- Apple quietly added a new iMessage security feature called BlastDoor in iOS 14.
- BlastDoor is a new sandbox in iMessage that receives and cleans up all iMessage content before it is displayed to the user.
- The security feature prevents attacks via iMessage, which may contain malicious code for spying on iPhones.
One of the most important apps on any phone, regardless of the model or operating system, is the messaging app. Most people likely use a collection of text messaging apps to keep in touch with friends and family. These apps have evolved into sophisticated apps over the years and offer a number of advanced features to improve the chat experience. Whether it’s iMessage on an iPhone, Google Messages on Android or WhatsApp, Signal, Telegram and many others on both platforms, these apps offer essentially the same functionality. Many protect chats with end-to-end encryption, and most of them support rich texting, file sharing, emojis, voice messages, voice calls, and integration with many other apps.
But because SMS is so popular on smartphones, it is also a great gateway for hackers who develop all kinds of malicious attacks that can spread through chat apps. And Apple has tacitly addressed this very issue, a new report shows. The company added an amazing new feature to iMessage in iOS 14 and iPadOS 14 that we’ll never notice. It’s called BlasstDoor, a fitting name for what the function is supposed to do.
Today’s top offer Purell is still so hard to find in stores – but there are deep discounts on Amazon! List price:$ 75.60 Price:51.90 USD (0.54 USD / bottle oz) You save:$ 23.70 (31%) BGR is available on Amazon and may receive a commission Available at Amazon BGR can receive a commission
When Tony Stark asks his AI on Friday to activate the “Armed Door” protocol EndgameAn armor shield envelops the Avengers headquarters. That’s because they will try to do something that has never been done before, which could lead to a great wave of destruction. There’s no guarantee that the armor will actually hold back a possible explosion, but Stark tries anyway. Marvel fans will surely remember the scene while others will not know what all of this means.
The essence of BlastDoor is similar. Everything that comes in through iMessage is stored in a safe place intended to contain threats that hackers may contain in messages. Sophisticated information bombs can allow hackers to attack unsuspecting iPhone users, but BlastDoor will now stop all of that. The new security feature is amazing and is no doubt copied by other operating systems and chat apps. After all, hackers target all devices and programs, not just Apple’s.
It’s understandable why Apple never mentioned anything about BlastDoor during WWDC 2020 when the first final version of iOS 14 shipped. This is Apple’s new step in an ongoing security battle with attackers. There’s no point showing your hand when it comes to BlastDoor. It’s not a feature that device owners actively use or that iOS developers need to consider. Everything should work passively in the background and protect everyone. If security experts like the staff at Google Zero Lab discover this, it will be different – and hackers might find it too if they discover that their weaponized messages are not producing the desired effect.
Last year, One report showed that hackers were targeting journalists via iMessage code that made spying possible without the recipient having to do anything. The problem was fixed in iOS 14, however, so Google researcher Samuel Groß wanted to find out how Apple mitigated the problem. This is how he found BlastDoor, a feature that works behind the scenes with iMessage content. It is a sandbox functionality, similar to other sandboxes in iOS. BlastDoor unpacks and processes the contents of all incoming messages in an isolated environment so that a malicious payload cannot attack the operating system. In other words, every attachment and code that comes in through iMessage, whether it’s the actual text, the links or the files, is cleaned up in this closed environment.
If you haven’t upgraded to iOS 14, BlastDoor is an excellent reason to do so, especially if you’re an iPhone user who might be someone else’s target.
“Overall, these changes are likely very close to the best that could have been made given the need for backward compatibility, and they should have a significant impact on the security of iMessage and the platform as a whole,” the Googler wrote. “It’s great to see Apple putting resources aside for these types of major remodeling to improve end-user security. In addition, these changes also underline the value of offensive security work: Not only were individual bugs fixed, but structural improvements were made based on findings from the exploit development work. “
Groß’s blog post about the new iMessage security feature is available with this link.