All those tasty marshmallows protected by burly Android seem locked in a safe and indeed have reason to feel safe, because the latest version of the robot has not only brought new macroscopic but also the invisible but no less important, changes safety.
In fact, Google has implemented a security system known as A dress Space Layout Randomization (ASLR), which randomizes the memory location of libraries, stack, heap, and most of the OS data structures, thus making it very difficult for a hypothetical attacker exploit the inherent memory corruption bug.
Charlie Miller of Ars Technica explains it:
As long as there is something non-randomized, then the ASLR does not work, because if the attacker knows for sure that something is in a specific location, it can use to get to anything else. Jelly Bean will be the first version of Android to have full support for ASLR and DEP, so it will be rather difficult to write exploits against it.
All right for us androids short, pity only that this technique IOS implements it already for 16 months, reflecting the fact that the path of the robot is far from done and accomplished.
Post a Comment