×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Android Jelly Bean Much Harder To Hack

Soulskill posted about 2 years ago | from the also-not-as-tasty dept.

Android 184

New submitter SternisheFan tips this quote from an article at Ars: "The latest release of Google's Android mobile operating system has finally been properly fortified with an industry-standard defense. It's designed to protect end users against hack attacks that install malware on handsets. In an analysis published Monday, security researcher Jon Oberheide said Android version 4.1, aka Jelly Bean, is the first version of the Google-developed OS to properly implement a protection known as address space layout randomization. ASLR, as it's more often referred to, randomizes the memory locations for the library, stack, heap, and most other OS data structures. As a result, hackers who exploit memory corruption bugs that inevitably crop up in complex pieces of code are unable to know in advance where their malicious payloads will be loaded. When combined with a separate defense known as data execution prevention, ASLR can effectively neutralize such attacks."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

184 comments

How stupid they think hackers are? (0, Troll)

Jellys (2685709) | about 2 years ago | (#40668695)

I have been doing game hacks (trainers and multiplayer hacks) on Windows for over a decade. Windows - or it's compilers - have always had data and code location randomization. As a result we don't rely on specific code addresses but make our code universally working anywhere.

One popular method of establishing this is to rely on fingerprints. Instead of hard coding addresses, you provide fingerprint that finds the right place first. Lets say you have a specific code. Then your fingerprint might be as follows:

90 32 ?? ?? ?? ?? 30 ?? ?? ?? 90 90 90 90 ?? ?? 32 40 4B ??

Then you will run thru the code searching for such piece of code. Anything can be in place of ??, such as other addresses. Sure, you can't hard code anymore.. but your code will be much better after adding this kind of function because then it will also work between all versions of software, even if updates.

So basically Google is adding something that other OSes have had for decades and making a huge noise about it, while it actually establishes nothing and even forces hackers to deliver better code. It seems like Google does not know at all what they're doing with their OS.

Re:How stupid they think hackers are? (5, Interesting)

The MAZZTer (911996) | about 2 years ago | (#40668731)

Game hacks are different from hacking a device where you DON'T already have root access. Typically with game hacks you are tweaking the existing behavior of an app and you have full write access to its memory to do so. With hacking a device or app you DON'T have this access, you need to get creative and exploit bugs in the app to write to memory you wouldn't normally be able to.

One example of an attack ASLR may be effective against is a stack smash. Without ASLR, if I run a program in a specific way and say, load a data file of my choosing, I may be able to assume it will get loaded into the same place in memory every time. So I can record that address, and then I can use a buffer overflow attack (perhaps using a field loaded from the same data file) to write to my stack and place the address on there. The OS then thinks my data file should be run next as code and then I can do whatever I want with the permissions of the current app.

With ASLR the location of my data file may change each run, so I can no longer hardcode an address, so now I either have to find some way to get code in a place in memory that doesn't move or find some other avenue of attack and give up on the stack smash.

(I don't do this sort of stuff so I might have gotten some details wrong but I think that's the gist of it.)

Re:How stupid they think hackers are? (1, Insightful)

girlintraining (1395911) | about 2 years ago | (#40668865)

Randomization doesn't make the attack impossible; It simply reduces the number of times it works to some fraction of the original. It's like using a salt on a crypto function: It increases the number of times the attack needs to be performed before it'll work. Although the locations in memory are random, there have to be API calls and such to pull those locations. If your bootstrap code calls those APIs... eventually it'll hit the right offset and your code will run in its entirety, you'll get the locations you need, and the payload can be delivered.

This is security through obscurity; It is not going to stop the attack, it'll just mean they need to do it N times before it's more likely than not to complete.

When you're writing malware, you don't have to get 100% of your target... 5% is valuable too. Or even 1%.

Re:How stupid they think hackers are? (-1)

Anonymous Coward | about 2 years ago | (#40668907)

Go make me a sandwich and get back to sucking my cock, bitch.

Re:How stupid they think hackers are? (-1)

Anonymous Coward | about 2 years ago | (#40668947)

So, you like it when dudes give you blow jobs?

Re:How stupid they think hackers are? (-1)

Anonymous Coward | about 2 years ago | (#40669027)

Nice way of talking to your mother...

Re:How stupid they think hackers are? (-1)

Anonymous Coward | about 2 years ago | (#40668939)

This is security through obscurity

It is so funny to read the tripe that you idiots parrot pretending that you actually know what you are talking about. Do you have anything other than bald assertions to back your shit up? No? Yep, I'm definitely on Slashdot today.

Re:How stupid they think hackers are? (1)

afidel (530433) | about 2 years ago | (#40668957)

On 32bit processors ASLR is rather pointless IMHO and since AMRv7 (all current chips) is 32bit logical you're not going to to gain much if any real protection.

Re:How stupid they think hackers are? (1)

Anonymous Coward | about 2 years ago | (#40668993)

Well considering ASLR was first implemented on 32 bit systems like OpenBSD, Windows, Linux, etc. I'd say that the people that fucking invented it know a little more than you do.

