Apple's iOS 14 integrates new Messages security sandbox called BlastDoor
Apple's iOS 14 operating system includes a new security sandbox system designed to protect Messages users from potentially malicious code, according to new research shared on Thursday.
Discovered by Samuel Groß, a member of Google's Project Zero team, the new sandbox is named BlastDoor and is restricted to the Messages level of iOS, reports ZDNet.
BlastDoor quietly shipped with iOS 14 last year, though Apple has not publicly referenced the security feature. Groß detailed the "tightly sandboxed" service in a blog post today.
Written in the relatively safe Swift programming language, BlastDoor is responsible for parsing nearly all untrusted data in Messages, Groß says. Prior to iOS 14, steps like decompressing binary data, decoding the plist from a binary serialization format, field extraction, and decoding of the "x" key were all performed by
According to Groß, the sandbox prohibits communication with most IPC services, blocks nearly all file system interaction, forbids any interaction with IOKit drivers and denies outbound network traffic. Essentially, the system unpacks content -- both text and attachments -- in a safe environment and prevents malicious code from interacting with iOS or accessing local data.
"Overall, these changes are probably very close to the best that could've been done given the need for backwards compatibility, and they should have a significant impact on the security of iMessage and the platform as a whole," Groß writes, noting that Messages in iOS 14 also allows for resliding of the shared cache and exponential throttling. "It's great to see Apple putting aside the resources for these kinds of large refactorings to improve end users' security."
The security researcher was tipped off to the new security protocol after reading a report from University of Toronto's Citizen Lab that detailed a Messages vulnerability leveraged to infiltrate and spy on journalists' iPhones. Called "Kismet," the exploit was in circulation for at least a year before being neutralized with the release of iOS 14.
Along with security improvements, Apple introduced a number of user-facing features to Messages in its latest mobile OS including pinned conversations, chat threads, and inline mentions.
Discovered by Samuel Groß, a member of Google's Project Zero team, the new sandbox is named BlastDoor and is restricted to the Messages level of iOS, reports ZDNet.
BlastDoor quietly shipped with iOS 14 last year, though Apple has not publicly referenced the security feature. Groß detailed the "tightly sandboxed" service in a blog post today.
Written in the relatively safe Swift programming language, BlastDoor is responsible for parsing nearly all untrusted data in Messages, Groß says. Prior to iOS 14, steps like decompressing binary data, decoding the plist from a binary serialization format, field extraction, and decoding of the "x" key were all performed by
imagent. Now, imagent is at the head of the processing flow, but critical operations are forwarded to BlastDoor. According to Groß, the sandbox prohibits communication with most IPC services, blocks nearly all file system interaction, forbids any interaction with IOKit drivers and denies outbound network traffic. Essentially, the system unpacks content -- both text and attachments -- in a safe environment and prevents malicious code from interacting with iOS or accessing local data.
"Overall, these changes are probably very close to the best that could've been done given the need for backwards compatibility, and they should have a significant impact on the security of iMessage and the platform as a whole," Groß writes, noting that Messages in iOS 14 also allows for resliding of the shared cache and exponential throttling. "It's great to see Apple putting aside the resources for these kinds of large refactorings to improve end users' security."
The security researcher was tipped off to the new security protocol after reading a report from University of Toronto's Citizen Lab that detailed a Messages vulnerability leveraged to infiltrate and spy on journalists' iPhones. Called "Kismet," the exploit was in circulation for at least a year before being neutralized with the release of iOS 14.
Along with security improvements, Apple introduced a number of user-facing features to Messages in its latest mobile OS including pinned conversations, chat threads, and inline mentions.
Comments
For any IM app to be truly successful, it has to be cross platform and completely transparent to the user.
I do not know anyone that uses Messages and FB ToS problems aside, WhatsApp is still one of the most downloaded apps on iOS.
No, it's not impossible. Do it all the time.
They also need to improve the sync between devices on the same account. When you delete a message on one device it should delete on all. When a spam shows up and I delete it on my iPad or iPhone it does not always disappear from my watch and had to be deleted manually.
I would like to see a whitelisting option on messages.
They can be free in some plans but not in others. There is also a limit of 300kb on most messages and no guarantee that the receiver will actually see them in the same way as you see them. There are also security issues linked to some MMS. That's one of the reasons many people have them deactivated at carrier level.
They have been rendered useless by modern IM apps which benefit from being self contained platforms where what you see is what you get no hidden charges. Some carriers even went as far as separating IM traffic from the subscribers data cuota.
Of course, one of the strongest points has always been the cross platform nature of IM apps, with the notable and limiting exception of Messages.
All of the bolded works for me across multiple Macs, 2 x iPads & 1 x iPhone. Do you have it turned on?