Skip to main content

Apple iOS 14 introduces BlastDoor Sandbox security system to iMessage

In the past, there have been various instances where security researchers revealed that a “string of texts” received over SMS could crash your phone or worse, send it into a boot-loop. These kinds of exploits have been reported at least once every year for both iOS and Android smartphones but turns out, iOS 14 has a way to thwarting these kinds of exploits for good, thanks to a system called BlastDoor.

Discovered by a Google Project Zero researched named Samuel Groß, BlastDoor works by parsing all the data contained in an iMessage in a secure sandbox, isolated from the rest of the operating system. By doing so, the contents of the iMessage, if nefarious, won’t have an impact on the OS. All apps installed on an iOS device exist in their own sandboxes, which governed by very tight policies. The BlastDoor sandbox for iMessage has been designed to thwart most exploits which either use brute force or exploit the shared cache on iOS.  Groß says he found the existence of BlastDoor when investigating a hacking campaign against Al Jazeera journalists. There were instances where the hacks did not work and the common thread appeared to be the fact that they were running iOS 14 on their iPhones.

While BlastDoor sandbox definitely makes iMessage more secure, it does not do much for the traditional SMS. Last year in April 2020, a text-based exploit was discovered which could be initiated via a normal SMS. A string of characters written in Sindhi when received as an SMS would freeze iOS completely, rendering the person’s iPhone/iPad completely useless till the OS would crash, and the device could be rebooted. This was due to a bug in iOS, one which Apple has since fixed, but it highlights how the short messaging service format is still a likely vector for delivering exploits.

Messaging apps have been a popular point of intrusion into smartphones for several years now. We’ve seen text message string crash phones, brick them permanently, lock them temporarily, and in one case, even serve as a means of gaining full access to the device. The now infamous Pegasus used a vulnerability in WhatsApp, allowing the hacker full access to a target smartphone, all done remotely. The BlastDoor sandbox for iMessage introduced in iOS14 should prevent some, if not all intrusion and malicious events.



from Latest Technology News https://ift.tt/36nuZin

Comments

Popular posts from this blog

First ever drone-delivered kidney is no worse for wear

Drone delivery really only seems practical for two things: take-out and organ transplants. Both are relatively light and also extremely time sensitive. Well, experiments in flying a kidney around Baltimore in a refrigerated box have yielded positive results — which also seems promising for getting your pad thai to you in good kit. The test flights were conducted by researchers at the University of Maryland there, led by surgeon Joseph Scalea. He has been frustrated in the past with the inflexibility of air delivery systems, and felt that drones represent an obvious solution to the last-mile problem. Scalea and his colleagues modified a DJI M600 drone to carry a refrigerated box payload, and also designed a wireless biosensor for monitoring the organ while in flight. After months of waiting, their study was assigned a kidney that was healthy enough for testing but not good enough for transplant. Once it landed in Baltimore, the team loaded it into the container and had it travel 14 ...

The saddest movies on Netflix

Image via IMDB . Whether it’s a cartoon classic , quirky indie film , or uproarious comedy , everyone loves a feel-good movie, but sometimes it’s just not what you want. Sometimes you want something glum, something dark, something sad. Netflix has a great selection of all kinds of movies, and plenty of it is perfect for when all you want is to sit in the dark and really stew in it. Here are some of the saddest movies on Netflix right now. Saddest movies on Netflix: Schindler’s List Roma The Boy in the Striped Pyjamas Tallulah Paddleton Okja A Silent Voice Editor’s note:  This list will be updated as sad movies leave and other new arrivals debut on Netflix. 1. Schindler’s List  image via IMDB . This is probably the saddest movie on Netflix, and maybe one of the saddest movies of all time. Schindler’s List focuses on the true story of Oskar Schindler (Liam Neeson), a German businessman who used his factory to employ and eventually smuggle 1,200 Jews o...

Best phones under 20,000 rupees in India (August 2019)

There used to be a very clear divide between mid-range and high-end smartphones. The great news is that the lines have increasingly blurred over the past few years. Today, it is easy to find a phone with a great camera, excellent build quality, and powerful hardware at a fraction of the cost of a flagship. Here are the best phones under 20,000 rupees in India! Best phones under 20,000 rupees in India: Realme X Xiaomi Redmi Note 7 Pro Samsung Galaxy A50 Realme 3 Pro Vivo S1 Samsung Galaxy M40 Vivo Z1 Pro Oppo F11 Nokia 8.1 Motorola One Vision 1. Realme X It doesn’t take very long for premium features to trickle down to the affordable price range. It’s still fantastic to see and exciting for consumers. While Xiaomi is usually expected to be the leader in making these jumps, it’s Realme that takes the lead this time around with the Realme X . The Realme X was the first phone under 20,000 rupees to come with an all-screen front with no notches in sight. The front-...