Re:How stupid they think hackers are? (0, Informative)

Anonymous Coward | about 2 years ago | (#40669089)

I think you're confusing ASLR with NX / W^X.

W^X came out first, at least in popular OSs. In fact, ASLR is even worse with W^X on x86-32, because X86-32 does W^X using a simple address space segmentation, halving the space available for ASLR.

ASLR isn't useless on x86-32, just not as effective as some people think. Because of W^X, you've halved your address space.
You lose a bunch with kernel/user space segmentation. Libraries usually have to be loaded at page boundaries, so divide by, say, 4096. The number of possible locations is actually quite small in the grand scheme of things. For a massive distributed attack you're definitely going to randomly succeed a significant number of attempts, especially if you get more than one shot at any one target.

You forget that unlike Windows, OpenBSD and Linux were 64-bit capable for like a decade. ASLR made sense because those OSs already ran on 64-bit hardware.

Re:How stupid they think hackers are? (5, Informative)

Anonymous Coward | about 2 years ago | (#40669001)

Bullet-proof vests are security through obscurity! They're not going to stop the attack, it just means etc.

The point of ASLR is that shitty code that got pwned by buffer overflow 100 times out of 100 now will be pwned one time out of (pow(8, sizeof(void*))/RANDOMIZATION_STEP).

If randomization can place it at any 4k page in 32 bit space, you get 1/1048576 probability malicious code works. With 16 bit steps for ASLR, you get 1/65536. Sure can be bruteforced, but that's not very applicable to client applications, especially considering the app will most likely crash every time you guess wrong.

Re:How stupid they think hackers are? (4, Interesting)

cheater512 (783349) | about 2 years ago | (#40669131)

Usually stack exploits only get a few bytes worth of executable code before everything will crash. Buffers aren't infinite in size.
If the attacker has 100 bytes worth of code that will be executed, in that space he needs to find where the rest of his code is in memory. Its difficult to find it with ASLR while staying inside your code budget.

Re:How stupid they think hackers are? (2)

Dahamma (304068) | about 2 years ago | (#40669365)

And if the stack is read-only you basically get 1 instruction, the address for a return/jump/etc. And every time you fail you (most likely) crash.

Re:How stupid they think hackers are? (4, Interesting)

Dahamma (304068) | about 2 years ago | (#40669331)

This is security through obscurity; It is not going to stop the attack, it'll just mean they need to do it N times before it's more likely than not to complete.

With that definition you could also define any encryption algorithm as "security through obscurity". If N is large enough it really doesn't matter in practice.

And ASLR + data execution prevention + read only code pages makes it a LOT harder just to run any "bootstrap" code you might write to search for randomly assigned addresses in the first place - if you can't execute the heap or stack, you mostly likely need to trick the processor into jumping to some existing code that can do something more interesting for you, and if you jump to the wrong location in random memory don't expect to get another chance on that run.

It not only greatly reduces the chances of very clever malware from succeeding, it greatly reduces the pool of capable hackers who can even try...

Re:How stupid they think hackers are? (-1, Flamebait)

Anonymous Coward | about 2 years ago | (#40668735)

So basically Google is adding something that other OSes have had for decades and making a huge noise about it

Are you retarded? Do you know how to read an article? The ASLR has been there since ICS and Google isn't the one making a deal out of it as it's actually Jon Oberheide who is bringing it up. By the way, you wouldn't make a pimple on Oberheide's ass as far as security goes you fucking script kiddy faggot.

Re:How stupid they think hackers are? (5, Informative)

The MAZZTer (911996) | about 2 years ago | (#40668743)

One more thing: the fallacy you've accidentally found yourself in, where you're comparing hacking while already having root access to hacking a device where you have minimal access (with the goal of getting root access) is rather common [google.com].

Re:How stupid they think hackers are? (1)

bad_fx (493443) | about 2 years ago | (#40668789)

I really wish I had some mod points for you.

Re:How stupid they think hackers are? (2)

jeffb (2.718) (1189693) | about 2 years ago | (#40668855)

I really wish I hadn't run off the edge of my trackpad and accidentally modded GP "redundant", forcing me to post this and undo all my mods in the thread.

AGAIN.

Re:How stupid they think hackers are? (0)

Anonymous Coward | about 2 years ago | (#40668757)

So it would be better NOT to have this?

Having a lock won't deter every thief, but it sure does keep out the casual criminal.

And I haven't seen Google make some huge presentation out of having it, either, just a couple of obscure-to-the-general-population (that description actually includes /. btw) sites talking about it.

Get ... over ... yourself.

Re:How stupid they think hackers are? (0)

Anonymous Coward | about 2 years ago | (#40668833)

Google's not making any noise about this, it's someone else. RTFA.

Re:How stupid they think hackers are? (2, Flamebait)

noh8rz5 (2674523) | about 2 years ago | (#40668849)

tfs:

memory corruption bugs that inevitably crop up in complex pieces of software

"it's not our fault, it's inevitable! the software is complex, so there's no way to code it properly to prevent obvious holes you can drive a bus thru!" -googdevs

Re:How stupid they think hackers are? (-1)

Anonymous Coward | about 2 years ago | (#40668869)

Are you fucking stupid? I guess all of the developers on every project in the entire world falls under your little umbrella. BTW, how many accounts are you going to make you shill piece of shit?

