antid0te Will Harden the iPhone Against Malware
A German security analyst is about to unveil a new jailbreaking process that will make iPhones much more secure. Stefan Esser, a security consultant and application developer for SektionEins, has found a way to support Address Space Layout Randomization (ASLR) in iOS, and has developed a new jailbreak tool - to be called antid0te
- to implement it, making iPhones much more resistant to malware attacks. The tool will be announced at a security conference next week and should be available soon thereafter.
ASLR works by randomly assigning data to memory to make it tougher for attackers to figure out the location of critical operating system functions, greatly increasing the difficulty of designing reliable exploits. ASLR was built into Windows Vista over three years ago, and is supported in Windows Phone 7, as well as (to a limited extent) in Mac OS X. However, it isn't present at all on iOS, instead Apple relies on Data Execution Protection sandboxing to make iPhones resistant to attack. This is kind of like welding your car doors shut as an anti-theft measure: sure, the car will be harder to steal, but it will also be a lot less useful. Jailbreaking defeats sandbox protection in order to allow you to load the software you want, but at the same time a layer of Apple's brittle defense is removed, allowing worms like Ikee
to access protected memory. The absence of robust security like ASLR in iOS allowed security researchers at this year's Pwn2Own hacking contest to break into a stock iPhone
and hijack the entire SMS database, including deleted messages, in about 20 seconds.
Esser will be presenting antid0te at the Power of Community security conference in Korea on December 14th. "With ASLR," the conference notes
explain, "an exploit mitigation is added that is not available in factory iPhones and makes exploitation more difficult." And according to Esser, he's going to continue to work on further hardening the iPhone: "more mitigations and a full reactivation of the codesigning protection are planed [sic] for the next months."
Source: The Register