Min menu


What is BlastDoor security in the iMessage app and how does it work?


Messaging is one of the most important applications in any smartphone, whether it's iMessage in iPhone, messages in Android phones, as well as other messaging apps, such as WhatsApp, Signal, and Telegram, most of which offer advanced features to improve the communication experience.

But since the use of messaging apps is very common in smartphones, they are targeted by cybercriminals who create all sorts of malware that can spread through messages sent through these applications.

In this regard, a new report showed that Apple is quietly dealing with this particular problem, adding a new feature to the iMessage app in the iOS 14 and iPadOS 14 version that will protect message content more securely.

But what has Apple done in iOS 14 to protect you?

A report published at the end of 2020 revealed that an unknown vulnerability in the iMessage app was exploited to hack into the iPhone of dozens of journalists, enabling hackers to hack into phones without any interaction from the target, without leaving any visible traces.

But Apple said it has fixed this gap in the release of iOS 14 and iPad 14, which is why security researcher Samuel Groß, who works at Project Zero, a team of Security Researchers at Google tasked with studying vulnerabilities in hardware and software systems, has been working to find out how Apple has fixed the problem.

Where the security researcher discovered that Apple has added a new feature in the operating system (iOS 14) running in the background with the content of an application (iMessage) called (BlastDoor), this feature removes the contents of all incoming messages and examines them in an isolated environment, download attachments through a separate service and deal with links to websites, thus ensuring that no malicious software sneaks into the operating system.

In other words, BlastDoor will check all messages received via the iMessage app — whether text, links, or files — in a secure and protected environment, preventing any malicious code within the message from interacting with the rest of the operating system or accessing user data,

Messages specifically designed to penetrate the iPhone, either through user interaction or non-interaction, cannot affect the iOS.

But why haven't we heard about BlastDoor before?

Simply because Apple doesn't see any need to show it either to users or app developers, it doesn't require any previous settings or permission but will work in the background automatically without user intervention to keep it secure when using iMessage.

Hence, it is great to see That Apple allocate sought resources for these types of user security improvements, in addition to these changes also highlight the value of comprehensive work to fix errors and vulnerabilities that the company is doing, it not only fixed the vulnerability but made comprehensive improvements to improve the security of the application tirelessly.