Re:How stupid they think hackers are? (1)

Anonymous Coward | about 2 years ago | (#40668853)

derp-dee-derp-dee-doo!

jackass

Re:How stupid they think hackers are? (5, Informative)

Anonymous Coward | about 2 years ago | (#40668859)

> Windows - or it's compilers - have always had data and code location randomization

False. ASLR was added in Windows Vista

> One popular method of establishing this is to rely on fingerprints.

Unapplicable to ASLR.

> Google is adding something that other OSes have had for decades and making a huge noise about it

False. a) Most OSes got it in late 2000's, b) ASLR is in Android since ICS and it's just a tick in feature list, not "huge noise"

Fresh account, single post, praising Windows and bashing Google in the same minute as article with a huge lacking in facts department. Yup, it's another sockpuppet troll. Hope the idiots modding you up get their due from metamods.

Re:How stupid they think hackers are? (0)

Anonymous Coward | about 2 years ago | (#40668953)

Fresh account, single post, praising Windows and bashing Google in the same minute as article with a huge lacking in facts department. Yup, it's another sockpuppet troll. Hope the idiots modding you up get their due from metamods.

Thank you so fucking much. The blatant shilling by waggoner-edstrom and burnstmueller sock puppets is what is destroying this once awesome website. WAKE THE FUCK UP GEEK.NET! Taco save us!!!

Re:How stupid they think hackers are? (0)

Anonymous Coward | about 2 years ago | (#40669713)

Yeah dude.. That must be why Android is so "popular" here. .. no wonder Android manufacturers signed up with them. Good call !

Re:How stupid they think hackers are? (0)

Anonymous Coward | about 2 years ago | (#40669087)

Why was OP marked troll? Dude may be wrong, but this was a better post than frist.

Re:How stupid they think hackers are? (1)

kelemvor4 (1980226) | about 2 years ago | (#40669143)

I have been doing game hacks (trainers and multiplayer hacks) on Windows for over a decade. Windows - or it's compilers - have always had data and code location randomization. As a result we don't rely on specific code addresses but make our code universally working anywhere. One popular method of establishing this is to rely on fingerprints. Instead of hard coding addresses, you provide fingerprint that finds the right place first. Lets say you have a specific code. Then your fingerprint might be as follows: 90 32 ?? ?? ?? ?? 30 ?? ?? ?? 90 90 90 90 ?? ?? 32 40 4B ?? Then you will run thru the code searching for such piece of code. Anything can be in place of ??, such as other addresses. Sure, you can't hard code anymore.. but your code will be much better after adding this kind of function because then it will also work between all versions of software, even if updates. So basically Google is adding something that other OSes have had for decades and making a huge noise about it, while it actually establishes nothing and even forces hackers to deliver better code. It seems like Google does not know at all what they're doing with their OS.

How did this get modded troll? Someone on google's android team must have a slashdot account...

Re:How stupid they think hackers are? (0)

Anonymous Coward | about 2 years ago | (#40669205)

Let me give you some highlights.

> Windows - or it's compilers - have always had data and code location randomization.

> Implies ASLR is about preventing already executing malicious code to find something, not about cutting down possibilities for malicious code execution

> So basically Google is adding something that other OSes have had for decades and making a huge noise about it, while it actually establishes nothing and even forces hackers to deliver better code. It seems like Google does not know at all what they're doing with their OS

Yep, knowledgeable and not troll. And you're a smart person successfully outing a Google conspiracy, and your mom is slim, beautiful and doesn't engage in sexual promiscuity. You shouldn't consider suicide, because you're valuable to humanity's gene pool.

Re:How stupid they think hackers are? (0)

Anonymous Coward | about 2 years ago | (#40669309)

LMAO! You are fucking clueless.

Re:How stupid they think hackers are? (0)

Anonymous Coward | about 2 years ago | (#40669903)

The stupid is strong with you.

AKA (-1)

Anonymous Coward | about 2 years ago | (#40668717)

This is called Gentoo Hardened on my box.

+1 headline (4, Funny)

Smallpond (221300) | about 2 years ago | (#40668725)

Android Jelly Bean Much Harder To Hack

I can't wait to show this headline to my non-computer-type friends and watch their heads explode.

The Jelly Bean Luxury (0)

Anonymous Coward | about 2 years ago | (#40668747)

who cares....who has 4.1?

Re:The Jelly Bean Luxury (0)

Anonymous Coward | about 2 years ago | (#40668783)

who cares....who has 4.1?

Hey troll. Owners of the Galaxy Nexus and the Nexus 7 do. And just as Gingerbread filtered down, so will Jelly Bean and its successors as people buy devices.

Re:The Jelly Bean Luxury (0)

noh8rz5 (2674523) | about 2 years ago | (#40668871)

And just as Gingerbread filtered down

Yes, just as it took 3 years to get 2.3 on >50% of devices, we can expect jellybean on a majority by 2016!

