Jelly Bean: Malware Swept Clean

This guest article is by James of cellspyexpert.

The hoopla over the oh-so rigorous defenses of the new Android Jelly Bean has got the tech world itching to see the extent to which this valiant effort by Google will be able to bulwark its users. Well researchers, hackers, crackers and the like can still be seen applauding the show, like the little kid who finds the same joke funny despite repetition. Regardless of the skepticism that follows naturally from the security issues concerning previous versions of Android, Google’s upcoming OS promises to be bastioned with an overarching industry level defense.

Tech Treats…Who Wants a Candy?

The security features of this latest Android mobile OS comprise of a number of new developments, as per Jon Oberheide‘s analysis, for it is the first Google OS to have fully implemented the address space layout randomization or ASLR protection. ASLR was introduced in the previous Android version; however, it failed to obliterate actual attacks due to loop holes within the memory system. The prime deficiency in this regard was the executable portion, libraries, heap, etc. had the same locations for loading every time, making it rather simpler for intruders designing exploits to locate their malware in the overall memory. ASLR basically functions by randomizing memory locations for operating system data structures; consequently, for those who take advantage of memory corruption errors that eventually appear in the intricate cobwebs of code lose their way of knowing their malicious cargo’s destination beforehand. Therefore, ASLR complemented by data execution prevention, another defense composite, ensures the effective mitigation of such threats.

Jelly Bean - Malware Swept Clean

A hacker’s take

An old hand hacker and a research consultant at Accuvant, Charlie Miller, explains that in case there is anything that is not randomized in the memory system ASLR cannot function because if the hacker can locate something it can be used to figure out the rest. Having spent seven years writing exploits that allow malware installation on various platforms, Miller elucidates on the issue that Jelly Bean will be the first of the Android family with fully functioning ASLR and DEP thereby making it harder to write exploits for it. On the contrary, i-contenders have been a step ahead but not yet fully matured to full proof protection. Apple has entirely implemented ASLR and DEP for iOS for over a year now, even though Snow Leopard wasn’t able to randomize the OS to the core, such cracks were filled by the succeeding OS X Lion.

As much as I appreciate the primal love for simplicity while bearing in mind our immediacy driven life styles, there is still more technical claptrap loaded on to the new Jelly Bean that craves our attention. One of the techniques used by attackers is called return oriented programming, used while exploiting overflows from buffers or other areas of fragility for memory systems. Jelly Bean comes to the rescue here by giving randomization for position- independent executables. These new features will render a number of techniques used by android malware, cell phone trackers and other form of malware obsolete. So for us simpletons, Jelly Bean basically has it all regarding security measures or at least Google has fortified its defenses such that for now they seem pinnacled.

Author Bio: James Clark has been in the business of cellphone spy apps for a while now. His work on cellspyexpert is unparalleled and has brought together a large group of readers. Cellspyexpert is spy software for Android, and for the latest and greats tips and tricks readers flock towards James.