Apple released iOS 14 last fall, introducing a new sandbox security mechanism for its iPhone/iPad to protect users from attacks on the iMessage instant messaging client. This feature is called BlastDoor. According to Samuel Groß, a researcher from Google's Project Zero security team, the security of the iMessage messaging service in the iOS mobile operating system was not good enough. It is reported that the Google Project Zero team is particularly good at discovering various security vulnerabilities in commonly used software. Their latest research result is to find a security service vulnerability in the iMessage messaging application in iOS. Some security researchers have previously pointed out that the iMessage service does a poor job of data processing for incoming messages, and Apple has finally introduced solutions such as BlastDoor in iOS 14. There are many sandbox mechanisms in the iOS mobile operating system, but BlastDoor is specifically designed for the iMessage messaging app to isolate the execution of the software from other code in the iOS 14 system. BlastDorothy is envisioned to allow incoming message content to be decompressed and processed in a secure, isolated environment, without any malicious code contained therein being able to interact with, damage, or retrieve user data from the underlying system. However, in the past three years alone, we have seen many remote code execution attacks (RCE) against iMessage, and even someone has developed tools to abuse related vulnerabilities. Victims may only receive a simple text message, causing their device to be hijacked and photos or videos to be sent to others. The most recent example was the hacking campaign against Al Jazeera staff and journalists detailed in last summer’s The Great iPwn report by Citizen Lab. But Groß noticed that after the release of iOS 14, attackers’ zero-day exploits seemed to have quieted down. Apparently, Apple officials are also aware of this problem and have introduced improved security defenses in iOS 14. After a week of in-depth research on the relevant work, he finally believed that Apple had listened to the general opinions in the security research field. |
<<: 20 niche treasure APPs, work and life are not affected, grow quietly in 5 minutes every day
>>: Flyme security guide! Use it now
As the end of the year draws closer, optimizers a...
[[134951]] With 9 years of experience in JAVA tec...
The annual college entrance examination and high ...
“This is obviously marketing !” — This is the rea...
With the rapid development of the Internet, more ...
Stars that brighten and dim In 2021, Matthew Kenw...
This year, Apple enhanced the waterproof performa...
In the Middle Ages, Western medicine was largely ...
With the development of App development technolog...
Not long ago, Tencent invested in Kuaishou , whic...
Compared with the endless noise of domestic brand...
As one of the absolute mainstream channels for AP...
Every 15 years, a major new technology platform e...
Product operation is basically a general term for...
How long has it been since you turned off your ph...