Re:The Jelly Bean Luxury (0)

Anonymous Coward | about 2 years ago | (#40668905)

Why are you worried about it? Every comment by this noh8rz$ account has been disparaging Google and their products. You started at noh8rz months and months ago and as the accounts get modded down into oblivion, you just start another one. Now for the real people on here, one of the best deals going right now is the Galaxy Nexus for 349 dollars direct from Google with...ding ding ding...JellyBean. Now h8 on that, chump.

Re:The Jelly Bean Luxury (2)

SomePgmr (2021234) | about 2 years ago | (#40669255)

I'm risking getting a little trollish myself, but I was just joking about this particular issue in an earlier story.

Aside from the reference models, very slow roll-outs and platform fragmentation in the Android ecosystem is, I think, a real and irritating problem. I think that's fair for us to talk about it, if only because I'd like to see manufacturers and carriers do a better job.

Re:The Jelly Bean Luxury (1)

Anonymous Coward | about 2 years ago | (#40669439)

It's mostly a problem for developers as they can't just use nice new features without cutting a huge chunk of user base or coding in feature detection, lazy loading and fallbacks.

Average users don't care for it much as long as they get their Angry Birds and Facebook. Manufacturers don't care for it much as long as users don't care for it much.

If users were leaving brands and platform in droves because lack of updates made their phone useless (for example, because most popular apps require latest OS features), we wouldn't be seeing this. As it is now, most Play Store apps require 2.2, which means users don't care for OS update, which in turn means manufacturers have no incentive to provide updates, which in turn means developers write everything for 2.2, which means users don't care ...

It's the same kind of problem as with IE holding back web developers, or half a decade old consoles and Windows XP's DirectX 9 holding back PC game developers. If you look around, the same circular patternt of "Good enough, so consumers won't upgrade and producers won't move on because consumers won't upgrade" is everywhere, IRL and in software.

Re:The Jelly Bean Luxury (0)

Anonymous Coward | about 2 years ago | (#40668787)

Got it today on my nexus in Australia with Telstra

Re:The Jelly Bean Luxury (0)

Anonymous Coward | about 2 years ago | (#40668819)

Galaxy Nexus that is.

Re:The Jelly Bean Luxury (1)

niftydude (1745144) | about 2 years ago | (#40669671)

I do. My phone is an original Samsung Galaxy S i9000 released in 2010.

Runs a treat. Got it from here [xda-developers.com].

unix permissions? (1)

lister king of smeg (2481612) | about 2 years ago | (#40668749)

here is an idea why not just use unix permission built into linux? give me sudo privileges by default so i don't have to hack it, and let me worry about the security.

Re:unix permissions? (1)

oakgrove (845019) | about 2 years ago | (#40668775)

There's a device [google.com] for that.

Re:unix permissions? (2)

lister king of smeg (2481612) | about 2 years ago | (#40668867)

not really it has a unlocked boot loader which is great but i still don't have sudo privileges and i don't have fine grained permission on a user group read write execute level. not to mention SELinux security which would be great. ideally i would be able to give each app its own permissions to every resource. dose this app get contacts read permission? i say nope it doesn't even know there is a contacts list. does it see my 3g Internet and use it to serve me ads and cost me minutes or toward my date cap? nope wifi only for it. or no Internet privileges for any that don't need it. does this app get to see all of my photo's nope only the ones in this folder.
          do most people need this probably not (but then again they really do need this but they wouldn't know how to take advantage of it and would brick their phone by taking away their own screen privileges) so just set it up like ubuntu does for permissions you hide it all behind a few menus maybe a sudo command and let me have complete control of my devise.

Re:unix permissions? (0)

Anonymous Coward | about 2 years ago | (#40668923)

It is a PHONE. Not a fucking workstation. Every process on Android is run under a different user respecting the permission system built into the Linux kernel. Trying to turn your phone into a desktop is pointless. Just use the desktop when you need to go that far with it. And if you really want to use your phone, install Linux in a chroot and go to town with sudo.

Re:unix permissions? (3, Insightful)

lister king of smeg (2481612) | about 2 years ago | (#40669079)

It is a PHONE. Not a fucking workstation.

yes it is a phone but why take out functionality that is already built in.

Every process on Android is run under a different user respecting the permission system built into the Linux kernel.

yes and they have every permission they want not the permissions i want them to have.

Trying to turn your phone into a desktop is pointless.

its not pointless. i want a secure device. and apps that can't steal my data.

Just use the desktop when you need to go that far with it

do you have a desktop you can fit in you pants pocket with a capacitive touch screen, 3g blue tooth and wifi connections, a battery life measured in days and telephony stack?

And if you really want to use your phone, install Linux in a chroot and go to town with sudo.

android already has linux on it its just broken

Re:unix permissions? (2)

vistapwns (1103935) | about 2 years ago | (#40668785)

What? Exploiting a flaw in a vulnerable web browser on a mobile device has little to do with standard Unix/Linux permissions. The malware inserted into the browser will run with the privileges of the browser, which is more than enough to cause a lot of grief. Even if the browser is sand boxed, the malware can steal any data put into the browser such as credit card #s or email/banking logins. It's very useful to make this as hard as possible.

