Google researchers discover Apple introduced improved iMessage security for iOS 14

Google researchers discover Apple introduced improved iMessage security for iOS 14

Apple released iOS 14 last fall, introducing a new sandbox security mechanism for its iPhone/iPad to protect users from attacks on the iMessage instant messaging client. This feature is called BlastDoor. According to Samuel Groß, a researcher from Google's Project Zero security team, the security of the iMessage messaging service in the iOS mobile operating system was not good enough.

(Source: Google Blog)

It is reported that the Google Project Zero team is particularly good at discovering various security vulnerabilities in commonly used software. Their latest research result is to find a security service vulnerability in the iMessage messaging application in iOS.

Some security researchers have previously pointed out that the iMessage service does a poor job of data processing for incoming messages, and Apple has finally introduced solutions such as BlastDoor in iOS 14.

There are many sandbox mechanisms in the iOS mobile operating system, but BlastDoor is specifically designed for the iMessage messaging app to isolate the execution of the software from other code in the iOS 14 system.

BlastDorothy is envisioned to allow incoming message content to be decompressed and processed in a secure, isolated environment, without any malicious code contained therein being able to interact with, damage, or retrieve user data from the underlying system.

However, in the past three years alone, we have seen many remote code execution attacks (RCE) against iMessage, and even someone has developed tools to abuse related vulnerabilities. Victims may only receive a simple text message, causing their device to be hijacked and photos or videos to be sent to others.

The most recent example was the hacking campaign against Al Jazeera staff and journalists detailed in last summer’s The Great iPwn report by Citizen Lab. But Groß noticed that after the release of iOS 14, attackers’ zero-day exploits seemed to have quieted down.

Apparently, Apple officials are also aware of this problem and have introduced improved security defenses in iOS 14. After a week of in-depth research on the relevant work, he finally believed that Apple had listened to the general opinions in the security research field.

<<:  20 niche treasure APPs, work and life are not affected, grow quietly in 5 minutes every day

>>:  Flyme security guide! Use it now

Recommend

What's special about Microsoft Edge browser?

When Windows 10 arrives, the default browser will...

The 6 core components of fission marketing!

Many activities seem to have been done, and time ...

Why new genomic data has the potential to rewrite the history of human evolution

Where do we come from? This question has always p...

The 4 Essentials of Metaverse Marketing

The metaverse sounds grand. It feels like metaver...

Please, stop putting eye drops in your eyeballs!

Eye drops moisturize the dry eyes of modern peopl...

A set of online event planning templates

As we enter 2022, the epidemic, which had been do...

Why doesn't it rain diamonds on Earth?

Recently, a US scientific research team inferred ...

Is the ultimate goal of the virus to kill the host or to coexist with the host?

Viruses are 100 times smaller than bacteria, whic...

How to build user portraits for online education!

The implementation of the data-driven operation c...