iOS 14 Features New 'BlastDoor' Messages Security System

iOS 14 added a new "BlastDoor" sandbox security system to iPhones and iPads to prevent attacks carried out with the Messages app. Apple didn't share information on the new security addition, but it was explained today by Samuel Groß, a security researcher with Google's Project Zero, and highlighted by ZDNet.

messages pinned conversations ios 14
Groß describes BlastDoor as a tightly sandboxed service that's responsible for parsing all of the untrusted data in iMessages. A sandbox is a security service that executes code separately from the OS, and this one operates within the Messages app.

BlastDoor takes a look at all incoming messages and inspects their content in a secure environment, which prevents any malicious code inside of a message from interacting with iOS or accessing user data.

project zero blastdoor

As can be seen, the majority of the processing of complex, untrusted data has been moved into the new BlastDoor service. Furthermore, this design with its 7+ involved services allows fine-grained sandboxing rules to be applied, for example, only the IMTransferAgent and apsd processes are required to perform network operations. As such, all services in this pipeline are now properly sandboxed (with the BlastDoor service arguably being sandboxed the strongest).

The feature has been designed to thwart specific attack types, such as those where hackers used shared cache or brute force attacks. As ZDNet points out, security researchers have been finding iMessage remote code execution bugs over the past few years that could allow an iPhone to be infiltrated with just a text, which BlastDoor should address.

Groß found the new iOS 14 feature after investigating a Messages hacking campaign that targeted Al Jazeera journalists. The attack wasn't working in iOS 14, and investigating why led to his discovery of BlastDoor.

According to Groß, Apple's BlastDoor changes are "close to the best that could've been done given the need for backwards compatibility," and will make the iMessage platform significantly more secure.

This blog post discussed three improvements in iOS 14 affecting iMessage security: the BlastDoor service, resliding of the shared cache, and exponential throttling. Overall, these changes are probably very close to the best that could've been done given the need for backwards compatibility, and they should have a significant impact on the security of iMessage and the platform as a whole.

It's great to see Apple putting aside the resources for these kinds of large refactorings to improve end users' security. Furthermore, these changes also highlight the value of offensive security work: not just single bugs were fixed, but instead structural improvements were made based on insights gained from exploit development work.

Those interested in the full rundown on how BlastDoor works can visit the Project Zero blog post on the subject.

Popular Stories

Generic iOS 18 Feature Real Mock

Apple Shares Full List of Over 250 New Features and Changes Coming With iOS 18

Wednesday September 11, 2024 7:16 am PDT by
Following its iPhone 16 event on Monday, Apple shared a PDF on its website with a list of all new features and changes coming with iOS 18. The list includes many features that were already announced, including Apple Intelligence, new customization options for the Home Screen and Control Center, a redesigned Photos app, several enhancements to the Messages app, a Passwords app, and more....
Beyond iPhone 13 Better Blue Face ID Single Camera Hole

10 Reasons to Wait for Next Year's iPhone 17

Friday September 13, 2024 2:40 am PDT by
Apple's iPhone development roadmap runs several years into the future and the company is continually working with suppliers on several successive iPhone models simultaneously, which is why we sometimes get rumored feature leaks so far ahead of launch. The iPhone 17 series is no different – already we have some idea of what to expect from Apple's 2025 smartphone lineup. If you plan to skip...
iphone 16 pro models 1

Skipping the iPhone 16 Pro? Here's What's Rumored for iPhone 17 Pro

Wednesday September 11, 2024 8:20 am PDT by
Will you be skipping the iPhone 16 Pro and waiting another year to upgrade? If so, we already have some iPhone 17 Pro rumors for you. Below, we recap key new features rumored for the iPhone 17 Pro models so far: 24MP front camera for all iPhone 17 models: All four iPhone 17 models will feature an upgraded 24-megapixel front-facing camera, according to Apple supply chain analysts Ming-Chi...
iphone 16 pro colors 1

Here's When iPhone 16 Pre-Orders Begin in Every Time Zone

Thursday September 12, 2024 6:12 am PDT by
Pre-orders for the iPhone 16, ‌iPhone 16‌ Plus, iPhone 16 Pro, and ‌iPhone 16 Pro‌ Max are set to begin on Friday, September 13 at 5:00 a.m. Pacific Time, with the new devices set to become available in multiple countries around the world simultaneously. We've compiled pre-order times for various countries to help MacRumors readers be among the first to order. This list isn't...
iphone 16 pro apple intelligence

iPhone 16 Pro and Pro Max Shipping Estimates Extending Into October

Friday September 13, 2024 5:48 am PDT by
Apple began accepting pre-orders for all four new iPhone 16 models today, and shipping estimates for the iPhone 16 Pro and Pro Max on Apple's online store in the U.S. are already beginning to slip into October for many configurations. As of 6:45 a.m. Pacific Time, the iPhone 16 Pro and Pro Max were facing a 2-4 week shipping delay for some configurations on Apple's online store, with...
iphone 16 pro apple intelligence

Apple Intelligence Features Expected to Roll Out in This Order Between iOS 18.1 and iOS 18.4

Friday September 13, 2024 1:01 pm PDT by
iOS 18 will be released to the public on Monday, but the first Apple Intelligence features will not be available until iOS 18.1 is released in October. Apple Intelligence features will continue to roll out in iOS 18.2 and beyond, with the expected roadmap outlined below per Apple's website and rumors. Apple Intelligence requires an iPhone 15 Pro model or any iPhone 16 model, and it will...

Top Rated Comments

Brandon42 Avatar
47 months ago

How am I really suppose to trust that my messages aren't being passed through a government server ??
I checked with the FBI van that always parks outside and they say you can trust the government in this situation.
Score: 44 Votes (Like | Disagree)
7149041 Avatar
47 months ago

So yeah, your messages are already on a govt server, before they hit your iPhone or any phone.
Not with end to end encryption, they aren't - which is why everyone should care about that. And why govts are slowly gearing up to outlaw "unbreakable" encryption.
Score: 15 Votes (Like | Disagree)
Osamede Avatar
47 months ago

How am I really suppose to trust that my messages aren't being passed through a government server ??
Snowden is stuck in exile and still no one seems to grasp what he revealed that got him in trouble: the government ( or a least the government where he was from) collects ALL your data, everybody’s data, period.

So yeah, your messages are already on a govt server, before they hit your iPhone or any phone.
Score: 12 Votes (Like | Disagree)
cmaier Avatar
47 months ago

Hopefully not. No point in giving bad actors any kind of advantage in defeating iOS security.
Security through obscurity is not a good strategy
Score: 12 Votes (Like | Disagree)
coolfactor Avatar
47 months ago
I love the fun names that Apple comes up with for these features.
Score: 8 Votes (Like | Disagree)
hot-gril Avatar
47 months ago

Not with end to end encryption, they aren't - which is why everyone should care about that. And why govts are slowly gearing up to outlaw "unbreakable" encryption.
We have low visibility into Apple's code, and even if it were open src, we'd not know whether their servers are always giving us the correct identities for others we message. Also, if your messages are backed up on iCloud, that's not e2ee'd, according to Apple.

Not to sound paranoid. I use it anyway. It's just not airtight.
Score: 6 Votes (Like | Disagree)