Exploit Mitigations in Android Jelly Bean 4.1
Here’s an update on the ASLR capabilities as well as cover some of the other improvements in exploit mitigations present in Jelly Bean.
Jon is the co-founder and CTO of Duo Security, responsible for leading product vision and the Duo Labs advanced research team. Before starting Duo, Jon was a self-loathing academic, completing his PhD at the University of Michigan in the realm of cloud security. In a prior life, Jon enjoyed offensive security research and generally hacking the planet. Jon was recently named to Forbes "30 under 30" list for his mobile security hijinks.
Here’s an update on the ASLR capabilities as well as cover some of the other improvements in exploit mitigations present in Jelly Bean.
While Bouncer may be unable to catch sophisticated malware from knowledgeable adversaries currently, we're confident that Google will continue to improve and evolve its capabilities. We've been in touch with the Android security team and will be working with them to address some of the problems we've discovered.
Announcing the public launch of VPN Hunter, which discovers and classifies the virtual private networks (VPNs) & other remote access services of any organization.
Learn more about Android’s Ice Cream Sandwich platform release of Address space layout randomization (ASLR), which can make it more difficult to exploit memory corruption vulnerabilities.
The Fortinet FortiGate series and OpenVPN are now able to be secured using Duo two-factor authentication, bringing best security practices to more remote access logins.