These special phone and app features can help protect you from spyware

这些特殊的手机和应用功能可以帮助你抵御间谍软件

Spyware attacks on journalists, human rights defenders, and political dissidents are no longer rare or exotic. In early 2025, WhatsApp notified roughly 90 users — many of them journalists and civil society members across Europe — that they had been targeted by Israeli spyware company Paragon Solutions. 针对记者、人权捍卫者和政治异见人士的间谍软件攻击已不再罕见或离奇。2025年初，WhatsApp通知了约90名用户（其中许多是欧洲各地的记者和公民社会成员），称他们已成为以色列间谍软件公司Paragon Solutions的目标。

Months later, Apple sent threat notifications to a new group of iOS users; forensic analysis confirmed two of them, both journalists, had been hit with Paragon’s Graphite spyware using a zero-click attack, meaning they didn’t even have to tap a link to be compromised. These aren’t isolated incidents. They’re the norm. 几个月后，苹果向另一批iOS用户发送了威胁通知；取证分析证实，其中两名记者遭到了Paragon公司Graphite间谍软件的“零点击”攻击，这意味着他们无需点击任何链接就会被入侵。这些并非孤立事件，而是常态。

For the last 15 years, security researchers have documented countless cases where government hackers have targeted and successfully compromised journalists, human rights defenders, critics, and political opponents. These attacks rely on expensive, sophisticated, and stealthy tools that allow their operators to hack into and install spyware on computers, but especially smartphones, which hold virtually all of the data about a person’s daily life. 在过去15年里，安全研究人员记录了无数起政府黑客针对并成功入侵记者、人权捍卫者、批评人士和政治对手的案例。这些攻击依赖于昂贵、复杂且隐蔽的工具，使操作者能够入侵并安装间谍软件到电脑，尤其是存储了个人日常生活几乎所有数据的智能手机上。

Spyware gives its operators virtually full access to the target’s device and data. Government spies can record phone calls, steal chat messages, access photos, and switch on the device’s camera and microphone to record ambient sound and record nearby conversations. Spyware also typically tracks a person’s real-time location. 间谍软件赋予操作者对目标设备和数据的几乎完全访问权限。政府间谍可以录制通话、窃取聊天记录、访问照片，并开启设备的摄像头和麦克风来录制环境声音及附近的谈话。间谍软件通常还会追踪个人的实时位置。

In response to these attacks, tech giants now provide their users with better defenses. In particular, Apple, Google, and Meta offer opt-in features specifically designed to counter targeted spyware attacks. Generally speaking, these features add extra protection, sometimes by turning off or limiting some regular features. It’s a tradeoff, but having used these myself for a long time, I have never found them to be too onerous or annoying to use. 为了应对这些攻击，科技巨头现在为用户提供了更好的防御措施。特别是苹果、谷歌和Meta，它们提供了专门针对定向间谍软件攻击的选配功能。总的来说，这些功能通过关闭或限制某些常规功能来增加额外的保护。这是一种权衡，但我自己长期使用这些功能，从未觉得它们过于繁琐或令人困扰。

Tech companies, security researchers who have studied spyware for years, and we at TechCrunch, recommend that you use these features if you suspect you may be a target of government surveillance because of who you are or what you do. Even if you’re not, these security features will keep your data better protected from entering the wrong hands. 科技公司、多年研究间谍软件的安全研究人员以及我们TechCrunch都建议，如果你因身份或工作原因怀疑自己可能成为政府监控的目标，请务必使用这些功能。即使你不是目标，这些安全功能也能更好地保护你的数据，防止其落入不法之徒手中。

No security measure is perfect, and it’s a constant effort to keep security flaws at bay. Spyware makers find new ways to hack into phones and services, then software makers learn from those attacks and respond. Rinse and repeat. But that doesn’t mean these features are not worth using. On the contrary; these features have been proven effective. 没有任何安全措施是完美的，抵御安全漏洞是一场持久战。间谍软件制造商不断寻找入侵手机和服务的新方法，而软件制造商则从这些攻击中学习并做出响应。周而复始。但这并不意味着这些功能不值得使用。相反，这些功能已被证明是有效的。

“These features are free, easy to enable, and the best defense we have today against sophisticated spyware,” said Runa Sandvik, a security researcher who has worked to protect journalists and other at-risk communities for more than a decade. “If the features get in the way of something you need to do, you can easily turn them off again — meaning it costs very little to turn them on and try them out.” “这些功能免费、易于启用，是我们目前抵御复杂间谍软件的最佳防线，”已致力于保护记者和其他高风险群体十多年的安全研究人员Runa Sandvik表示。“如果这些功能妨碍了你需要做的事情，你可以轻松地再次关闭它们——这意味着开启并尝试它们的成本非常低。”

Here’s a recap of these features, and how to switch them on. 以下是这些功能的概述以及如何开启它们的方法。

Apple’s Lockdown Mode

苹果的“锁定模式” (Lockdown Mode)

