Google shows how Apple has secured Imessage in iOS 14

Imessage on iOS 14 and Mac OS Big Sur has a bunch of visible news, but Apple’s developers have also put a lot of effort into upgrading the technology under the shell that we do not see. Samuel Groß on Google Project Zero has written a thorough review of how Apple has increased security in the handling of incoming messages.

In December, the news spread that journalists and activists had been hacked using software from the NSO Group, via vulnerabilities in Imessage. The security researchers at Citizen Lab at the University of Toronto who discovered the hack mentioned that they no longer seem to work in iOS 14, and Samuel Groß has a probable explanation.

The technical details are advanced, but in short, Apple has separated the handling of opening and interpreting messages in more processes than before. One of these processes is called Blastdoor and now handles the decoding of the content of messages: xml code, links with previews and more.

The Blastdoor process is written in modern Swift code, which reduces the chances for hackers to find weaknesses via, for example, memory errors, and is located in a separate sandbox with really tight rules. For example, it can not communicate with the Internet and has virtually no access to the file system.

Apple has also added specific protection against attacks that repeatedly crash a process, which was used against Imessage.