A dig into Apple’s new iOS 14 by a researcher at Google’s Project Zero led to the discovery of BlastDoor, Apple’s new sandboxed environment for safeguarding iMessage. This new addition will have a sneak peek into users’ iMessage content, and thwarts any potential malicious links, that could hack the users’ device.
Apple’s New Security Feature for iMessage
While Apple is picked by most users for its commitment to security and privacy policies, the recent attacks on Al Jazeera journalists has triggered the community to believe nothing is safe. While these attacks via iMessage happened again to users using iOS 13 and below, iOS 14 users remained safe.
This is because Apple has introduced a new security feature called BlastDoor in iMessage, which is a sandboxing feature to test the malicious content in iMessage and protect the device from being infected with any malicious software. Though Apple hasn’t advertised about this, Samuel Groß, a security researcher at Google’s Project Zero uncovered it lately.
He explained this as a best practice, since sandbox software by nature is independent, and run anything put into them without basing on the system OS. Here, any messages (texts and URLs) sent through iMessage by a user will be encrypted, stored on iCloud servers, and put through the BlastDoor of the receiver’s iMessage while unpacking.
Before decrypting the message, the BlastDoor service will check the content for any malicious code and may run it in its sandbox environment without relating to the iOS. Thus, anything spotter will be safely killed inside it, or be a warning to the user. This has been so useful since clicking on suspicious links may sometimes lead to hacking of the device.
Many have done so earlier and fallen into the traps of phishing campaigns or downloading backdoor malware. Researchers are now wishing this BlastDoor feature be backward compatible to safeguard other versions of the iOS too.