Android Jelly Bean Hard to Intruded by Hacker and Virus

Bookmark and Share

Jelly Bean is the codename for the Android operating system version 4.1 has been released by Google this month.

The latest Android operating system was not only to have new features, but also a better level of security than previous versions, Android 4.0 or Ice Cream Sandwich.

This was revealed in a report from security researchers Duo Security Jon Oberheide.

The reason, according to Oberheide, because Jelly Bean implement a security-based Adress Space Layout Randomization (ASLR). Thanks to ASLR, hackers and malware so hard to exploit the weakness of memory corruption due to memory mapping for the operating system underwent randomization.

As a result, cyber criminals can only guess where malicious programs they will be loaded.

Combined with data execution prevention technology is also embedded by Google in the latest Android OS, Jelly Bean to be a mobile operating system's security system with the most qualified.

Actually, Jelly Bean is not the first Android OS that implements ASLR. Previously, Ice Cream Sandwich has also been equipped with this safety feature. However, according to Oberheide, the implementation of ASLR on Ice Cream Sandwich less than optimal and not really able to reduce the threat in the real world.

"Executable mapping in the process address space is not encrypted in the Ice Cream Sandwich, so it remains possible occurrence of ROP-style attacks that use the entire executable. In Jelly Bean, most have been compiled or binary is now connected with PIE flag, which means that the executable mapping will be randomized to correctly when executed, "said Oberheide.

In addition, continued Oberheide, the latest version of the Android operating system also has a better defense mechanism against malicious code execution and information leakage.

Other mobile operating systems are also relatively safe is IOS 6 from Apple. This OS implemented in-Kernel ASLR an even more secure than ASLR on Jelly Bean. IOS 6 beta version has been released in beta this week. Full version is scheduled to slide on the third kurtal 2012.

"Apple has raised the safety standards to the level of exploitation of kernel methods to implement effective mitigation such as NX, ASLR, and mandatory code signing. Thankfully Android starts to move in the same direction, and the Jelly Bean is a major step in this regard."

{ 0 comments... Views All / Send Comment! }

Post a Comment