iOS 14 Features New 'BlastDoor' Messages Security System

[MacRumors]

iOS 14 added a new "BlastDoor" sandbox security system to iPhones and iPads to prevent attacks carried out with the Messages app. Apple didn't share information on the new security addition, but it was explained today by Samuel Groß, a security researcher with Google's Project Zero, and highlighted by ZDNet.

Groß describes BlastDoor as a tightly sandboxed service that's responsible for parsing all of the untrusted data in iMessages. A sandbox is a security service that executes code separately from the OS, and this one operates within the Messages app.

BlastDoor takes a look at all incoming messages and inspects their content in a secure environment, which prevents any malicious code inside of a message from interacting with iOS or accessing user data.

As can be seen, the majority of the processing of complex, untrusted data has been moved into the new BlastDoor service. Furthermore, this design with its 7+ involved services allows fine-grained sandboxing rules to be applied, for example, only the IMTransferAgent and apsd processes are required to perform network operations. As such, all services in this pipeline are now properly sandboxed (with the BlastDoor service arguably being sandboxed the strongest).

The feature has been designed to thwart specific attack types, such as those where hackers used shared cache or brute force attacks. As ZDNet points out, security researchers have been finding iMessage remote code execution bugs over the past few years that could allow an iPhone to be infiltrated with just a text, which BlastDoor should address.

Groß found the new iOS 14 feature after investigating a Messages hacking campaign that targeted Al Jazeera journalists. The attack wasn't working in iOS 14, and investigating why led to his discovery of BlastDoor.

According to Groß, Apple's BlastDoor changes are "close to the best that could've been done given the need for backwards compatibility," and will make the iMessage platform significantly more secure.

This blog post discussed three improvements in iOS 14 affecting iMessage security: the BlastDoor service, resliding of the shared cache, and exponential throttling. Overall, these changes are probably very close to the best that could've been done given the need for backwards compatibility, and they should have a significant impact on the security of iMessage and the platform as a whole.

It's great to see Apple putting aside the resources for these kinds of large refactorings to improve end users' security. Furthermore, these changes also highlight the value of offensive security work: not just single bugs were fixed, but instead structural improvements were made based on insights gained from exploit development work.

Those interested in the full rundown on how BlastDoor works can visit the Project Zero blog post on the subject.

Article Link: iOS 14 Features New 'BlastDoor' Messages Security System

 

[I7guy]

Is this ios 14.0 or ios 14.x.x? Maybe hard to tell since it doesn't seem as if Apple has "touted" this core update.

In any case...good going Apple to continue to improve the security of IOS.

 

[thejadedmonkey]

What sort of backwards compatibility does he mean? The recoeiving of messages from other devices, or something else?

 

[coolfactor]

I love the fun names that Apple comes up with for these features.

 

[Hazmat401]

How am I really suppose to trust that my messages aren't being passed through a government server 🤨🤔

 

[Brandon42]

How am I really suppose to trust that my messages aren't being passed through a government server 🤨🤔

I checked with the FBI van that always parks outside and they say you can trust the government in this situation.

 

[Osamede]

How am I really suppose to trust that my messages aren't being passed through a government server 🤨🤔

Snowden is stuck in exile and still no one seems to grasp what he revealed that got him in trouble: the government ( or a least the government where he was from) collects ALL your data, everybody’s data, period.

So yeah, your messages are already on a govt server, before they hit your iPhone or any phone.

 

[Hazmat401]

Snowden is stuck in exile and still no one seems to grasp what he revealed that got him in trouble: the government ( or a least the government where he was from) collects ALL your data, everybody’s data, period.

So yeah, your messages are already on a govt server, before they hit your iPhone or any phone.

yeah.... I thought so 🤷🏾‍♂️

 

[Keymaster]

What sort of backwards compatibility does he mean? The recoeiving of messages from other devices, or something else?

The iMessages have to be compatible with the older versions of iOS, so that they still receive messages. They could probably do something different, and possibly more secure, if they rewrote iMessage from scratch and changed the message format. This seems like a good compromise that allows older versions of iOS to work while creating greater security going forward.

 

[hortod1]

Yeah but can it block spam

 

[7149041]

So yeah, your messages are already on a govt server, before they hit your iPhone or any phone.

Not with end to end encryption, they aren't - which is why everyone should care about that. And why govts are slowly gearing up to outlaw "unbreakable" encryption.

 

[innovationwho]

Yeah but can it block spam

Maybe? I’m still getting spam texts at least once a week.

 

[iOSBry]

Quite possibly explains the many new issues users have seen with iMessage in iOS 14!

 

[zakarhino]

I really wish Apple would publish more detailed, relatively technical write ups of some of the technology they work on such as this.

 

[hot-gril]

Not with end to end encryption, they aren't - which is why everyone should care about that. And why govts are slowly gearing up to outlaw "unbreakable" encryption.

We have low visibility into Apple's code, and even if it were open src, we'd not know whether their servers are always giving us the correct identities for others we message. Also, if your messages are backed up on iCloud, that's not e2ee'd, according to Apple.

Not to sound paranoid. I use it anyway. It's just not airtight.

 

[hot-gril]

I appreciate that Apple leads the way in device security. iMessage would be a smaller attack vector if they'd stop adding apps, stickers, and whatever other WeChat-like features to it, but I get why they're doing that.

Many have described third-party messaging apps as "OSs within OSs" because of how they're trying to make their own sub-platforms, complete with app ecosystems. Now Apple has literally implemented Messages as a separate OS.

 

[jimthing]

Moving on. One could guess that after a few years, as older OS versions become obsolete and they don't have to support them anymore, that this might allow them even better functionalities. Dare I say it: non-Apple OS use, and more.

 

[checker2010]

I really wish Apple would publish more detailed, relatively technical write ups of some of the technology they work on such as this.

Hopefully not. No point in giving bad actors any kind of advantage in defeating iOS security.

 

[cmaier]

Hopefully not. No point in giving bad actors any kind of advantage in defeating iOS security.

Security through obscurity is not a good strategy

 

[zakarhino]

Hopefully not. No point in giving bad actors any kind of advantage in defeating iOS security.

It turns out the opposite is true! See Linus’ Law for more!

 

[Zen_Arcade]

Security through obscurity is not a good strategy

It works in special warfare . . .

But your point is well taken.

 

[aesc80]

Groß found the new iOS 14 feature after investigating a Messages hacking campaign that targeted Al Jazeera journalists. The attack wasn't working in iOS 14, and investigating why led to his discovery of BlastDoor.

That's an odd sentence. So it's like someone was seriously trying to hack journalists, then found out "Hey, why isn't my hack working?" Well ... let me tell you why ... 🤣

 

[Letterb]

Not with end to end encryption, they aren't - which is why everyone should care about that. And why govts are slowly gearing up to outlaw "unbreakable" encryption.

The data is not encrypted at rest, so Apple can give the gov the keys to all of your messages stored in iCloud.

 

[hot-gril]

The data is not encrypted at rest, so Apple can give the gov the keys to all of your messages stored in iCloud.

It is encrypted at rest on iCloud... but they have the keys.

 

[dwaite]

The data is not encrypted at rest, so Apple can give the gov the keys to all of your messages stored in iCloud.

This is not what encrypted at rest means, but yes Apple does have the capability and has responded to legal requests with iCloud backup information.

But they also do this for normal user account recovery too.