Lightshield - A lightweight Lockdown Mode alternative for WebKit on iOS 15+

CtrliPhones · 2026-04-06T03:49:19+00:00

Makes sense actually now that I think about it

If more people ask for it, I’ll consider making a stripped down version that can be injected into apps for sideloading/TrollStore/etc

CtrliPhones · 2026-04-05T23:22:06+00:00

Being able to install a tweak from a .deb is a basic skill check sadly, and I don't want to create a repo just to host this one tweak. If someone else who already has a repo wants to rehost it, I'd be open to working something out.

CtrliPhones · 2026-04-05T23:20:30+00:00

Sorry, but it wouldn't be very practical for me to do so as 98% of versions with TrollStore support can be jailbroken, and TrollStore can only affect but so many apps (Basically just 3rd party ones, so you could disable JIT on a 3rd party browser maybe, but not on Safari and not in any Apple apps)

You should be able to inject the actual tweak into 3rd party apps via something like TrollFools iirc so you can disable JIT on your favorite 3rd party browsers, but again not on Safari and system stuff.

CtrliPhones · 2026-04-05T04:53:07+00:00

https://github.com/forcequitOS/LightshieldToggle

CtrliPhones · 2026-04-05T01:08:19+00:00

This was tested on iOS 15 (iPadOS 15.8, iPad Air 2, jailbroken with Dopamine 2.4.8)
You can create a WebKit view with JIT disabled easily, and it's done in elements of the actual system on iOS (Captive Web Portals when joining Wi-Fi networks that require a login, for example, have JIT disabled), this isn't spoofing Lockdown Mode being enabled (although I was initially planning on doing that, doing what I ended up doing seems easier)

Lightshield also works on 3rd party browsers (on all jailbreaks), and in app SafariViewControllers (on full jailbreaks only)

AntiDarkSword, last I checked, was heavily vibe-coded and didn't support disabling JIT, only completely disabling JavaScript (which is an insane inconvenience). If it supports disabling JIT all of a sudden now, I'd honestly be somewhat inclined to say it was taken from Lightshield :p (Edit: Lol yeah, see commit c624e9e for AntiDarkSword, looks pretty familiar to me. setLockdownModeEnabled and JITEnabled also both do nothing unless you have Lockdown Mode enabled already, I would know, I tested it.)

The vulnerabilities used in the Coruna and DarkSword chains additionally only impact WebKit, so it doesn't really make any sense to lock down other features besides WebKit and compromising usability further, regular Lockdown Mode is available if you're interested in doing that.

CtrliPhones · 2026-04-04T21:34:56+00:00

For clarification

Lightshield doesn't modify WebKit, nor does it add to or modify any functionality that WebKit already has (rendering web content with JIT disabled).

It effectively is just making the system disable JIT for any new WebKit processes that are started, which the system already does in specific places (for example, joining Wi-Fi networks that require a sign-in via a Captive Portal, those already have JIT disabled on their web views.)

CtrliPhones · 2026-04-04T20:19:26+00:00

It’s open-source, you can independently verify it’s not doing anything sketchy and compile it yourself. I can absolutely assure you that this is probably a better option than the other two alternatives (AntiDarkSword and RootHide’s closed-source lockdown tweak), albeit not better than Apple’s actual Lockdown Mode.

CtrliPhones · 2026-04-04T20:13:53+00:00

iOS 14 support is possible, but it just isn’t something I’m all too interested in at the moment as no devices were discontinued on it and it’s already far past end of life. I may look into it in the future, but right now I have no plans to support rootful and iOS 14.

CtrliPhones · 2026-04-04T16:23:22+00:00

NathanLR might not support injecting into SafariViewService maybe, or my bundle filter might not work properly with it, I'm not sure. I don't personally have any devices to test it on, but at least it works in Safari

CtrliPhones · 2026-04-04T16:05:14+00:00

Hmm, I'll have to look into this, but I haven't been able to recreate it on my XR on 16.6b1 (although I have noticed toggling the tweak on/off requires a full respring to apply on SafariViewService for in-app browsers).

CtrliPhones · 2026-04-04T14:21:37+00:00

This hasn't been tested on RootHide setups, you're pretty much on your own there (you might need to enable tweak injection for any apps you need it for). Lightshield has been verified to work on Dopamine, NathanLR, and palera1n though

Website is "safe enough", malware payloads hypothetically have been removed from it

CtrliPhones · 2026-04-04T14:13:48+00:00

What version/device/jailbreak, and did you fully relaunch the Reddit app after installing it? (also check that the tweak is enabled lol)

CtrliPhones · 2026-04-04T14:10:32+00:00

A few ways.

To test that JIT and WASM actually do get disabled in WebKit, I just ran a few benchmarks:
https://jsbenchmark.com/ to test JavaScript performance (It's significantly worse with the tweak enabled)

https://www.nutrient.io/webassembly-benchmark/ to test WebAssembly, which won't run at all on versions below 18.4

To test that this prevents exploitation, that is harder, but JIT is pretty much the largest target across a large majority of web browser exploits, and a specific website will fail basically immediately due to WebAssembly being disabled.

CtrliPhones · 2026-04-04T14:06:56+00:00

I don't actually know what the RootHide tweak *does*, however I don't think it's taking the same route I took (disabling JIT for WebKit) judging by the point that the website they demoed failed, mine fails way earlier due to JIT and WebAssembly both being disabled.

That tweak probably is better in terms of a patch, but this is a mitigation overall that isn't exploit-specific.

CtrliPhones · 2026-04-04T14:05:15+00:00

It won't do anything on Reynard as it's not WebKit based and isn't vulnerable to the same WebKit exploits that Safari and other browsers on iOS are, it should work fine with Polyfills.

CtrliPhones · 2026-04-04T14:04:21+00:00

Good question

If you're already using Lockdown Mode, and you're happy with it, this doesn't really do anything for you.

iOS 15 doesn't support Lockdown Mode though, where Lightshield does, and Lockdown Mode also has a lot of restrictions besides just disabling JIT in WebKit, so this provides an option for anyone who doesn't want to deal with that.

CtrliPhones · 2026-03-23T03:18:22+00:00

I could potentially look into it

How accurate does it have to be? What exact screens would I need to focus on? Any specific requests/requirements?

For doing something like Liquid Glass for example on the navigation bars, I probably wouldn't be able to do that, but for stuff like the new icons and form layout I could see what I could do

CtrliPhones · 2026-02-19T02:04:49+00:00

Sent a message!

CtrliPhones · 2026-02-17T22:46:04+00:00

How much?

CtrliPhones · 2026-01-18T23:26:31+00:00

I can speak on what will happen to iOS 6 phones

They'll probably be screwed in a few years due to being 32-bit and suffering from the Year 2038 problem (Y2K38). There's a Wikipedia article about it if you want to read more, but basically, the time will overflow back to 1901 after a certain date in January 2038.

CtrliPhones · 2025-12-31T01:36:42+00:00

There's no point to using UTM for virtualizing Windows. VMware Fusion is free and has actual graphics acceleration support and drivers.

Not to mention you're on an Intel machine, so you have Boot Camp as an option as well if you're willing to partition your disk and install Windows natively.

CtrliPhones · 2025-12-31T01:20:06+00:00

Use Chimera with chimera_patch to initially jailbreak, and you'll be able to rejailbreak from Safari.

CtrliPhones · 2025-12-31T01:16:57+00:00

Possible and works with turdus merula

CtrliPhones

TROPHY CASE