Apple has added a new security system in iOS with the new update to protect iPhone and iPad users against cyber-attacks via iMessage. Called BlastDoor and discovered by a security researcher with the Google Project Zero team in the iOS 14 update, the new security system is a basic sandbox.
"One of the major changes in iOS 14 is the introduction of a new, tightly sandboxed ‘BlastDoor' service which is now responsible for almost all parsing of untrusted data in iMessages," Samuel Groß, Project Zero, wrote in a blog post on Thursday.
"Furthermore, this service is written in Swift, a (mostly) memory safe language which makes it significantly harder to introduce classic memory corruption vulnerabilities into the code base," he informed.
He discussed three improvements in iOS 14 affecting iMessage security: the BlastDoor service, resliding of the shared cache, and exponential throttling.
"Overall, these changes are probably very close to the best that could've been done given the need for backwards compatibility, and they should have a significant impact on the security of iMessage and the platform as a whole," the security researcher noted.
"It's great to see Apple putting aside the resources for these kinds of large refactorings to improve end users' security," he added.
iMessages are texts, photos, or videos that you send to another iPhone, iPad, iPod touch, or Mac over Wi-Fi or cellular-data networks. These messages are always encrypted and appear in blue text bubbles.