Re:unix permissions? (1)

lister king of smeg (2481612) | about 2 years ago | (#40668997)

no but the issue it security of the devise. patching a memory leak on a browser is like putting bars on all of the windows of your house but leaving the garage door wide open. First shut the gurage door in this case give me control over permissions to my devices so i can control what apps can send home as it is every apps has permissions to everything they can think of wifi, cellular connection, contacts, microphone, etc etc etc. why would joe hacker bother trying to exploit a memory leak when he can just get them to install super free pony coloring game and own the users whole digital life and sell all of their information while serving them adds. or make them buy the add free version of his information stealing pony coloring app. if we had descent permission we could stop super pony free app from phoning home our stolen information.

I love when people try and counter hackers (4, Interesting)

GoodNewsJimDotCom (2244874) | about 2 years ago | (#40668755)

From my experience with hackers, if you say your platform is more challenging to hack, it attracts more hackers to try and hack it. Never taunt happy fun hackers.

Obfuscating your security is okay, but obfuscating the fact you have a bunch of anti-hacks in place seems even better.

I've been looking into anti hacker theory ever since Starcraft 1 maphackers ruined ladder.

Re:I love when people try and counter hackers (0)

Anonymous Coward | about 2 years ago | (#40668797)

So you're saying the platform is safer without ASLR. Well, damn, why didn't MS think of that before they put it into Windows all those years ago. Who'da thunk it...making your system more secure makes it less safe. By the way, how you been doing after the accident? I heard you hit your head awfully hard (it shows).

Re:I love when people try and counter hackers (-1)

Anonymous Coward | about 2 years ago | (#40668937)

Since you didn't grasp what GoodNewsJimDotCom was saying, here's a hand:

obfuscate verb
\äb-f-skt; äb-fs-kt, b-\
obfuscatedobfuscating

Definition of OBFUSCATE

transitive verb
1 a : darken
      b : to make obscure
2: confuse

http://www.merriam-webster.com/dictionary/obfuscate

In idiot's terms: By making this press release, Google taunted hackers. They even told hackers what new security measures they've implemented. This means intelligent hackers will find new vectors of attack, instead of wasting time on a secured beach-head. Google should have implemented the new security measures discretely.

Re:I love when people try and counter hackers (0, Funny)

Anonymous Coward | about 2 years ago | (#40668977)

You fucking IDIOT. This is not a Google press release you fucking retard. This is some security researcher tooting his horn and talking about what Google did months and months ago in Ice Cream Sandwich. Yes, ASLR was implemented in ICS you fucking moron. Nice shill attempt though.

Re:I love when people try and counter hackers (1, Funny)

Anonymous Coward | about 2 years ago | (#40668801)

I was with you right up to your sig where you revealed you've suffered repeated mental breakdowns.

Re:I love when people try and counter hackers (3, Funny)

mjwx (966435) | about 2 years ago | (#40669837)

From my experience with hackers, if you say your platform is more challenging to hack, it attracts more hackers to try and hack it. Never taunt happy fun hackers.
 

Thats why all hackers target Linux/Unix and leave windows alone, because we all know Windows is nowhere near as secure (or can be as secured) as Linux. Therefore according to your theory, because windows is easy to hack it does not attract hackers.

oh wait...

Re:I love when people try and counter hackers (0)

GoodNewsJimDotCom (2244874) | about 2 years ago | (#40669919)

Your logic does not pertain to my argument.
I merely say that you should be secure, and not boast about being secure.
You're talking about a strawman where easy to hack systems are hacked more. Of course easy to hack systems are going to be hacked more. My argument wasn't arguing against that.

I just say that the minute you start boasting about your security, you draw more people in to try and hack it. Unless you're a sicko ready to pursue an arms race to "Hacker Armageddon", you never boast about your device or code being unhackable.

4.2 Jelly Baby (4, Funny)

Ukab the Great (87152) | about 2 years ago | (#40668759)

Will be hackable with a sonic screwdriver.

Re:4.2 Jelly Baby (-1)

Anonymous Coward | about 2 years ago | (#40668841)

No, you little bitch, we're talking about an Operating System not your gaping asshole.

How does this compare to the competition? (-1, Troll)

sapphire wyvern (1153271) | about 2 years ago | (#40668799)

So, Google has now implemented ASLR in Android. According to Wikipedia, it's been in iOS since 4.3, which came out March 2011, so that's what, a 16 month head start for Apple? Gosh, it's nice to know that Google has _finally_ caught up to such an old standard for mobile OS security! (Can I mod the article Troll?)

That said, I know that desktop Windows and OS-X have both had some kind of ASLR implementation since 2007, which is indeed quite some time ago. Wikipedia suggests that OS-X's ASLR implementation was pretty weak sauce up until 10.7, though.

Apparently Linux kernels have had some weak ASLR protection since 2.6.12. Would this provide any useful protection to Android at all, or does the Dalvik Java-esque stack not benefit from the layout randomisation provided by the kernel?

