jerdog · Jul 19, 2012 at 09:00 am

Jelly Bean Implements Higher Level of Security

A lot of hullabaloo has been made about the security of today’s mobile OS’s, and for good reason. BlackBerry for the longest time was considered to be the most secure, and was the smartphone of choice for the U.S. Government. This has changed in the last year, with the NSA even releasing it’s own white paper on an Enterprise Mobility Architecture focusing on securing Android 2.2.

Any OS tends to suffer from a single point of failure—the user. Sure you can lock down your device with a password, but the responsibility to have a strong password lies at the feet of the user, not the OS.

Android 4.0 implemented a feature widely used in desktop computing as far back as Windows XP called Address Space Layout Randomization (ASLR), which effectively rearranges the positions of key data in memory address space. This feature dramatically reduces the ability of a hacker to predict target memory address areas and seek out exploits. Security researcher Jon Oberheide had this to say about the challenges of implementing ASLR:

ASLR is commonly an all-or-nothing proposition. If ASLR is not applied to all areas of memory in a process, its effectiveness is often nullified. A single executable mapping that is mapped in a static location in the address space is often sufficient to construct a ROP payload.

He then went on to comment on the implementation of ASLR in Android 4.0:

Unfortunately, the ASLR support in Android 4.0 did not live up to expectations and is largely ineffective for mitigating real-world attacks, due to the lack of randomization of the executable and linker memory regions.

But with the release of Android 4.1, Jelly Bean, Google has upped the ante on security. Here’s what Google had to say about their ever-increasing emphasis on security:

Android 1.5+

  • ProPolice to prevent stack buffer overruns (-fstack-protector)
  • safe_iop to reduce integer overflows
  • Extensions to OpenBSD dlmalloc to prevent double free() vulnerabilities and to prevent chunk consolidation attacks. Chunk consolidation attacks are a common way to exploit heap corruption.
  • OpenBSD calloc to prevent integer overflows during memory allocation

Android 2.3+

  • Format string vulnerability protections (-Wformat-security -Werror=format-security)
  • Hardware-based No eXecute (NX) to prevent code execution on the stack and heap
  • Linux mmap_min_addr to mitigate null pointer dereference privilege escalation (further enhanced in Android 4.1)

Android 4.0+

  • Address Space Layout Randomization (ASLR) to randomize key locations in memory

Android 4.1+

  • PIE (Position Independent Executable) support
  • Read-only relocations / immediate binding (-Wl,-z,relro -Wl,-z,now)
  • dmesg_restrict enabled (avoid leaking kernel addresses)
  • kptr_restrict enabled (avoid leaking kernel addresses)

According to Oberheide, in his most recent analysis of the security of Android 4.1 and the above implementations Google has made:

While Android is still playing a bit of catch-up, other mobile platforms are moving ahead with more innovative exploit mitigation techniques, such as the in-kernel ASLR present in Apple’s iOS 6. One could claim that iOS is being proactive with such techniques, but in reality, they’re simply being reactive to the type of exploits that typically target the iOS platform. However, Apple does deserve credit for raising the barrier up to the point of kernel exploitation by employing effective userspace mitigations such NX, ASLR, and mandatory code signing. Thankfully, Android is getting there, and Jelly Bean is a major step towards that goal.

It would seem that Google continues to move forward with their embrace of higher security for Android, but let us hope that their increased security does not come at the cost of reduced control and access for the development community, which in large part has contributed to the success of Android.

To read more about ASLR and mobile security check out Oberheide’s article.


_________
Want something on the XDA Portal? Send us a tip!
TAGS:
GermainZ · Jan 30, 2015 at 09:29 pm · no comments

Send Links to Any Nearby Device with CaastMe

There already are many solutions on the Google Play store if you want to send a link to one of your devices -- but what if you wanted to do it quickly without having to install any software or logging in to a website on the recipient end? Most apps require you to do either or both, which can be a hassle (or even a security risk) in some cases. Luckily, XDA Forum Member wyemun has developed CaastMe. Inspired by...

XDA NEWS
Mario Tomás Serrafero · Jan 30, 2015 at 03:39 pm · 3 comments

The Witcher Battle Arena: Hectic Multiplayer MOBA Fun

Do you like MOBAs? Do you like gaming on your phone? Given that MOBAs (multi player battle arenas) have amassed millions upon millions of players, there's a chance you play LoL or DOTA. And here at XDA we love phones, and we spend a lot of time on them, so if you were to like gaming outside of smartphones you probably like some on them too. I personally like neither, and I simply download the latest 3D games to see the progression...

XDA NEWS
Mario Tomás Serrafero · Jan 30, 2015 at 01:37 pm · no comments

LG G4 Could Feature a… 3K Display?

According to myLGphones, a version of the LG G4 will not feature neither a 2K nor a 4K display - but 3K. If you are anything like me, your reaction to this news will be confusion. While we don't have many details about the sources of this leak, it has apparently been confirmed true by a poster at hardare.fr that gave some more details on model names for each version of the upcoming LG flagship. However, these leaks don't point towards all G4...

XDA NEWS