For all the new features and changes we can see in Android 4.1 Jelly Bean, there’s also some major progress going on behind the scenes that isn’t immediately apparent to the user. Security researchers have been taking a look at some of the improvements Google’s made to Android’s security in Jelly Bean, and discovered that the Address Space Layout Randomization Google introduced in Ice Cream Sandwich has matured into a much more resilient tool against malware.
ASLR, in a nutshell, helps to increase system security by making the platform less predictable to an attacker. Think of it as the difference between a thief with full blueprints, photos, and security specs for a museum he intends to rob, versus one who goes into the job without having any familiarity with the place. Without ASLR, the locations of certain data segments in memory can be predicted, and subsequently taken advantage of with minimal difficulty. If malware can’t even figure out where the values it needs to manipulate are in memory, it becomes a whole lot more difficult for it to do anything nasty.
The first pieces of ASLR came into place with Ice Cream Sandwich, but the implementation was lacking in a few key areas. That’s where Jelly Bean steps-up to help complete the defense, adding support for Position Independent Executables, heap randomization, and making the custom Android linker relocatable in memory. Combined with the earlier ASLR efforts, these steps help fortify Android against attacks. We’re sure that resourceful hackers will come up with ways to challenge even these countermeasures, but for now it looks like they’ll have their work cut out for them.