Slashdot Mirror

← Back to Stories (view on slashdot.org)

Android Jelly Bean Much Harder To Hack

Posted by Soulskill on from the also-not-as-tasty dept.

New submitter SternisheFan tips this quote from an article at Ars: "The latest release of Google's Android mobile operating system has finally been properly fortified with an industry-standard defense. It's designed to protect end users against hack attacks that install malware on handsets. In an analysis published Monday, security researcher Jon Oberheide said Android version 4.1, aka Jelly Bean, is the first version of the Google-developed OS to properly implement a protection known as address space layout randomization. ASLR, as it's more often referred to, randomizes the memory locations for the library, stack, heap, and most other OS data structures. As a result, hackers who exploit memory corruption bugs that inevitably crop up in complex pieces of code are unable to know in advance where their malicious payloads will be loaded. When combined with a separate defense known as data execution prevention, ASLR can effectively neutralize such attacks."

1 of 184 comments (clear)

  1. How stupid they think hackers are? by Jellys · · Score: 0, Troll

    I have been doing game hacks (trainers and multiplayer hacks) on Windows for over a decade. Windows - or it's compilers - have always had data and code location randomization. As a result we don't rely on specific code addresses but make our code universally working anywhere.

    One popular method of establishing this is to rely on fingerprints. Instead of hard coding addresses, you provide fingerprint that finds the right place first. Lets say you have a specific code. Then your fingerprint might be as follows:

    90 32 ?? ?? ?? ?? 30 ?? ?? ?? 90 90 90 90 ?? ?? 32 40 4B ??

    Then you will run thru the code searching for such piece of code. Anything can be in place of ??, such as other addresses. Sure, you can't hard code anymore.. but your code will be much better after adding this kind of function because then it will also work between all versions of software, even if updates.

    So basically Google is adding something that other OSes have had for decades and making a huge noise about it, while it actually establishes nothing and even forces hackers to deliver better code. It seems like Google does not know at all what they're doing with their OS.