Google researcher discovers new security system called BlastDoor that Apple uses to protect iMessages – Technology News, Firstpost

FP trendFebruary 01, 2021 4:34:06 PM IS

Apple released its iOS 14 last year that came with new features like privacy rules, stickers, and more. The operating system incorporates a new security system called BlastDoor that protects the analysis of incorrect iMessage data. This security system has been discovered by a security researcher working with Google’s Project Zero. Details of the story are available at Google Project Zero blog site. Although Apple never mentioned the details of the security system during the iOS launch in September, a security researcher discovered the existence of this feature through a reverse engineering project.

The BlastDoor function decompresses incoming messages and processes their content in an isolated and secure environment.

The BlastDoor system works as a sandbox to separate the data processing on the messaging platform from other elements of the software that are believed to protect the user from specific attacks, carried out through the iMessage client.

Samuel Groß, working with Google’s Project Zero team as a security researcher, had discovered the hidden BlastDoor system in iOS 14, who wrote a blog post mentioning the scope of the new system that protects users from bad attacks. . He discovered the new security system through a reverse engineering project using iPhone XS with iOS 14.3 and M1 Mac Mini with macOS 11.1.

BlastDoor has been designed to work specifically with iMessage, unlike other sandbox systems on iOS to protect different functions. With this, it decompresses incoming messages and processes their content within an isolated and secure environment, thus protecting the software, even if there is malicious code in the message.

The existing mechanism used to allow attackers to gain access to user data through iMessage, but in 2019, Groß together with his security researcher Natalie Silvanovich found “zero interaction” flaws in iMessage, allowing attackers to read content files stored on an iPhone, without requiring users to interact with any notifications or messages. This is likely to be fixed now with the BlastDoor system.