Jelly Bean improves Android defenses says former hacker


Quick! Upgrade your Android smartphones to the latest Android 4.1 Jelly Bean OS.

Security researcher Jon Oberheide said in analysis that the latest version of the Android OS is the very first Google developed operating system to protect you from address space layout randomization also called ASLR.

ASLR is responsible for randomizing the memory locations for the library, heap, stack and other OS data structures of your smartphone.

Charlie Miller, a known smartphone hacker who now works as a consultant for a security firm Accuvant said to Ars Technica, “As long as there’s anything that’s not randomized, then it doesn’t work, because as long as the attackers know something is in the same spot, they can use that to break out of everything else. Jelly bean is going to be the first version of Android that has full ASLR and DEP so it’s going to be pretty difficult to write exploits for that.”

If we compare it to Apple and to their iOS, they have enabled ASLR and DEP for quite some time already.

Android’s Jelly bean OS provides randomization so it will make hackers’ lives more miserable as this makes it harder for them to exploit the system.

Have you upgraded to Jelly Bean then?

Image Source: