Skip to main content

Apple iOS 14 introduces BlastDoor Sandbox security system to iMessage

In the past, there have been various instances where security researchers revealed that a “string of texts” received over SMS could crash your phone or worse, send it into a boot-loop. These kinds of exploits have been reported at least once every year for both iOS and Android smartphones but turns out, iOS 14 has a way to thwarting these kinds of exploits for good, thanks to a system called BlastDoor.

Discovered by a Google Project Zero researched named Samuel Groß, BlastDoor works by parsing all the data contained in an iMessage in a secure sandbox, isolated from the rest of the operating system. By doing so, the contents of the iMessage, if nefarious, won’t have an impact on the OS. All apps installed on an iOS device exist in their own sandboxes, which governed by very tight policies. The BlastDoor sandbox for iMessage has been designed to thwart most exploits which either use brute force or exploit the shared cache on iOS.  Groß says he found the existence of BlastDoor when investigating a hacking campaign against Al Jazeera journalists. There were instances where the hacks did not work and the common thread appeared to be the fact that they were running iOS 14 on their iPhones.

While BlastDoor sandbox definitely makes iMessage more secure, it does not do much for the traditional SMS. Last year in April 2020, a text-based exploit was discovered which could be initiated via a normal SMS. A string of characters written in Sindhi when received as an SMS would freeze iOS completely, rendering the person’s iPhone/iPad completely useless till the OS would crash, and the device could be rebooted. This was due to a bug in iOS, one which Apple has since fixed, but it highlights how the short messaging service format is still a likely vector for delivering exploits.

Messaging apps have been a popular point of intrusion into smartphones for several years now. We’ve seen text message string crash phones, brick them permanently, lock them temporarily, and in one case, even serve as a means of gaining full access to the device. The now infamous Pegasus used a vulnerability in WhatsApp, allowing the hacker full access to a target smartphone, all done remotely. The BlastDoor sandbox for iMessage introduced in iOS14 should prevent some, if not all intrusion and malicious events.



from Latest Technology News https://ift.tt/36nuZin

Comments

Popular posts from this blog

Infinix Note 40X 5G With Dimensity 6300 5G SoC, 108-Megapixel Rear Camera Launched in India: All Details

Infinix Note 40X 5G was launched in India on Monday (August 5). The latest Note series phone from the Transsion Holdings subsidiary comes with a MediaTek Dimensity 6300 5G under the hood paired with up to 12GB of RAM. The Infinix Note 40X 5G boasts a triple rear camera setup headlined by a 108-megapixel main sensor and packs a 5,000mAh battery. from Gadgets 360 https://ift.tt/ZIHkQUw

Amazon Great Indian Festival Sale 2023: Best Camera Smartphones Under Rs. 20,000

Amazon Great Indian Festival Sale 2023 is currently underway with great offers and discounts on a wide range of products. If you are on a tight budget and looking to upgrade to a smartphone with better camera features, the ongoing sale currently offers plenty of choices. Here are some of the best camera smartphones under Rs. 20,000. from Gadgets 360 https://ift.tt/AUWj8uo

Samsung Galaxy S25 Series Could Reportedly Arrive With Exynos 2500 Chip, as Samsung Attempts to Improve Yield

Samsung Galaxy S25 series could be equipped with an Exynos 2500 chipset after all, according to a South Korean publication, following reports that the company would use Qualcomm's next-generation Snapdragon mobile processor for its upcoming flagship smartphones. The firm is reportedly working on improving the yield of its chipset, with only a few months to go before t... from Gadgets 360 https://ift.tt/ZqHS8yj