In the future, breakouts into the operating system through gaps in the instant messaging app should no longer be so easy. Apple installs a “BlastDoor”.
In the past few years there have been several spectacular exploits in Apple’s popular notification app iMessage. For example, there was only one case in spring 2020 in which a security researcher described how an entire iPhone could be taken over from the outside. Apple seems to take the warnings and problems seriously: Such security holes should be less dangerous in the future because the instant messaging app is better sealed off from the operating system.
The new function against iMessage exploits is called “BlastDoor”, which in German means something like explosion-proof door, as found in bunkers and safes. The new security system was integrated into the current iOS version 14 , as Google researcher Samuel Groß describes in the search company’s “Project Zero” blog. The aim is to prevent very simple attacks, such as the one alleged to have happened recently with a “zero click” exploit against journalists from the Arab region . The victims no longer even had to click on a link in the messaging app.
According to Groß, the BlastDoor routine now ensures that every incoming message is unpacked and processed in a closed, isolated area. “Any malicious code hidden in a message will not be able to interact with or harm the underlying operating system.” It is also not possible to access user data directly.
Isolate yourself so that bad code doesn’t leak through
Apple had previously done a “bad job of sanitizing incoming user data” – so problematic code could slip through, for example in texts, images, videos or sounds that arrive via iMessage. It was then possible to take over the news app as well as – with further exploits – complete takeovers of the iPhone. Big praised Apple for finally listening to information from the IT security community. It is “great” that Apple is investing such resources to increase end-user security.
Groß explains how BlastDoor works in his blog posting. The new service is written in Swift and offers a new processing pipeline for messages. Groß studied the new function under iOS 14.3 – the reverse engineering was accelerated thanks to an M1 Mac mini . BlastDoor will also come for macOS, but not all security functions seem to be active here. ( bsc )