Google researchers discover that iOS 14 has a sandbox-type security system 'Blast Door'



According to Samuel Groschen, a member of the Google security team 'Project Zero', Apple's iOS 14 has a security sandbox ' BlastDoor ' to protect users from attacks via iMessage. It was discovered.

Project Zero: A Look at iMessage in iOS 14

https://googleprojectzero.blogspot.com/2021/01/a-look-at-imessage-in-ios-14.html

Google researcher discovers new iOS security system | ZDNet
https://www.zdnet.com/article/google-researcher-discovers-new-ios-security-system/


According to Groschen, Blast Door is responsible for parsing untrusted data in messages. Before iOS 14, decompression of binary data, decoding of plist from binary serialization format, field extraction, etc. were all done by a process called immediate. However, from iOS 14, everything will be transferred to Blast Door.

BlastDoor receives incoming messages and unzips and processes the content in a secure and isolated environment. This prevents malicious code from being hidden in the message, interacting with or harming the operating system, or retrieving the user's personal information.



Citizen Lab , a security research institute at the University of Toronto, has pointed out that iMessage on iOS has a vulnerability called zero-click exploit that can infect spyware without the user doing anything.

Journalists hacked by government for 'zero-click vulnerability' hidden in iPhone iMessage-GIGAZINE



When Groschen read Citizen Lab's report and was curious about the internal structure of iOS 14, it turned out that the zero-day attack reported by Citizen Lab was no longer valid from iOS 14. Upon further investigation, he found Blast Door.

'Overall, given the need for backward compatibility, BlastDoor is close to the best feasible and should have a significant impact on iMessage and overall platform security. Apple is a major refactoring. It's great to put off our resources and improve end-user security, 'he said.

in Mobile,   Security, Posted by log1i_yk