London Daily

Focus on the big picture.
Thursday, Sep 18, 2025

iMessage Security BlastDoor

iMessage just got an amazing new feature you didn’t even notice

Apple quietly added a new iMessage security feature in iOS 14 called BlastDoor. BlastDoor is a new sandbox inside iMessage that receives and sanitizes all iMessage content before it’s shown to the user. The security feature will prevent attacks via iMessage that might include malicious code for spying on iPhones.

One of the most important apps on any phone, regardless of model or operating system, is the messaging app. The chances are most people use a collection of texting apps to keep in touch with friends and family. These apps have grown to be highly sophisticated over the years, offering a collection of advanced features to improve the chat experience.

Whether it’s iMessage on an iPhone, Google Messages on Android, or WhatsApp, Signal, Telegram, and many others on both platforms, these apps offer essentially the same features. Many protect chats with end-to-end encryption, and most of them support rich texting features, file-sharing, emojis, voice messaging, voice calling, and integration with many other apps.

But because texting is so popular on smartphones, it’s also a great gateway for hackers who come up with all sorts of malicious attacks that can spread via chat apps. And Apple has been quietly tackling that very problem, a new report shows. The company added an amazing new feature to iMessage in iOS 14 and iPadOS 14, the kind that we’ll never notice. It’s called BlasstDoor, an apt name for what the feature is supposed to do.

When Tony Stark asks his AI Friday to activate the “Armed Door” protocol in Endgame, a shield of armor envelops the Avengers headquarters. That’s because they’re about to attempt something never done before, which could lead to a huge wave of destruction. There’s no guarantee that the armor will actually hold back a potential blast, but Stark is trying it nonetheless. Marvel fans will surely remember the scene, while others won’t know what any of this means.

The gist with BlastDoor is similar. Everything coming in via iMessage goes through a secure location meant to contain threats that hackers might include in messages. Highly sophisticated information bombs can allow hackers to attack unsuspecting iPhone users, but BlastDoor will now stop all of that. The new security feature is amazing, and it’s something other operating systems and chat apps will undoubtedly copy. After all, hackers target all devices and programs, not just Apple’s.

As to why Apple never mentioned anything about BlastDoor during WWDC 2020 when the first final version of iOS 14 shipped, that’s understandable. This is Apple’s new move in an ongoing security battle with attackers. There’s no point showing your hand when it comes to BlastDoor. It’s not a feature that device owners will actively use or that iOS developers needed to be aware of.

It’s all supposed to work passively in the background, keeping everybody safe. If security experts like the people working over at Google Zero Lab discover it, that’s something else — and hackers could also find it once they realize their weaponized messages aren’t delivering the desired effect.

First picked up by ZDNet, the BlastDoor feature was indeed discovered by a Googler from Project Zero.

Last year, a report showed that hackers targeted journalists via iMessage code that enabled spying without the recipient having to do anything. But the issue was fixed in iOS 14, so Google researcher Samuel Groß set out to discover how Apple mitigated the problem. That’s how he found BlastDoor, a feature that works behind the scenes with iMessage content.

It’s a “sandbox” type of functionality, similar to other sandboxes in iOS. BlastDoor will unpack and process the content of all incoming messages in an isolated environment so that a malicious payload cannot attack the operating system. In other words, every attachment and all code coming through iMessage, whether it’s the actual text, links, or files, will be sanitized inside that closed environment.

If you still haven’t upgraded to iOS 14, BlastDoor is an excellent reason to do it, especially if you’re the kind of iPhone user who might be someone’s target.

“Overall, these changes are probably very close to the best that could’ve been done given the need for backwards compatibility, and they should have a significant impact on the security of iMessage and the platform as a whole,” the Googler wrote. “It’s great to see Apple putting aside the resources for these kinds of large refactorings to improve end users’ security.

Furthermore, these changes also highlight the value of offensive security work: not just single bugs were fixed, but instead structural improvements were made based on insights gained from exploit development work.”

Groß’s blog post detailing the new iMessage security feature is available at this link.

