Apple has implemented an additional layer of security for iMessage in iOS 14 called ‘BlastDoor’, which should theoretically work to disable the number of security flaws that were being exploited over the past few years, mostly related to user input.
Previously, a special combination of characters or a specific photo could be used to exploit iMessage. Apple kept patching the various holes, but it turns out that it was working in parallel on a long-term solution which is the ‘BlastDoor’ system that runs as a service on top of the existing sandbox that iOS 14 apps reside in.
Apple adds new measures, including ‘BlastDoor’, to protect iMessage in iOS 14 from security attacks
As per a blog post by Google’s Project Zero team, a team of researchers that finds vulnerabilities in popular software and hardware around the world, ‘BlastDoor’ is one of the biggest changes in iOS 14, which Apple did not talk about when announcing the update.
As per Project Zero:
One of the major changes in iOS 14 is the introduction of a new, tightly sandboxed “BlastDoor” service which is now responsible for almost all parsing of untrusted data in iMessages (for example, NSKeyedArchiver payloads). Furthermore, this service is written in Swift, a (mostly) memory safe language which makes it significantly harder to introduce classic memory corruption vulnerabilities into the code base.
Along with ‘BlastDoor’, Apple has also implemented two more changes including ‘Re-randomization of the Dyld Shared Cache Region’ and ‘Exponential Throttling to Slow Down Brute Force Attacks’. Both of these additional changes help protect again 0-click and brute force attacks, which makes it more difficult for security vulnerabilities to be exploited.
Apple’s move to create these additional security measures has been praised by the Project Zero team as these have been proactive measures through architectural changes to the software, rather than just patching existing issues as and when they are found.
Overall, these changes are probably very close to the best that could’ve been done given the need for backwards compatibility, and they should have a significant impact on the security of iMessage and the platform as a whole. It’s great to see Apple putting aside the resources for these kinds of large refactorings to improve end users’ security. Furthermore, these changes also highlight the value of offensive security work: not just single bugs were fixed, but instead structural improvements were made based on insights gained from exploit development work.
Check out our previous coverage of all the new features in iMessage on iOS 14 and iPadOS 14.