Google’s Android new version, Jelly Bean is hard to exploit, a serial hacker exposed this to ArsTechnica.Users using Jelly bean are more protected to hacker attacks which install malware on devices. Security researcher Jon Oberheide said [quote]Android version 4.1, aka Jelly Bean, is the first version of the Google-developed OS to properly implement a protection known as address space layout randomization.[/quote]
Android ASLR, the executable mapping in the process address space was not randomized in Ice Cream Sandwich, making ROP-style attacks possible but in Jelly Bean most binaries are now compiled/linked with the PIE flag to properly randomize executable mapping when executed. here are some improvements in Jelly bean which streghthen its security prior to old version of Android:
- PIE (Position Independent Executable) support
- Read-only relocations / immediate binding (-Wl,-z,relro -Wl,-z,now)
- dmesg_restrict enabled (avoid leaking kernel addresses)
- kptr_restrict enabled (avoid leaking kernel addresses)
- Android is getting there, and Jelly Bean is a major step towards that goal.
Android is getting near Apple’s defense against these hacks, and Jelly Bean is a major step towards security defense.