The malicious apps threat on Android Jelly Bean 4.1

While at Google I/O last month Julian reported that Android Jelly Bean (version 4.1 and 4.1.1) SD permission security had been strengthened as well as introducing app encryption as part of Google’s app anti-piracy measures. These were much needed improvements not only for developers but also for Android device users. So for the tech readers in droid land I wanted to dig a little deeper to discuss some other Android Jelly Bean 4.1 security developments.

Outside of the above mentioned improvements, Android 4.1 (including 4.1.1) introduced Address Space Layout Randomization (ASLR) (see bootnote) and Data Execution Prevention (DEP). ASLR moves for example critical executables and libraries to random locations. An exploit could occur if key pockets of data are not randomised – in this case an executable for an app. ASLR aims to stop memory corruption attacks often linked to bugs being found in complex pieces of code. DEP on the other hand is designed to prevent a hacker form executing a piece of code that is established to be non-executable. There is a problem with thinking ASLR more of less removes the malware threat though. It doesn’t. Read more....