Every Android device owner knows exactly what to expect from Android 4.1 Jelly Bean. For average users, the user interface (UI), multimedia features, and performance are all that matter. While security is a growing concern in the Android market, only a few actually care about the security features their OS comes packed with. The thing is, in every update roll out, there is an added security to the firmware and Jelly Bean has new three security features that made it more difficult to hack.
Address Space Layout Randomization (ASLR)
Memory processes are often get mapped by the system. The function of ASLR is to randomize the mapping so security attackers may find it difficult to locate where their malicious files or data were planted. The randomization will reduce the probability of the attackers to be able to guess where the data they are looking for is found. Duo Security’s Jon Oberheide said the odds go from 1 in 2 to 1 in 1000. He added that every wrong guess may lead to the crashing of the apps sending an alert to the user who may, in turn, uninstall it to resolve problems.
Android 4.0 ICS was not designed to randomize areas where heat, stack and libs data reside but 4.1 does it all. While Android OS didn’t have a history of memory corruption due to hacking attacks, it is a good thing Google is taking the security factor into the next level.
READ_LOGS Permission Removed
Previous versions of Android had the so-called “READ_LOGS” permission that would allow apps to read and decrypt low-level encryptions and system files. In a bid to making its latest mobile operating system safer, developers took away this permission to prevent apps from being able to read other apps’ log catalogues. Log files often store personal and sensitive information including but not limited to credit card numbers and bank accounts.
Virtual Security Research’s Dan Rosenberg said that by removing this permission, it would make it impossible for rogue apps as well as malware to gain access to files containing sensitive data, thus, increasing the security of the device running on Jelly Bean.
Customized Lockscreen Message
Majority of the owners of high-end and expensive smartphones often implement a code to lock their devices. So, in any case that their device gets lost, other people who could find it would not be able to use it unless the OS is wiped out. Jelly Bean allows users to set-up a customized lockscreen message that could help the person who could find the device know who the real owner is.
For example, a user can put his/her telephone numbers or address as a lockscreen message. This way, contacting the owner is easier. This can be done by going to Settings => Owner Info.
It may not matter a lot for now knowing majority of Android users are still using ICS, but by the time Jelly Bean is rolled out to almost every Android device, these security features may just be appreciated because of their importance. And the fact that Google is on a high-speed course to promoting Google Wallet, security is a must.
Reference: PC World
Image Credit: Ubergizmo