Google reveals Apple's BlastDoor security feature |
Google released details of a new security mechanism called BlastDoor that Apple added to iOS 14 as a countermeasure to prevent newly discovered attacks from exploiting vulnerabilities in its messaging app.
Samuel Groß, Security Researcher at Project Zero, revealed better protection of iMessage data. The team consists of security researchers from Google and is responsible for investigating vulnerabilities in hardware and software systems.
According to Gross, one of the most significant changes in iOS 14 is the introduction of the new BlastDoor service, which is now responsible for all analyzes of untrusted data in iMessages.
He also added that the service is written in Swift, a (often) memory-safe language that makes it extremely difficult to capture typical vulnerabilities in a code base.
The result of this development is the result of exploiting this vulnerability, which exploited the iMessage vulnerability in iOS 13.5.1 and bypassed cyber espionage security measures against journalists last year.
Citizen Lab researchers who discovered the attack last month believe the exploit method doesn't work on iOS 14, which includes new security protections.
According to Gross, BlastDoor was at the heart of the new security protections. He analyzed the changes made in one week as part of a project to reverse the architecture of the Mac Mini M1 on macOS 11.1 and iPhone XS on iOS 14.3.
When an incoming iMessage arrives, it passes through several services, the most important of which is APSD and a background process called Imager which is responsible for decrypting the message content, downloading attachments through a separate service, and processing links to be called again. SpringBoard To view notifications visit the website above.
BlastDoor's mission is to analyze all these incoming messages in a secure automated environment to prevent malicious code in the messages from interacting with the rest of the operating system or accessing user data.
In other words, by moving most of the processing tasks from image processing to the BlastDoor function, the specially designed messages sent to the destination no longer interact with the file system or perform network operations.
Gross noted that the sandbox profile is very narrow and can only access some local IPC services. Almost all file system interactions are blocked. Any interaction with the IOKit driver is prohibited and access to outgoing networks is denied.
To delay restarting services that were later interrupted, Apple also introduced a new restriction feature to limit the number of retries an attacker can get when trying to exploit the vulnerability by changing the time between two consecutive brutal attack attempts.
With this change, Gross said, exploits that rely on interruptions to frequently attacked services can take hours to about half a day instead of minutes.