Jelly Bean was the codename for the Android operating system version 4.1 has been released by Google this month.
The latest Android operating system was not only to have new features, but also a better level of security than previous versions, Android 4.0 or Ice Cream Sandwich.
This was revealed in a report from security researchers Jon Oberheide Duo Security.
The reason, according to Oberheide, is due to implement a security-based Jelly Bean Adress Space Layout Randomization (ASLR). Thanks to ASLR, hackers and malware so hard to exploit the weakness of memory corruption due to memory mapping for the operating system underwent randomization.
As a result, cyber criminals can only guess where malicious programs they will be loaded.
Combined with data execution prevention technology is also embedded in the Google Android OS, the Jelly Bean a mobile operating system's security system with the most qualified.
Jelly Bean is not actually the first Android OS that implements ASLR. Previously, Ice Cream Sandwich has also been equipped with this safety feature. However, according to Oberheide, the implementation of ASLR on Ice Cream Sandwich less than optimal and not really able to reduce the threat in the real world.
"Executable mapping in the process address space is not encrypted in the Ice Cream Sandwich, so it remains possible occurrence of ROP-style attacks that use the entire executable. In Jelly Bean, most have been compiled or binary is now connected with PIE flag, which means that the executable mapping will be randomized to correctly when executed, "said Oberheide.
"Executable mapping in the process address space is not encrypted in the Ice Cream Sandwich, so it remains possible occurrence of ROP-style attacks that use the entire executable. In Jelly Bean, most have been compiled or binary is now connected with PIE flag, which means that the executable mapping will be randomized to correctly when executed, "said Oberheide.
In addition, continued Oberheide, the latest version of the Android operating system also has a better defense mechanism against malicious code execution and information leakage.
Other mobile operating systems are also relatively safe is homemade Apple IOS 6. OS-Kernel is implemented in an even more secure ASLR more than ASLR on Jelly Bean. IOS version 6 beta has been released in beta this week. Full version is scheduled to slide on the third kurtal 2012.
"Apple has raised the safety standards to the level of exploitation of kernel methods to implement effective mitigation such as NX, ASLR, and mandatory code signing. Thankfully Android starts to move in the same direction, and the Jelly Bean is a major step in this regard."
Android Jelly Bean impenetrable Hacker and Virus
Reviewed by pingkom
on
7:26 AM
Rating: