In iOS 14, a new "BlastDoor" sandbox security system has been added to iPhones and iPads to prevent attacks using the Messages application, as has now become known.
Apple has not yet announced any information regarding the new security system in iOS 14. The whole thing was only confirmed today by Samuel Gross, a security researcher from Google's Project Zero team, to ZDNet. Gross describes BlastDoor as a "tightly enclosed" sandbox service that is responsible for parsing all untrusted data in iMessages. A sandbox is a security service that runs code separately from the operating system - it works within the Messages app. In fact, BlastDoor takes a look at all incoming messages and checks their contents in a secure environment that prevents malicious code in a message from interacting with iOS or accessing user data.
BlastDoor makes iMessage significantly more secure
As you can see, most of the processing of complex, untrusted data has been moved to the new BlastDoor service. Furthermore, this design, with its 7+ services involved, allows for individual sandboxing rules to be applied, e.g. only the IMTransferAgent and apsd processes are required to perform network operations. Thus, all services in this pipeline are now properly sandboxed (with the BlastDoor service arguably the most sandboxed).
The feature is designed to thwart certain types of attacks, such as those where hackers use a shared cache or brute-force attacks. As ZDNet notes, security researchers have repeatedly discovered iMessage remote code execution bugs in recent years that make it possible to infiltrate an iPhone with just a text. For this reason, BlastDoor was integrated, a security system designed to fix exactly these problems. Groß discovered the new iOS 14 feature after investigating a news hacking campaign targeting Al Jazeera journalists. However, the attack did not work on iOS 14. He then investigated the whole thing and discovered BlastDoor. According to Groß, Apple's BlastDoor changes are "almost the best thing that could have been done given the need for backward compatibility" and make the iMessage platform significantly more secure.
iOS 14: “Structural improvements have been made”
This blog post discussed three improvements in iOS 14 that affect iMessage security: the BlastDoor service, shared cache resliding, and exponential throttling. Overall, these changes are probably very close to the best that could be done given the need for backwards compatibility, and they should have a significant impact on the security of iMessage and the platform as a whole.
It's great to see Apple putting resources aside for these kinds of major refactorings to improve end-user security. Moreover, these changes also underscore the value of offensive security work: not just fixing individual bugs, but making structural improvements based on the lessons learned from exploit development.
If you want to learn more about how BlastDoor works, you can blog post from Project Zero here. (Photo by Denys Prykhodov / Bigstockphoto)