I can't find any information on whether BlackBerry's OS(s) and Windows Phone implement ASLR at all. Does anyone know?

Re:How does this compare to the competition? (-1)

Anonymous Coward | about 2 years ago | (#40668815)

So, Google has now implemented ASLR in Android. According to Wikipedia, it's been in iOS since 4.3

ZOMFGBBQ!!!111 The iPhone Hads it first... Steve-gasm...

Fuck off and die as you are what is wrong with tech blog comments today.

Re:How does this compare to the competition? (0, Informative)

Anonymous Coward | about 2 years ago | (#40669125)

It's been in Android since 4.0 (Ice Cream Sandwich), which was released in mid-2011.

"Gasp! Does this mean a Slashdot summary might be incorrect?! Perish the fucking thought!"

Re:How does this compare to the competition? (0)

Anonymous Coward | about 2 years ago | (#40669295)

If you are curious about security, and which OS was first, perhaps you should look at OpenBSD and Linux (or, to be more specific, grsecurity, SELinux, AppArmor, TOMOYO, etc). If you wish to dig further, there's always MULTICS.

Re:How does this compare to the competition? (2)

buddyglass (925859) | about 2 years ago | (#40669297)

So, Google has now implemented ASLR in Android. According to Wikipedia, it's been in iOS since 4.3, which came out March 2011, so that's what, a 16 month head start for Apple?

On the other hand, the first iPhone came out in the U.S. on June 29, 2007 and the first Android phone on October 22, 2008, so Google introduced the tech into its line of phones at about the same delta-relative-to-initial-release as Apple. As you note, Apple had a head start.

ASLR is a good thing but... (4, Interesting)

lennier (44736) | about 2 years ago | (#40668825)

Address space layout randomisation sounds like a good idea, long overdue, and I'm glad it's slowly being rolled out.

That said - I think it's an extremely sad reflection on the state of software engineering that we simply accept that "memory corruption bugs in complex pieces of code are inevitable".

Memory corruption has such far-reaching consequences - causing the failure of pretty much every assumption of guarantee that it simply shouldn't be possible, let alone inevitable, in any industrial-strength language. We don't accept that, say, integer addition should sometimes randomly fail - although that used to happen back in the days of vacuum tubes. But we found and fixed the problem, and now our hardware is (relatively) trustworthy - yet our software is worse than ever. That we just shrug and accept memory corruption as normal - with an entire ecosystem of cybercrime and cyberwarfare created because of it - and don't seem to even think about why it might be, and how to fix the issue, but just keep slapping half-thought-out bandaid after bandaid is shameful to our profession.

(Insert image of Edsger Dijkstra surveying our burnt-out CloudPad 2.0 PHP/C++/Javascript cyberjungle with a single tear.)

Re:ASLR is a good thing but... (1)

Jeremi (14640) | about 2 years ago | (#40669019)

Isn't the impossibility of memory corruption supposed to be one of the benefits of Java (and other managed-code languages too of course)?

Re:ASLR is a good thing but... (0)

Anonymous Coward | about 2 years ago | (#40669441)

Managed languages still have memory corruption exploits even though they try to protect against them.

The problem with computer security is that the more secure you make your code, the worse it will perform because it will be running sanity checks instead of doing the work you want it to ultimately accomplish. As computer hardware gets faster, security is becoming much more affordable in terms of performance, but people still tend to care more about performance than security. In another 20 years even our mobile devices should have such extraordinary performance that will allow software security to flourish without hindering perceived performance.

Re:ASLR is a good thing but... (4, Insightful)

phantomfive (622387) | about 2 years ago | (#40669103)

Do you have a solution? Because I really want to know it. Really, writing software is something I do for a living.

Re:ASLR is a good thing but... (0)

Anonymous Coward | about 2 years ago | (#40669259)

use a language that treats pointers as opaque immutable objects

tada!

Re:ASLR is a good thing but... (1)

Drishmung (458368) | about 2 years ago | (#40669881)

use a language that treats pointers as opaque immutable objects

tada!

That helps, but using hardware that treats them that way [wikipedia.org] is better.

Or running in a sandbox that enforces descriptor protocols.

For the TL;DR, the link describes an architecture---still in use and now implemented on x86 processors---where buffer overflow is impossible.

Re:ASLR is a good thing but... (1)

DNS-and-BIND (461968) | about 2 years ago | (#40669171)

It's because we don't have professional standards for software engineers the same way as we have for other types of engineers. Software is still in the "bridge collapse" phase. At one time, anyone could build a bridge. You know what happened? A lot of them fell down, and that was just considered normal. Eventually, society got fed up with that crap and made standards, with jail time for violators.

I've tried suggesting that software should be held to the same standards - oh, you should have seen the looks I got. It would be TOO EXPENSIVE, they screamed. It would TAKE FOREVER, they whined. It wouldn't crash, I replied. Who cares about that shit anyway, they scoffed. We're here to do low-quality work at the lowest price...you think we're building this software to last?

