[ad_1]
Apple iOS Operation system is generally considered secure, certainly sufficient for most users most of the time. But in recent years, hackers have managed to find a number of loopholes that provide entry points into iPhones and iPads. Many of these are so-called no-click or no-interaction attacks that can infect a device without the victim clicking a link or downloading a file that contains malware. Time and time again, these militarized vulnerabilities have been found to be in Apple’s chat app, iMessage. But now it looks like Apple has had enough. New research shows that the company took iMessage’s defenses to a whole new level with the release of iOS 14 in September.
In late December, for example, researchers at the University of Toronto’s Citizen Lab published results of a summer hacking campaign in which attackers successfully targeted dozens of journalists from the ‘Al Jazeera with a no-click iMessages attack to install the famous Pegasus spyware from NSO Group. . Citizen Lab said at the time that it did not believe iOS 14 was vulnerable to the hack used in the campaign; all of the victims were using iOS 13, which was common at the time.
Samuel Groß has long investigated clickless iPhone attacks alongside a number of his colleagues on Google’s Project Zero bug research team. Last week, he detailed three improvements Apple added to iMessage to harden the system and make it much harder for attackers to send malicious messages designed to wreak strategic havoc.
“These changes are probably very close to the best that could have been made given the need for backward compatibility, and they should have a significant impact on the security of iMessage and the platform as a whole,” Groß wrote on Thursday. . “It’s great to see Apple putting aside the resources needed for these kinds of important refactorings to improve end-user security.”
Responding to Citizen Lab research, Apple said in December that “iOS 14 is a major leap forward in security and offers new protections against these types of attacks.”
iMessage is an obvious target for click-less attacks for two reasons. First, it is a communication system, which means that part of its function is to exchange data with other devices. iMessage is literally designed for an activity without interaction; you don’t need to tap anything to receive a text or photo from a contact. And iMessage’s full range of features – integrations with other apps, payment features, even small things like stickers and memojis – also make it fertile ground for hackers. All of these interconnections and options are convenient for users but add an “attack surface” or potential for weakness.
“IMessage is a service built into every iPhone, so it’s a huge target for sophisticated hackers,” says Matthew Green, Johns Hopkins cryptographer. “It also has a ton of bells and whistles, and each of those features is a new opportunity for hackers to find bugs that allow them to take control of your phone. So what this research shows is that Apple knows it and has quietly beefed up the system. “
Groß introduces three new protections developed by Apple to address its iMessage security concerns at a structural level, rather than through Band-Aid fixes. The first enhancement, dubbed BlastDoor, is a “sandbox,” essentially a quarantine area where iMessage can inspect incoming communications for potentially malicious attributes before posting them to the main iOS environment.
The second new mechanism monitors attacks that manipulate a shared cache of system libraries. The cache changes addresses in the system at random to make malicious access more difficult. However, iOS only changes the address of the shared cache after a restart, which gave click-less attackers the opportunity to discover its location; it’s like taking pictures in the dark until you hit something. The new protection is configured to detect malicious activity and trigger a refresh without requiring the user to restart their iPhone.
[ad_2]
Source link