For all the new features and changes we can see in Android 4.1 Jelly Bean, there’s also some major progress going on behind the scenes that isn’t immediately apparent to the user. Security researchers have been taking a look at some of the improvements Google’s made to Android’s security in Jelly Bean, and discovered that the Address Space Layout Randomization Google introduced in Ice Cream Sandwich has matured into a much more resilient tool against malware.

ASLR, in a nutshell, helps to increase system security by making the platform less predictable to an attacker. Think of it as the difference between a thief with full blueprints, photos, and security specs for a museum he intends to rob, versus one who goes into the job without having any familiarity with the place. Without ASLR, the locations of certain data segments in memory can be predicted, and subsequently taken advantage of with minimal difficulty. If malware can’t even figure out where the values it needs to manipulate are in memory, it becomes a whole lot more difficult for it to do anything nasty.

The first pieces of ASLR came into place with Ice Cream Sandwich, but the implementation was lacking in a few key areas. That’s where Jelly Bean steps-up to help complete the defense, adding support for Position Independent Executables, heap randomization, and making the custom Android linker relocatable in memory. Combined with the earlier ASLR efforts, these steps help fortify Android against attacks. We’re sure that resourceful hackers will come up with ways to challenge even these countermeasures, but for now it looks like they’ll have their work cut out for them.

Source: Duo Security
Via: Coolsmartphone

You May Also Like
Verizon finally activates 5G upload on its Ultra Wideband network
The upload speed over Verizon’s 5G network will be around 30% higher compared to what you get on 4G LTE, at least for now.
Samsung Access upgrade plan offers Premium Care, Microsoft 365 and 1TB cloud storage
Samsung Access will let you own a Galaxy S20 series phone by paying a monthly fee, and then upgrade to a new flagship after a period of nine months.
Viral app that let users remove Chinese applications kicked off the Play Store
The developer has not revealed as to why exactly the controversial app was kicked off the Google Play Store after clocking over a million downloads.