Re:ASLR is a good thing but... (1)

Anonymous Coward | about 2 years ago | (#40669431)

I've tried suggesting that software should be held to the same standards - oh, you should have seen the looks I got.

I've worked with gizmos built for an industry where by law the software has to follow a complex development and testing process with a stack of paperwork six miles high to prove that it's certified for use. The end result is bugs don't get fixed because the manufacturers can't afford to rerun the certification process. Worse than that, even when the bugs do get fixed, end-users don't want to install the new software because they've learned to work around the old bugs and don't want to have to deal with new ones.

You end up with everyone trying to implement workarounds for other people's bugs and a lot of 'secret' knowledge around the industry; I say to a manufacturer 'I sent this message to your Gizmo X and it crashed' and they say 'yes, don't do that because if you do that it crashes'.

It's insane. And anyone who suggests that all software should be developed that way is a retard.

Re:ASLR is a good thing but... (1)

Drishmung (458368) | about 2 years ago | (#40669927)

And not all hardware followed GP's model either.

I remember a TV show about how the Russians built the Proton rockets. Instead of modeling, testing, checking and being safety conscious, they built the rocket, tested it---and it blew up. So they did it again. And it blew up, again. So they did it again. And again. And again. Until it worked. Net result was a booster more powerful than the Saturn V (AFAIK). Quite a different mode of working.

Along the way they also learned that their observation bunkers were too close to the rocket and not as blast proof as they had hoped. I'm not saying that this is necessarily the best way of working, just that there are other ways to do things if your values are somewhat different.

Good start (0)

Anonymous Coward | about 2 years ago | (#40668835)

Now just make it harder for the malware installed by the carriers and manufacturers, and you might have something.

Re:Good start (-1)

Anonymous Coward | about 2 years ago | (#40668877)

Hey, numbnuts, go here [google.com] and buy one of these [google.com]. Problem fucking solved, numbnuts. Now don't you feel all better?

Dedication (0)

Anonymous Coward | about 2 years ago | (#40668843)

ASLR won't stop everyone.

Re:Dedication (-1)

Anonymous Coward | about 2 years ago | (#40668881)

Duh, you fucking retard it won't stop everyone. That's why a microliter of your breath is in every Android download. To keep the hackers away.

Can't WAIT to get my Nexus 7 (0)

Anonymous Coward | about 2 years ago | (#40668887)

This shitty Kindle Fire is going to hand-me-down city and my iPad is getting nervous. Everything I hear about the Nexus 7 and Jelly bean has me extremely excited!

This doesn't affect the most important issues (0)

johndoe42 (179131) | about 2 years ago | (#40668945)

It seems like the big vulneraibilites in mobile platforms these days involve apps doing things they shouldn't. Android is, for the most part, way ahead of Apple in terms of technical mitigations. Android sandboxes apps with explicit permission grants. Apple just vets them, incompletely. iOS also seems vulnerable to odd things, like this [macstories.net]. Apparently executing unsigned code on iOS, if you can pull it off, sidesteps part of the sandbox. Android is based on the assumption that any app can execute unsigned code and it still tries to be secure.

In practice (1)

dutchwhizzman (817898) | about 2 years ago | (#40669651)

Apple is further than Android. Sure, the app has to ask for permission, but whom does it ask? The end user. The end user is asked to agree to *bunch of things* to get his new app that he just chose out of a gazillion other apps. At that point in time, the end user is determined to get the app on his/her device and is willing to agree to anything because they already decided they want the app. In practice, those explicit permission grants mean nothing because for all practical purposes, over 50% of end users would probably agree to donate their first born child to the developer of the app without even blinking if that was in the click-screen with the grants.

Also, the unique UID per application and the unix filesystem permissions for all apps are usually worthless. Developers tend to set permissions of all their files to 777, which means world readable and executable. That way, they won't get any pesky permission denied errors. That other apps can read and write in their files doesn't matter to them, until someone "hacks" their application they aren't going to change it and Google Play sure isn't going to deny them for it, because Google has no commercial interest in denying apps that aren't malicious but just stupidly bad protected.

No, this is not an Apple Fanboi comment, but a reflection on the state of security android is in at the moment. These two factors combined make Android a total laugh when it comes to security, even if the rest of the framework is getting fairly decent, the end result is abysmal and you should consider any and all data on an average users android phone to be compromised.

Re:In practice (0)

Anonymous Coward | about 2 years ago | (#40669933)

You've never actually used Android have you?

Oberheide not so positive on Android Bouncer (2)

chebucto (992517) | about 2 years ago | (#40668955)

A quick look at Oberheide's site shows a talk from a week ago at Summer Con detailing problems with Google's 'Bouncer' system, designed to detect malicious apps before they enter the Android Market:

http://jon.oberheide.org/blog/2012/06/21/dissecting-the-android-bouncer/ [oberheide.org]

http://jon.oberheide.org/files/summercon12-bouncer.pdf [oberheide.org]

The executive summary:

Bouncer doesn't have to be perfect to
be useful
â-- It will catch crappy malware
â-- It won't catch sophisticated malware
â-- Same as AV, IDS,
â-- How much does Bouncer raise the
bar?
â-- Currently: not much
â-- Future: hopefully more?

