Apple has finally fixed an old iMessage design flaw in iOS 14 with ‘BlastDoor’ protection, Google researcher claims
Code related to iMessage will thus execute in a separate ‘sandbox’ which should prevent any malicious code received by an attacker from directly infecting the system.
After years of various attacks targeting iMessage, its popular device-exclusive messenger service, Apple finally went ahead and set up a ‘sandbox' around the service in the latest operating system update to iOS 14, according to a researcher at Google's Project Zero team.
While this feature shipped with iOS 14 last year, the existence of the sandbox, which has been aptly termed BlastDoor, was only discovered recently by Samuel Groß, a researcher from Google's security vulnerability research team, Project Zero.
The researcher published the findings on the Project Zero Blog recently, revealing that the BlastDoor service will cordon off the iOS operating system from the workings of the messaging service. Code related to iMessage will thus execute in a separate sandbox, which should prevent any malicious code received by an attacker from directly infecting the system.
“The content of this blog post is the result of a roughly one-week reverse engineering project, mostly performed on a M1 Mac Mini running macOS 11.1, with the results, where possible, verified to also apply to iOS 14.3, running on an iPhone XS,” Groß wrote in a post titled ‘A Look at iMessage in iOS 14' on Thursday.
However, the existence of the sandbox does not guarantee security as malicious code will still attempt to ‘escape' the sandbox and infect a system. Google and Apple have already sandboxed several parts of the OS, and Apple will have to keep strengthening the newly introduced one with further updates.
In late December, a cybersecurity research group in Canada called Citizen Lab revealed that since 2019, the phones of “at least” 36 Al Jazeera staff including journalists, producers, anchors and executives, plus another reporter with Al Araby TV, were hacked by taking advantage of a security flaw in the iMessage app. The attack was allegedly carried out using software created by NSO Group, the same company behind the Pegasus spyware, but the company had denied the claims.
Citizen Lab had stated that the attacks worked on all previous iOS versions up to version 13.5.1 and that they stopped working on devices that were updated to iOS 14, thanks to a slew of security mitigations that were implemented by Apple in the latest release. The addition of the sandbox to