Skip to main content

Apple implemented a new security system for iMessage in iOS 14

How to turn on Messages in iCloud
How to turn on Messages in iCloud (Image credit: Joseph Keller/iMore)

What you need to know

  • Apple has added a new BlastDoor security system to iMessage in iOS 14.
  • It stops malicious messages from having access to the operating system and user data.

As reported by ZDNet, Apple has added a new security system called BlastDoor to protect against malicious attacks in its iMessage messaging service.

Named BlastDoor, this new iOS security feature was discovered by Samuel Groß, a security researcher with Project Zero, a Google security team tasked with finding vulnerabilities in commonly-used software. Groß said the new BlastDoor service is a basic sandbox, a type of security service that executes code separately from the rest of the operating system. While iOS ships with multiple sandbox mechanisms, BlastDoor is a new addition that operates only at the level of the iMessage app.

The system prevents malicious code hidden within a message to have access to the operating system or a user's data. According to the report, several security researchers in the past have pointed out iMessage's lack of sanitizing incoming data in iMessage, hence the addition of the BlastDoor service.

Over the past three years, there had been multiple instances where security researchers or real-world attackers found iMessage remote code execution (RCE) bugs and abused these issues to develop exploits that allowed them to take control over an iPhone just by sending a simple text, photo, or video to someone's device.

Ios 14 Messages Groups Inline Replies Mentions

Ios 14 Messages Groups Inline Replies Mentions (Image credit: Christine Romero-Chan / iMore)

Groß says that the protection is most likely the best Apple could put in place considering its need to support older versions of iOS.

"Overall, these changes are probably very close to the best that could've been done given the need for backwards compatibility, and they should have a significant impact on the security of iMessage and the platform as a whole ... It's great to see Apple putting aside the resources for these kinds of large refactorings to improve end users' security."

Joe Wituschek
Joe Wituschek

Joe Wituschek is a Contributor at iMore. With over ten years in the technology industry, one of them being at Apple, Joe now covers the company for the website. In addition to covering breaking news, Joe also writes editorials and reviews for a range of products. He fell in love with Apple products when he got an iPod nano for Christmas almost twenty years ago. Despite being considered a "heavy" user, he has always preferred the consumer-focused products like the MacBook Air, iPad mini, and iPhone 13 mini. He will fight to the death to keep a mini iPhone in the lineup. In his free time, Joe enjoys video games, movies, photography, running, and basically everything outdoors.

1 Comment
  • Thanks Google, for recognizing the effort.