BlastDoor - iPhone protection against malware, espionage and viruses

The current iPhone operating system iOS 14 has a security function called BlastDoor. This is intended to prevent harmful content from reaching the Apple smartphone via iMessage or links and attachments received via it. External content is checked and, if malicious software is found, only a sandbox preview is created. Among other things, so-called zero-click attacks are to be prevented with it; i.e. the installation of malware without user intervention. What BlastDoor is, how it works and whether it is 100% safe, I have summarized that for you in this guide.

BlastDoor - This is the iPhone protection against malware, espionage and viruses. Since iOS 14, iMessage has been made more secure with the BlastDoor function. You can find details on the topic here.

BlastDoor - This is the iPhone protection against malware, espionage and viruses. Since iOS 14, iMessage has been made more secure with the BlastDoor function. You can find details on the topic here.

BlastDoor function for iMessage since iOS 14 on the iPhone

Is a iPhone compatible with iOS 14 and if the operating system from 2020 was installed, then BlasDoor will also be used. This feature against attacks via iMessage is intended to prevent malware of all kinds. For example, if a link leads to a page that wants to install viruses, espionage software or ransomware, the possibility of accessing the page directly via the link is removed. At least that's the theory. The respective content is checked and a secure preview is created locally on your own device. This means that Apple has no idea what kind of messages you get with strange content.

BlastDoor in iOS 14: Revealed by Google Project Zero

Apple didn't really make the feature public, and I haven't found any official Apple.com subpages dedicated to the topic. The feature for more security from iOS 14 on the Apple iPhone was found, named and explained by a completely different side: Google Project Zero. The Google group, which searches for security gaps in systems, reports them and makes them public in case of doubt, has the new security mechanisms for publication dedicated a blog post. It describes the feature written in the Swift programming language as "tightly sandboxed" and explains how it works. The following graphic shows the functionality in a simplified manner.

This schematic from Google Project Zero shows how BlastDoor works on iOS 14 to make iMessage secure. Attachments and links are checked for harmful content.

This schematic from Google Project Zero shows how BlastDoor works on iOS 14 to make iMessage secure. Attachments and links are checked for harmful content.

Is iMessage 100% secure?

One would like to assume that iMessage has been particularly secure since last year and should therefore be used for all communication with others. This may be the case for private users. However, some reports show that even more ambitious attacks were possible even under iOS 14.4 and iOS 14.6 - and these were even zero-click attacks. For example, in detail at TechCrunch a Pegasus attack on activists in Bahrain. With the Pegasus software from the NSO Group from Israel, it was apparently possible under the mentioned iOS versions to access data, tap the microphone and camera and implement further surveillance. 

iMessage is (likely) getting more secure with every iOS version

One of the current security updates for the Apple iPhone is iOS 14.7.1 - this is intended to fill security gaps that are not mentioned further and thus, among other things, remove zero-day vulnerabilities. The technology giant from Cupertino is silent about whether this also refers to the gateways for Pegasus attacks. However, it can be assumed that BlastDoor will be improved with this and future updates. Last but not least, a new major version will be released soon. I recommend this post to you: Is my iPhone compatible with iOS 15? If you are interested in the other innovations of the system, have a look here: Apple WWDC21 Keynote Summary.

-

Did you like the article and did the instructions on the blog help you? Then I would be happy if you the blog via a Steady Membership or at Patreon would support.

Leave a Comment

Your e-mail address will not be published.