Re:Oberheide not so positive on Android Bouncer (-1)

Anonymous Coward | about 2 years ago | (#40668985)

Really moron? That's your post? Some copypasta from some random dude on the internet. Fucking idiot clueless Slashdot posters.

Re:Oberheide not so positive on Android Bouncer (0)

Anonymous Coward | about 2 years ago | (#40669151)

Look, fundamentally you have two choices.

1) Software is not reviewed by humans before it enters your app market. Result: you get malware in your app market.

2) Software is reviewed and possibly rejected by humans before it enters your app market. Result: all apps are delayed into the market, apps are rejected for arbitrary, non-malware reasons by assholes, and oh yeah, you still get malware in your app market but maybe a little less of it.

What's going on here? (4, Insightful)

93 Escort Wagon (326346) | about 2 years ago | (#40669167)

I'm reading through this thread, and the standard response made by anyone who disagrees with a post is to either call them a moron, idiot, motherfucker, or to insinuate they are gay.

How about this? If you guys think that a post is inaccurate or simplistic - consider responding and explaining why the post is wrong. If you can't do that, then maybe your level of understanding on this topic is lower than you think it is.

I mean, come on. I realize this is Slashdot, and there are always a few people like that hanging around - but this story seems to be attracting an inordinate number of guys that have nothing to offer but anger and venom.

Re:What's going on here? (0)

Anonymous Coward | about 2 years ago | (#40669195)

I'm pretty sure that's just one overactive AC. He's got the same typing patterns in every post and everything.

I wonder which of us he will call "numbnutz" first?

Re:What's going on here? (-1)

Anonymous Coward | about 2 years ago | (#40669307)

Shut the fuck up, faggot. Why don't you and your girlfriend 93 escort wagon jump in the back of said wagon and drive it off a cliff?

Re:What's going on here? (2)

raftpeople (844215) | about 2 years ago | (#40669557)

Thank you kind sir for that excellent recommendation. However, I am embarrassed to admit that I don't understand how they could be sitting in the back seat while also driving the vehicle over a cliff.

Could you perhaps provide a sketch of your plan so we can better understand?

Re:What's going on here? (0)

Anonymous Coward | about 2 years ago | (#40669655)

Please don't feed the trolls.

Re:What's going on here? (0)

Anonymous Coward | about 2 years ago | (#40669573)

numbnutz

Simple Minded Question (2)

NicknamesAreStupid (1040118) | about 2 years ago | (#40669201)

What ever happened to processors designed to keep data and code execution spaces separate? It was done in the 1980s on processors with far far fewer gates. While it made application design a bit more 'thoughtful', I don't remember any designers complaining about it. Maybe I'm old fashioned, but aren't buffer/stack overruns/underruns a hardware architectural issue? If so, then why don't they fix the hardware?

Re:Simple Minded Question (1)

Anonymous Coward | about 2 years ago | (#40669319)

typed registers are more useful for this problem. harvard machines use two memory interfaces, which preclude any multiplexing gains
in both bandwidth and capacity.

i guess you could divide the address space, but the X bit does that perfectly well.

Re:Simple Minded Question (3, Informative)

wiredlogic (135348) | about 2 years ago | (#40669421)

Harvard architecture parts are still around but largely confined to microcontrollers and the simpler DSPs at this point. The separation doesn't fix the software problem of buffer over/underruns. It just means you can't easily spill over into a code segment and do nasty things as a byproduct of that. You can still do dirty things in the data segment, though.

Re:Simple Minded Question (0)

Anonymous Coward | about 2 years ago | (#40669569)

Pure Harvard Architecture doesn't work too well in real life. There are often Modified Harvard Architecture to provide access across the memory space.
Sometimes the OS so need to treat code as data too. e.g. OS load in code from a file system into RAM.

Inept programming (1)

Animats (122034) | about 2 years ago | (#40669275)

memory corruption bugs that inevitably crop up in complex pieces of code...

Well, if they didn't use an OS written in C, or they used a static verifier, they wouldn't have that problem.

Address space randomization only protects against inept attackers. If the attacker can get anything running at a low privilege level, and there's an overflow exploit that lets them look into the address space they're attacking, they can find whatever is being moved around.

Address space randomization at best turns attacks into system crashes.

As long as they dont make it impossible to root. (1)

detain (687995) | about 2 years ago | (#40669469)

I'm all for additional security in all areas, but if they at some point remove the ability to root android phones then they will start to loose some of their appeal. Many cell carriers lock down important functionality in the android platform and its a slap in googles face giving clients crimpled versions of their platform and thus incomplete impressions on just how cool android is. Security should still take priority over worrying about whether or not people can root the device, but I'm hoping for the best of both worlds.

Still not fixed (0)

Anonymous Coward | about 2 years ago | (#40669603)

This is not the problem with Android. The problem is those 5/5 star apps with "WOW Super I like this a lot" comments for several pages for malware. And the fact that devs are not pushed to explain why they need this and that phone feature (and obviously no control from Google).

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...