Chapter in this post:
The current iPhone operating system iOS 14 has a security function called BlastDoor. This is intended to prevent harmful content from reaching the Apple smartphone via iMessage or links and attachments received via it. External content is checked and, if malicious software is found, only a sandbox preview is created. Among other things, so-called zero-click attacks are to be prevented with it; i.e. the installation of malware without user intervention. What BlastDoor is, how it works and whether it is 100% safe, I have summarized that for you in this guide.
Is a iPhone compatible with iOS 14 and if the operating system from 2020 was installed, then BlasDoor will also be used. This feature against attacks via iMessage is intended to prevent malware of all kinds. For example, if a link leads to a page that wants to install viruses, espionage software or ransomware, the possibility of accessing the page directly via the link is removed. At least that's the theory. The respective content is checked and a secure preview is created locally on your own device. This means that Apple has no idea what kind of messages you get with strange content.
Apple didn't really make the feature public, and I haven't found any official Apple.com subpages dedicated to the topic. The feature for more security from iOS 14 on the Apple iPhone was found, named and explained by a completely different side: Google Project Zero. The Google group, which searches for security gaps in systems, reports them and makes them public in case of doubt, has the new security mechanisms for publication dedicated a blog post. It describes the feature written in the Swift programming language as "tightly sandboxed" and explains how it works. The following graphic shows the functionality in a simplified manner.
One would like to assume that iMessage has been particularly secure since last year and should therefore be used for all communication with others. This may be the case for private users. However, some reports show that even more ambitious attacks were possible even under iOS 14.4 and iOS 14.6 - and these were even zero-click attacks. For example, in detail at TechCrunch a Pegasus attack on activists in Bahrain. With the Pegasus software from the NSO Group from Israel, it was apparently possible under the mentioned iOS versions to access data, tap the microphone and camera and implement further surveillance.
One of the current security updates for the Apple iPhone is iOS 14.7.1 - this is intended to fill security gaps that are not mentioned further and thus, among other things, remove zero-day vulnerabilities. The technology giant from Cupertino is silent about whether this also refers to the gateways for Pegasus attacks. However, it can be assumed that BlastDoor will be improved with this and future updates. Last but not least, a new major version will be released soon. I recommend this post to you: Is my iPhone compatible with iOS 15? If you are interested in the other innovations of the system, have a look here: Apple WWDC21 Keynote Summary.
After graduating from high school, Johannes completed an apprenticeship as a business assistant specializing in foreign languages. But then he decided to research and write, which resulted in his independence. For several years he has been working for Sir Apfelot, among others. His articles include product introductions, news, manuals, video games, consoles, and more. He follows Apple keynotes live via stream.