Newsletter

Related Articles

0:00
0:00
Close
Macron and his wife to provide 'scientific photographic evidence' that she is a real woman
US Tech Giants Pledge Billions to UK AI Infrastructure Following Starmer's Call
Saudi Arabia cracks down on music ‘lounges’ after conservative backlash
DeepMind and OpenAI Achieve Gold at ‘Coding Olympics’ in AI Milestone
SEC Allows Public Companies to Block Investors from Class-Action Lawsuits
Saudi Arabia Signs ‘Strategic Mutual Defence’ Pact with Pakistan, Marking First Arab State to Gain Indirect Access to Nuclear Strike Capabilities in the Region
Federal Reserve Cuts Rates by Quarter Point and Signals More to Come
Effective and Impressive Generation Z Protest: Images from the Riots in Nepal
European manufacturers against ban on polluting cars: "The industry may collapse"
Sam Altman sells the 'Wedding Estate' in Hawaii for 49 million dollars
Trump: Cancel quarterly company reports and settle for reporting once every six months
Turkish car manufacturer Togg Enters German Market with 5-Star Electric Sedan and SUV to Challenge European EV Brands
US Launches New Pilot Program to Accelerate eVTOL Air Taxi Deployment
Christian Brueckner Released from German Prison after Serving Unrelated Sentence
World’s Longest Direct Flight China Eastern to Launch 29-Hour Shanghai–Buenos Aires Direct Flight via Auckland in December
New OpenAI Study Finds Majority of ChatGPT Use Is Personal, Not Professional
Hong Kong Industry Group Calls for HK$20 Billion Support Fund to Ease Property Market Stress
Joe Biden’s Post-Presidency Speaking Fees Face Weak Demand amid Corporate Reluctance
Charlie Kirk's murder will break the left's hateful cancel tactics
Kash Patel erupts at ‘buffoon’ Sen. Adam Schiff over Russiagate: ‘You are the biggest fraud’
Homeland Security says Emmy speech ‘fanning the flames of hatred’ after Einbinder’s ‘F— ICE’ remark
Charlie Kirk’s Alleged Assassin Tyler Robinson Faces Death Penalty as Charges Formally Announced
Actor, director, environmentalist Robert Redford dies at 89
The conservative right spreads westward: a huge achievement for 'Alternative for Germany' in local elections
JD Vance Says There Is “No Unity” with Those Who Celebrate Charlie Kirk’s Killing, and he is right!
Trump sues the 'New York Times' for an astronomical sum of 15 billion dollars
Florida Hospital Welcomes Its Largest-Ever Baby: Annan, Nearly Fourteen Pounds at Birth
U.S. and Britain Poised to Finalize Over $10 Billion in High-Tech, Nuclear and Defense Deals During Trump State Visit
China Finds Nvidia Violated Antitrust Laws in Mellanox Deal, Deepens Trade Tensions with US
US Air Force Begins Modifications on Qatar-Donated Jet Amid Plans to Use It as Air Force One
Pope Leo Warns of Societal Crisis Over Mega-CEO Pay, Citing Tesla’s Proposed Trillion-Dollar Package
Poland Green-Lights NATO Deployment in Response to Major Russian Drone Incursion
Elon Musk Retakes Lead as World’s Richest After Brief Ellison Surge
U.S. and China Agree on Framework to Shift TikTok to American Ownership
London Daily Podcast: London Massive Pro Democracy Rally, Musk Support, UK Economic Data and Premier League Results Mark Eventful Weekend
This Week in AI: Meta’s Superintelligence Push, xAI’s Ten Billion-Dollar Raise, Genesis AI’s Robotics Ambitions, Microsoft Restructuring, Amazon’s Million-Robot Milestone, and Google’s AlphaGenome Update
Le Pen Tightens the Pressure on Macron as France Edges Toward Political Breakdown
Musk calls for new UK government at huge pro-democracy rally in London, but Britons have been brainwashed to obey instead of fighting for their human rights
Elon Musk responds to post calling for the murder of Erika Kirk, widow of Charlie Kirk: 'Either we fight back or they will kill us'
Czech Republic signs €1.34 billion contract for Leopard 2A8 main battle tanks with delivery from 2028
USA: Office Depot Employees Refused to Print Poster in Memory of Charlie Kirk – and Were Fired
Proposed U.S. Bill Would Allow Civil Suits Against Judges Who Release Repeat Violent Offenders
Penske Media Sues Google Over “AI Overviews,” Claiming It Uses Journalism Without Consent and Destroys Traffic
Indian Student Engineers Propose “Project REBIRTH” to Protect Aircraft from Crashes Using AI, Airbags and Smart Materials
French Debt Downgrade Piles Pressure on Macron’s New Prime Minister
US and UK Near Tech, Nuclear and Whisky Deals Ahead of Trump Trip
One in Three Europeans Now Uses TikTok, According to the Chinese Tech Giant
Could AI Nursing Robots Help Healthcare Staffing Shortages?
NATO Deploys ‘Eastern Sentry’ After Russian Drones Violate Polish Airspace
Anesthesiologist Left Operation Mid-Surgery to Have Sex with Nurse
×