Apple’s Lockdown Mode is available on all Apple devices, including iPhones. Apple says that when Lockdown Mode is enabled, “your device won’t function like it typically does.” In exchange for this inconvenience, your device will be more secure. There is evidence that Lockdown Mode has helped in the past. Citizen Lab found that Lockdown Mode stopped one spyware attack carried out with NSO Group’s Pegasus software. As recently as March, Apple said it has never detected a successful attack on an Apple device with Lockdown Mode enabled. 苹果的“锁定模式”适用于所有苹果设备，包括iPhone。苹果表示，当启用锁定模式时，“你的设备将无法像往常一样运行”。作为这种不便的交换，你的设备将更加安全。有证据表明，锁定模式在过去确实发挥了作用。多伦多大学公民实验室（Citizen Lab）发现，锁定模式曾阻止了一次使用NSO集团Pegasus软件进行的间谍软件攻击。就在今年3月，苹果表示从未检测到任何针对已开启锁定模式的苹果设备的成功攻击。

This is what Lockdown Mode changes on your device when you turn it on: 当你开启锁定模式时，它会对你的设备进行以下更改：

• Attachments received on iMessage other than some images, video, and audio are blocked by default. 除部分图片、视频和音频外，iMessage收到的附件默认被拦截。
• Links and previews in iMessage are blocked and appear as non-linked web addresses. (You can copy and paste the links into Safari or another browser if you want.) iMessage中的链接和预览被拦截，并显示为非链接的网址。（如果需要，你可以将链接复制并粘贴到Safari或其他浏览器中。）
• Fonts, some images, and some web technologies are blocked when browsing in Safari. 在Safari浏览时，字体、部分图片和部分网页技术被拦截。
• Incoming FaceTime calls are blocked if you haven’t contacted that person before or in the last 30 days. 如果你之前或过去30天内未与对方联系过，FaceTime来电将被拦截。
• Screen sharing, content sharing over SharePlay, and Live Photos are unavailable. 屏幕共享、通过SharePlay共享内容以及实况照片（Live Photos）功能不可用。
• Incoming invitations for Apple services are blocked unless you have previously invited that person. 除非你之前邀请过对方，否则苹果服务的传入邀请将被拦截。
• The Focus feature “and any related status will not work as expected.” 专注模式“及其任何相关状态将无法按预期工作”。
• Game Center is disabled. 游戏中心（Game Center）被禁用。
• Location information is stripped when you share photos. 共享照片时，位置信息会被移除。
• “Shared albums are removed from the Photos app, and new Shared Album invitations are blocked.” “共享相簿将从照片应用中移除，新的共享相簿邀请将被拦截。”
• You need to unlock your device to connect it to an accessory or a computer. 你需要解锁设备才能将其连接到配件或电脑。
• When connecting a Mac with Apple-made processors to an accessory, the computer needs to be unlocked and you have to approve the connection with your passcode. 当将搭载苹果自研芯片的Mac连接到配件时，电脑必须处于解锁状态，且你必须使用密码批准连接。
• You can’t connect automatically to open or public Wi-Fi networks, and you will be disconnected from any non-secure Wi-Fi networks that you previously connected to before enabling Lockdown Mode. 你无法自动连接到开放或公共Wi-Fi网络，并且在启用锁定模式前连接的任何非安全Wi-Fi网络都将被断开。
• Your phone won’t be able to connect to 2G or 3G cellular networks. 你的手机将无法连接到2G或3G蜂窝网络。
• You can’t install configuration profiles or enroll the device in a Mobile Device Management program. 你无法安装配置文件或将设备注册到移动设备管理（MDM）程序中。

To switch on Lockdown Mode, go to Settings, then Privacy & Security, and scroll down to Lockdown Mode. Once you enable the feature, your Apple device will restart. 要开启锁定模式，请进入“设置”，点击“隐私与安全性”，然后向下滚动找到“锁定模式”。启用该功能后，你的苹果设备将会重启。

I have used Lockdown Mode for years. While I noticed some websites being a bit wonky at the beginning, I haven’t noticed that in a while. Also, you can selectively switch off Lockdown Mode for specific websites and apps, without disabling the feature entirely. There are some quirks, but I have gotten used to them, too. 我已经使用锁定模式多年了。虽然起初我注意到一些网站运行有些异常，但最近已经没再遇到这种情况了。此外，你可以为特定的网站和应用选择性地关闭锁定模式，而无需完全禁用该功能。虽然有一些小毛病，但我已经习惯了。

Google’s Advanced Protection Program

谷歌的“高级保护计划” (Advanced Protection Program)

Google launched its Advanced Protection Program in 2017. This feature is designed to make your Google account more resilient against malicious hackers of all kinds. Advanced Protection Program includes the following features: Restricts some third-party services and apps from accessing your Google. 谷歌于2017年推出了“高级保护计划”。该功能旨在增强你的谷歌账户抵御各类恶意黑客的能力。高级保护计划包括以下功能：限制部分第三方服务和应用访问你的谷歌账户。