Simply Security - News, Views, and Opinions from Trend Micro

Posted on August 28th, 2012 in Current News by Simply Security | Be the first to comment | Tags: Current News

Mobile technology is still trying to find its footing despite having been around for the better part of the last two decades.

Mobile technology is still trying to find its footing despite having been around for the better part of the last two decades. It continues to evolve, depending on the needs of consumers and the whims of developers, taking on new importance in everyday life. They have established themselves as part of home and office, play and work activities, and they are one of the best ways all of our personal information can be taken from us in one fell swoop.

Hackers have favored the weak data security measures of Android phones for some time. Last year the number of attacks on the operating system increased by over 150 percent according to Juniper Networks' Mobile Threat Report. Since mobile application stores allow people to create and share content limitlessly and consumers aren't as wary when it comes to smartphone technology safety, it's much easier for hackers to sneak in and take whatever data they can get their hands on.

Google has been busy over the last few years, however, hiring hackers of its own to try and find data security flaws and then fix them, barring outsiders from maliciously exploiting them later. They've outfitted the newest version of the Android operating system, 4.1 Jelly Bean, to be stronger than any of its predecessors.

A public problem

The app store for Android is one of the operating system's best features for open sharing and program creation, but it's also the worst in terms of data protection. People don't pay attention to the permissions a program requests or the developer of the software they're downloading, and the next thing they know their accounts are hacked or their service is denied. Some apps now track users to determine where the are at all times, making it the ultimate stalking device according to PC World.

The Nielson study found that these attacks are getting more advanced as malicious attempts become more diversified and start using newer technology to combat data protection practices. Researchers reported that some programs were being written in such a way that standard security measures wouldn't even recognize them, while other attacks relied on automation to remain relentless in their number of attempts, regardless of the level of success. Malware is also doing a better job of seeming legitimate, both in terms of programs willingly downloaded onto users' devices and those that embed themselves after a certain page is accessed or attachment opened. In these cases, safe browsing and phone use alone may not be enough anymore to battle these attacks successfully.

Fixing the holes

Taking all that into account, Google developed a whole new waying of creating and storing files for its newest operating system. Jelly Bean uses address space layout randomization, Ars Technica reported, a process that breaks up files and stores them in different places for every device. This heightened form of data protection uses a complex algorithm that sorts and resorts all the individual parts of every file created and saved before placing these bits into various parts of the memory cache. By hiding the identity of every file and always storing the different parts in random areas of the memory cache, hackers cannot track different data types reliably in any Android phone once Jelly Bean is implemented.

Jon Oberheide reported in PC Magazine that the newest version of the Android OS seems to have fixed previous issues present in Ice Cream Sandwich and updated its ASLR process to incorporate all files within the phone. With these new updates, Jelly Bean looks to be the most secure version of the Android yet to be released, giving hackers and malware a run for their money and consumers new confidence in the brand.