Apple introduced a host of new features in iOS 14 for iPhones. Some of the features introduced aimed at improving the iMessage experience. The list of new features included group conversations, inline replies, etc. While Apple did announce these features at the WWDC 2020 event, it kept one key detail under the wraps. A new report suggests that Apple has adopted a new security system called “BlastDoor” for iMessage. BlastDoor is a “basic sandbox, a type of security service that executes code separately from the rest of the operating system,” according to a security researcher. Let’s take a look at what BlastDoor is and how the new iMessage security feature works.
Apple quietly adopted a new security system called BlastDoor for iMessage in iOS 14
According to ZDNet, citing security researcher Samuel Groß, Apple added the new security system called BlastDoor in iOS 14. It is a basic sandbox that executes code separately from the rest of the operating system. BlastDoor is aimed at protecting users against attacks carried out via the iMessage instant messaging client.
Apple already ships iOS with multiple such sandbox mechanism. BlastDoor is the latest addition that operates at the level of the iMessage app.
“Its role is to take incoming messages and unpack and process their content inside a secure and isolated environment, where any malicious code hidden inside a message can’t interact or harm the underlying operating system or retrieve with user data,” the report added.
The researcher further said that iMessage has been a target of multiple attacks in the past. There had been multiple instances where security researchers or real-world attackers found iMessage bugs. They abused these issues to develop exploits that allowed them to take control over an iPhone by sending a simple text to someone’s device.
Groß probed around in iOS 14 for a week and believes Apple has taken the feedback from researchers seriously to improve the handling of incoming messages in iMessage.
“Overall, these changes are probably very close to the best that could’ve been done given the need for backwards compatibility, and they should have a significant impact on the security of iMessage and the platform as a whole,” Groß said in his blog post.