With its release iOS 14 last fall, the Apple added a new one security system in iPhone and iPad in order to enhance the protection of users from attacks carried out through it iMessage client. The new feature security of iOS 14 is called BlastDoor and was discovered by him Samuel Groß, researcher of the Google Project Zero security team. This group deals with finding vulnerabilities in known software and systems.
According to Groß, the BlastDoor is a basic sandbox, a type service security code that runs separately from the rest of the operating system.
IOS has several sandbox mechanisms, but BlastDoor is a new add-on that only works at its level application iMessage.
BlastDoor receives incoming messages and examines and processes their content in a secure and isolated environment, so that if there is malicious code hidden inside a message, it can not affect the underlying operating system or access data user.
Many security researchers have identified problems with iMessage in the past. Therefore, the BlastDoor security system is very important for the protection of iOS device.
In the last three years, both researchers security as well as cybercriminals discovered remote code execution vulnerabilities in iMessage. Criminals used these vulnerabilities to create exploits that allowed them to take control of iPhone sending a simple message, photo or video to someone's device.
The most recent attacks, via iMessage, took place last summer, and were detailed in a Citizen Lab report describing a campaign that targeted Al Jazeera staff and journalists.
According to the report, the zero-day bugs exploited by attackers ceased to be effective with the release of iOS 14, which is obviously due to the improved security system.
After reviewing the internal features of iOS 14 for a week, Groß said that Apple finally listened to the security research community and improved the way iMessage handles incoming content. adding Sandbox BlastDoor to the source code of the messaging application.
The Google researcher believes that at the moment these changes are at a very good level and that they will definitely enhance the security of iMessage and iOS in general.