Apple strengthens security with IOS 4.3 ASLR

The findings of some hackers who are involved in the jailbreak IOS has shown that Apple probably has added ASLR to IOS 4.3. The term ASLR stands for Address Space Layout Randomization and ensures that important data are no longer in fixed positions. The use of ASLR makes positions attacks a lot harder due to the difficulty is made to a memory address to locate in an attacks on Return Oriented Programming (ROP) is based on.





In December 2010 Stefan Esser has announced to work for an ASLR implementation for jailbroken iPhones called antid0te. His project was delayed, because there is no universal untethered IOS jailbreak for 4.2.1.The addition of ASLR on IOS means that the resulting devices will be better protected against (will mostly hypothetical) mobile malware. As the jailbreak scene is concerned, means the addition of ASLR it will be difficult to userland use IOS exploits (of which the Spirit and JailbreakMe jailbreak are based on ). This might be an implementation of ASLR comparable to those in Mac OS X, not the full ASLR protection which in theory should offer.