The most popular mobile operating system of the moment, Android managed to adjudicate an overwhelming number of users, who are attracted by the variety of terminals on which it runs. When it comes to security specialists assessments, things are quite the opposite.
Jelly Bean, which was launched recently introduced a method of effective protection to protect memory called address space layout randomization. Known to users of Windows since Vista, or OS X from Snow Leopard, ASLR to run all the libraries, drivers and processes to memory addresses that change randomly each boot, which prevents buffer overflow attacks. Furthermore, it is combined with a classic partner, Data Execution Prevention declaration allowing the executable memory areas and providing better protection together.
Jelly Bean offers a complete implementation for both ASLR and DEP, the first version of Android that is up to actual safety standards.
Rival IOS offers both technologies since version 4.3, which however does not made him immune to attacks such as those used for operations of jailbreak. Neither Android probably will not be completely immune, but ASLR and DEP attacks complicate the problem and requires more intensive and labor work, reducing the chances of a direct attack from the outside.
No comments:
Post a Comment