Android Chief

Android Will Be More Secure With Jelly Bean

Posted In News - By AndroidChief on Tuesday, July 17th, 2012 With No Comments »

Ever heard of ? It’s a security feature that is used in many different opearting systems such as Windows XP or iOS6. For quite a while has been avoiding it and then used a little bit of it in 4.0. Now with the release of it is being used to its fullest, but this implementation of ASLR still lags behind the security of the soon to be released, iOS 6.

Wikipedia defines ASLR quite well:

 

(ASLR) is a method which involves randomly arranging the positions of key data areas, usually including the base of the executable and position of libraries, heap, and stack, in a process’s address space.”

“Address space randomization hinders some types of security attacks by making it more difficult for an attacker to predict target addresses. For example, attackers trying to execute return-to-libc attacks must locate the code to be executed, while other attackers trying to execute shellcode injected on the stack have to find the stack first. In both cases, the related memory addresses are obscured from the attackers. These values have to be guessed, and a mistaken guess is not usually recoverable due to the application crashing.”

Changing the way security work’s in OS’s can be worrisome because they could just mess something up and all your data could be easily exploited. Your data is more at risk now on Gingerbread or Ice Cream Sandwich because it’s easier to exploit. If you stay away from unofficial sites that want to download to your device though, you should be fine. Otherwise, this added feature in is great!

There are some stuff out there that sneaks past the Google Play Terms of Use, I would try my hardest to be careful as to what you install on your device and what permissions you allow from apps that you install on your device.

For now though, we sit and wait for Jelly Bean to release.

source: Cool Smartphone

 

Leave a comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>