ASLR security coming to jailbroken iPhones with Antid0te
In an effort to make your iPhone more secure, security analyst and jailbreak developer Stefan Esser is releasing Antid0te on December 14th. Address Space Layout Randomization (ASLR) is a security technique which involves randomly arranging the positions of key data areas. This usually includes rearranging the base of the executable and position of libraries, heap, and stack, in a process' address space. This makes it difficult for someone trying to execute shellcode injection on the stack by requiring them to have to first find the stack. Many of the most popular and sophisticated Operating Systems already use ASLR, including Windows, Linux, and Mac OSX (10.5+).
Just how secure is your iPhone? Earlier this year at the Pwn2own hacking competition the winners of the event, Vincenzo Iozzo and Ralf Weinmann, took home first place for hacking an iPhone 3GS and downloading all its stored SMS messages in only 20 seconds. This past summer, jailbreak developer Comex used a PDF exploit that allowed an integer overflow in IOSurface.framework to get root access and privilege.
While Comex used this exploit to jailbreak the device and install Cydia, someone more malicious could have used the same exploit to steal personal data and download it remotely. Jay Freeman, also known as the jailbreak developer and Cydia creator Saurik, released a patch to plug this exploit weeks before Apple released their patch leaving millions vulnerable to a known and dangerous security risk for an extended period of time.
Although some would want you to believe otherwise, jailbreaking a device does not in and of itself make a device less secure. It merely uses existing security holes to give root access and privileges in order to allow the user to make desired changes, including patching security holes and making the device more secure than a jailed and stock iPhone. Like Saurik, Esser believes that iOS does have serious security limitations and that Antid0te will go a long way in resolving some of them.
Is Apple doing enough to make our devices secure? Would you jailbreak for a more secure iPhone? Let us know by leaving a comment below!