Android 4.1 (Jelly Bean) was announced on June 27, 2012 at the Google I/O conference. With Jelly Bean, Google aims to revamp Android after the underwhelming Honeycomb (version 3.0) and the moderate success and reach of Android 4.0 (Ice Cream Sandwich). Jelly Bean claims to be the most secure Android version yet and this post will discuss some of its noteworthy security features.
The version was released on July 9, 2012. However, at present, the limited release is restricted to a few devices only. A majority of devices have yet to see version 4.0 and there is a likelihood that Jelly Bean will never even reach Indian shores. Nevertheless, we would like to tell our readers about the security enhancements in Jelly Bean.
Complete system ASLR
ASLR stands for Address Space Layout Randomization and this is a process that completely randomizes the mapping locations of crucial memory structures. As a result, attackers are unable to predict the location where their payloads end up so their exploits lose potency. Odds of these exploits working go from ‘1 in 2’ to about ‘1 in 1000’, a huge difference. Consequentially, memory corruption attacks and hacking exploits are impossible over Android 4.1.
No ‘Read-Logs’ permission
Google has removed the READ_LOGS permission that some Android apps previously required. This permission allowed apps to read low-level system files but now it does not exist anymore. This is good news since it implies that an application cannot gain root access to the phone’s system. Moreover, the lack of this permission prevents apps from seeing the data and info that other apps possess. This enhances the confidentiality and the privacy of the user.
Message on lockscreen
In the previous versions, if an individual wished to return a lost device there was no way to contact the owner if the phone had a lockscreen enabled. A password was required to bypass this security layer, but in Jelly Bean a preset message or number is displayed on the lockscreen. This gives the individual the necessary details to return the phone to its rightful owner, if they choose to do so.
Unfortunately, Jelly Bean is only available on Google Nexus phones and the Google Nexus 7 tablet as of now. So it will be a while before a majority of people get to enjoy these security features. However, we are pretty impressed with the improvements that Android is working on since it is the most vulnerable mobile OS in the market. Quick Heal Mobile Security adds a further layer for protection to your device with impeccable features like remote wiping, call blocking etc. that work in tandem with these features.