Yes you can disable it for specific sites and apps.
Regular Android has a similar feature called Advanced Protection (not to be confused with the Advanced Protection Program for your Google account) that does a lot of the same things. GrapheneOS already by default has stronger versions of all the protections so a different mode isn’t necessary.
On some iphones, lockdown mode causes voice call failures unless 2g/3g is kept on. What type of security issues occur in lockdown mode when keeping 2g/3g on.
This is the more secure option because it reduces the attack surface in other areas as well. You should not be using 2g/3g at all though. It’s unencrypted. If something isn’t working because it’s disabled that’s a good thing.
An update if people are interested - They were able to unlock her macbook using her fingerprint
Natanson was reminded the FBI has authority to use her biometrics to unlock the laptop and Natanson repeated that she does not use biometrics on her devices. Natanson was told she must try, in accordance with the authorization in the warrant. The FBI assisted Natanson with applying her right index finger to the fingerprint reader which immediately unlocked the laptop.
Interesting. This means the Mac was already powered on and logged into when they seized it as, just like with iPhones, the first login after being powered on or restarted requires a password. If her fingerprint unlocked the Mac it means she had already logged into it before it was seized.
Also if they resorted to the fingerprint, does that mean they could not access it otherwise even though it was powered on? Or did they not even attempt exploitation until trying the fingerprint?
Edit Substantive update: Just finished reading the entire article, turns out there are two MacBook’s. One owned by the Washington Post and one personally owned by the reporter. The personal laptop was powered off and they have been unable to access it. The Post-owned MacBook was powered on when seized and that is what was unlocked with her finger print.
I don’t understand what you mean by 4G and use USB hotspot. I have my iPhone on WiFi all the time and it’s connected to any WiFi network to make WiFi calls. Your carrier has to support it in order for it to work.
If your macbook has an M1 or newer apple silicon processor, it can’t be forensically analyzed even if powered on - unless they have the password.
To recover a macbook typically you insert an external drive, and boot from that drive. However user credentials are required to make the change in the settings to allow for this.
I believe the ram is encrypted by the secure enclave on M1 or above macbooks as well, meaning a ram dump isn’t possible.
It doesn’t have the new MTE feature that the new A19 and I believe the M5 has. If you’re a journalist and travel a lot, I would probably ensure that my iPhone and MacBook have it.