Early this month, Google released an update to its operating system, the Android 4.1 Jelly Bean. According to reviewers and experts, the Jelly Bean is by far the most secure Android operating system as it is adequately protected against malware attacks. The new security setup helps protect the users from attacks – particularly those that install malware on the device from online websites and through third party applications.
Jon Oberheide, a security researcher, says that after analyzing the features of the Jelly Bean 4.1 release, he is convinced that this is the first Android operating system that uses a special protection system called address space layout randomization or ASLR. This is a security feature that randomizes memory locations of stack, library, heap and other system data structures so that when hackers try to program malware to exploit these structures, the applications will not be able to pinpoint the location of the system resources to exploit. When this happens, ASLR will diffuse possible attacks by making it difficult to write malware code.
Android 4.0 Ice Cream Sandwich was the first Android OS to use ASLR, but it was full of bugs due to poor coding and ineffective because it was not thoroughly tested. The biggest problem was in the executable region of the program – the libraries, heap and linkers were loaded at the same time and within the same location in the memory hence hackers could find a way to predict just where the malware could be deployed to access system resources.
With the new Android 4.1 Jelly Bean, this issue has been resolved and the executable region, linker, heap and libraries are completely randomized. Position-independent executable have also been added to prevent hackers from using the ‘return-oriented programming’ technique to exploit the buffer overflows among other vulnerabilities that could enable the malware to exploit the system resources.