Google researcher discovers a new security system called BlastDoor that Apple uses to protect iMessages

BlastDoor has been designed to specifically work with iMessage, unlike other sandbox systems in iOS to protect different functions.


Apple had released its iOS 14 last year that came with new features like privacy rules, stickers, and more. The OS incorporates a new security system called BlastDoor that protects the parsing of bad data from iMessage. This security system has been discovered by a security researcher working with Google’s Project Zero. The story details are available on Google’s Project Zero blog spot. Although Apple never mentioned the details of the security system during the iOS launch in September, a security researcher went on to discover the existence of this feature via a reverse engineering project.

 Google researcher discovers a new security system called BlastDoor that Apple uses to protect iMessages

The BlastDoor feature unpacks the incoming messages and processes their content within an isolated and secured environment.

The BlastDoor system works as a sandbox to separate data processing on the messaging platform from other elements of the software that are believed to protect the user from specific attacks, carried out via the iMessage client.

Samuel Groß who was working with Google's Project Zero team as a security researcher had discovered the BlastDoor system hidden in iOS 14, who wrote a blog post mentioning the scope of the new system that protects the users from bad attacks. He discovered the new security system via a reverse engineering project using iPhone XS running iOS 14.3 and M1 Mac Mini running macOS 11.1.

BlastDoor has been designed to specifically work with iMessage, unlike other sandbox systems in iOS to protect different functions. With this, it unpacks the incoming messages and processes their content within an isolated and secured environment, hence protecting the software, even if there was a malicious code in the message.

The existing mechanism used to allow attackers to gain user data access through iMessage, but in 2019, Groß along with his security researcher Natalie Silvanovich found “zero interaction” flaws in iMessage, which allowed attackers to read content files stored on an iPhone, without requiring users to interact with any notification or message. This is likely to be addressed with the BlastDoor system now.


Find latest and upcoming tech gadgets online on Tech2 Gadgets. Get technology news, gadgets reviews & ratings. Popular gadgets including laptop, tablet and mobile specifications, features, prices, comparison.