app would likely have to target non technical people as i'm pretty sure side loaded apps require lots of clicking through and trusting of certificates to get to run on a phone.
Im pretty sure that iMessage is one, if not the most targeted parts of the iOS ecosystem for practical exploitation. Disabling link previews and restricting the formats that are rendered likely renders this much more difficult.
The side loaded app would likely have to target non technical people as i'm pretty sure side loaded apps require lots of clicking through and trusting of certificates to get to run on a phone.