iOS 14 has added a new “BlastDoor” sandbox security system to iPhones and iPads to prevent attacks with the Messages app. Apple did not share information about the new security supplement, but it was explained today by Samuel Groß, a security researcher at Google’s Project Zero, and highlighted by ZDNet.
/article-new/2020/06/messages-pinned-conversations-ios-14.jpg?resize=560%2C410&ssl=1)
Groß describes BlastDoor as a rigorous sandbox service responsible for analyzing all the unreliable data in iMessages. A sandbox is a security service that executes code separately from the operating system, and it is operated within the Messages app.
BlastDoor views all incoming messages and inspects their contents in a secure environment, which prevents any malicious code in a message from interacting with iOS or accessing user data.
/article-new/2021/01/project-zero-blastdoor.jpg?resize=560%2C458&ssl=1)
As can be seen, the majority of the processing of complicated, unreliable data has been transferred to the new BlastDoor service. Furthermore, this design with its 7+ involved services allows to apply fine sandbox rules, for example only the IMTransferAgent and apsd processes are needed to perform network operations. As such, all services in this pipeline are now properly sandboxed (with the BlastDoor service probably the strongest).
The feature is designed to thwart specific attack types, such as those where hackers used shared cache or brute force attacks. As ZDNet points out that security researchers have found bugs in the implementation of iMessage code over the past few years, which could allow an iPhone to infiltrate only text that BlastDoor should address.
Groß found the new iOS 14 feature after investigating a Messaging hacking campaign targeted by Al Jazeera journalists. The attack did not work in OSiOS 14, investigating why he discovered BlastDoor.
According to Groß, Apple’s BlastDoor changes are ‘almost the best that could have been done, given the need for backward compatibility’, and will make the iMessage platform significantly more secure.
This blog post discussed three improvements in iniOS 14 that affect iMessage security: the BlastDoor service, the shared cache move, and exponential rape. Overall, these changes are probably very close to the best that could have been done, given the need for backward compatibility, and this would have a significant impact on the security of iMessage and the platform as a whole.
It’s amazing to see how Apple sets aside resources for these kinds of big factors to improve end-user safety. Furthermore, these changes also emphasize the value of offensive security work: not only were some bugs repaired, but structural improvements were made based on the insights gained from development work.
Those interested in the full explanation of how BlastDoor works can visit the Project Zero blog post on the topic.