Great Moto G Stylus deal on Amazon!

Jelly Bean beefs up Android security

By
13comments
Android Software updates
Jelly Bean beefs up Android security
One of the number one knocks on Android has continuously been with its security troubles. The slow updates mean that security updates don't get pushed out to devices, and there have been a few cases of "malware" popping up in the Play Store. Of course, how much of a threat those apps have posed depends on how you define "malware". Still, Google has put in a pretty solid bump in security with Android 4.1 Jelly Bean.

According to the changelog we saw yesterday, the only mention of a security update was that "device encryption" has been made "more reliable". But, some digging by Duo Security has also been looking into the new support for ASLR, which is address space layout randomization. ASLR randomizes the memory locations for most of the data structures in Android. This randomization makes it far more difficult for hackers because it randomizes where potentially malicious code would be written. This combines with Android's existing data execution prevention to make it extremely difficult to load malicious code in Jelly Bean. 

ASLR isn't exactly new to Android, as it did exist in ICS, but the problem was that in ICS the support didn't really use the "randomization" part of ASLR. Without the randomization, it's easy to know where code will be deployed, making for much more effective malicious code. Jelly Bean is the first Android update to support full ASLR. Of course, iOS has implemented full ASLR since iOS 4.3, but we haven't seen a proper comparison between iOS 5 and ICS or Jelly Bean security, so it's hard to make a statement as to which is better. The last comparison we saw pitted iOS 5 against Gingerbread, which makes sense given each is the largest version on the market, but not quite fair as far as what Android offers now. 

Recommended Stories

Loading Comments...

Popular stories

T-Mobile is now going to dictate where you can use its 5G internet
T-Mobile is now going to dictate where you can use its 5G internet
Samsung's killer Galaxy Watch 6 Classic trade-in deal comes just in time for Mother's Day
Samsung's killer Galaxy Watch 6 Classic trade-in deal comes just in time for Mother's Day
Apple signals the imminent release of the iPad Air (2024) and iPad Pro (2024)
Apple signals the imminent release of the iPad Air (2024) and iPad Pro (2024)
The speedy iPad Mini 2021 is even sweeter than usual after a lovely discount on Amazon
The speedy iPad Mini 2021 is even sweeter than usual after a lovely discount on Amazon
Apple Watch X render shows new magnetic band mechanism that could lead to longer battery life
Apple Watch X render shows new magnetic band mechanism that could lead to longer battery life
Text message from AT&T about a free device offer may look like a scam or spam but it is legitimate
Text message from AT&T about a free device offer may look like a scam or spam but it is legitimate

Latest News

T-Mobile confirms major 5G network upgrades in Louisiana
T-Mobile confirms major 5G network upgrades in Louisiana
Apple needs a $250 iPhone to boost sales but it doesn't want to make "stripped-down, lousy products"
Apple needs a $250 iPhone to boost sales but it doesn't want to make "stripped-down, lousy products"
Grab the smaller-sized Galaxy Watch 6 at bargain prices through Amazon's deal
Grab the smaller-sized Galaxy Watch 6 at bargain prices through Amazon's deal
Galaxy S21 and S22 owners facing green line issue will get free screen replacement in one country
Galaxy S21 and S22 owners facing green line issue will get free screen replacement in one country
AT&T's first kid-friendly tablet is here with a fun design and great price
AT&T's first kid-friendly tablet is here with a fun design and great price
LeBron James may have leaked Apple's next big Beats product
LeBron James may have leaked Apple's next big Beats product
FCC OKs Cingular\'s purchase of AT&T Wireless