Apple released iOS 14 last fall, introducing a new sandbox security mechanism for its iPhone/iPad to protect users from attacks on the iMessage instant messaging client. This feature is called BlastDoor. According to Samuel Groß, a researcher from Google's Project Zero security team, the security of the iMessage messaging service in the iOS mobile operating system was not good enough. It is reported that the Google Project Zero team is particularly good at discovering various security vulnerabilities in commonly used software. Their latest research result is to find a security service vulnerability in the iMessage messaging application in iOS. Some security researchers have previously pointed out that the iMessage service does a poor job of data processing for incoming messages, and Apple has finally introduced solutions such as BlastDoor in iOS 14. There are many sandbox mechanisms in the iOS mobile operating system, but BlastDoor is specifically designed for the iMessage messaging app to isolate the execution of the software from other code in the iOS 14 system. BlastDorothy is envisioned to allow incoming message content to be decompressed and processed in a secure, isolated environment, without any malicious code contained therein being able to interact with, damage, or retrieve user data from the underlying system. However, in the past three years alone, we have seen many remote code execution attacks (RCE) against iMessage, and even someone has developed tools to abuse related vulnerabilities. Victims may only receive a simple text message, causing their device to be hijacked and photos or videos to be sent to others. The most recent example was the hacking campaign against Al Jazeera staff and journalists detailed in last summer’s The Great iPwn report by Citizen Lab. But Groß noticed that after the release of iOS 14, attackers’ zero-day exploits seemed to have quieted down. Apparently, Apple officials are also aware of this problem and have introduced improved security defenses in iOS 14. After a week of in-depth research on the relevant work, he finally believed that Apple had listened to the general opinions in the security research field. |
<<: 20 niche treasure APPs, work and life are not affected, grow quietly in 5 minutes every day
>>: Flyme security guide! Use it now
Cai Zhongyang's mobile phone photography colo...
Basic hardware requirements for iPhone weighing N...
The emergence of smartphones has overturned tradi...
In the market segments of various advertising cha...
Seeing the world through our eyes is an innate ab...
In the early morning of March 18, the second Andr...
To put it simply, bidding means spending money to...
Great Wall Motors' recent sales are not optim...
There are many online earning projects. It is rec...
A good account structure, like a solid foundation...
Recently, McLaren unveiled its lightweight versio...
Before I did it, I had heard of various methods o...
So far, the list of members of the "Lunar So...
Author: Hao Yun Reviewer: Zhong Kai, Director of ...
According to foreign media reports, although the ...