How Apple Improved iMessage Security in iOS 14

Project Zero, Google’s security team, reverse-engineered iMessage to see how Apple improved it in its latest OS 14 releases. Specially, how it has gained new protections against zero-day attacks using BlastDoor, resliding of the shared cache, and exponential throttling.

One of the major changes in iOS 14 is the introduction of a new, tightly sandboxed “BlastDoor” service which is now responsible for almost all parsing of untrusted data in iMessages (for example, NSKeyedArchiver payloads). Furthermore, this service is written in Swift, a (mostly) memory safe language which makes it significantly harder to introduce classic memory corruption vulnerabilities into the code base.

This Person Hacked His iPod to Stream Spotify Using Raspberry Pi

Guy Dupont recently hacked an old iPod to stream Spotify. He used a Raspberry PI Zero W and a custom UI built using Python. Additionally, he fitted a 1000 mAh batter into it, a motor for haptic feedback, and a 2-inch LCD Adafruit display. “My mother-in-law recently gifted me a bag of the family’s retired iPods. I had forgotten how good it feels to hold and use one of these things. Naturally, I decided to modify one. I wanted to supply some modern features (streaming, search, Bluetooth audio, etc), while paying homage to the amazing UX that Apple originally released almost 20 years ago.”

Mark Zuckerberg says Apple is Anti-Competitive in Facebook Earnings Call

Mark Zuckerberg has once again criticized Apple for its privacy, saying that the company is anti-competitive because of iMessage (among other things).

We increasingly see Apple as one of our biggest competitors,” Zuckerberg said, noting that Apple’s iMessage software is preinstalled on iPhones — enabling it to become the most widely used messaging service in the United States, as opposed to Facebook’s WhatsApp — and that Apple’s growing investment in services also enables it to compete with Facebook and other apps that use its iOS software platform.