Posts Tagged ‘malware’

This blog has been moved. Please click to open the post in

This blog has been moved. Please click to open the post in

Android Powered Devices have virtual machine in which apps run is one of the huge advantage. Android has been using Dalvik Virtual Machine which make use of JIT (Just-In-Time) Compiler since first version of it. Now it is the decision by Google to include a new runtime in Android 4.4 KitKat known as Android RunTime (ART) which make use of Ahead-Of-Time (AOT) Compilation that promises to make your device faster and your battery last longer ..

Android Virtual Machine : Dalvik vs ART

Android Virtual Machine : Dalvik vs ART

Before we jump into this brand new VM, and why it’s turned off by default, let’s make sure everyone understands what we’re talking about ..

Virtual Machine

Virtual Machines are not physical machines but as a software makes possible to run other machines in a your physical machine. For example consider you having a Windows Machine (Assume as it is the only physical machine you are having with you) and if you want to use a Linux or a Mac System, then Virtual Machine paves the way to running a Linux machine or Mac Machine in your Windows Machine ..


One of the advantages is the physical separation of each environment in which all the apps (including viruses, malware, and even crashed apps) are all kept apart from your main OS ..

And the next thing is the ability to run programs written for one architecture on a box that runs something different. For example, the ability to run programs compiled to run on an ARM-based CPU when your computer is running an Intel-based processor ..

Android and VM

In order to target different many devices like Tablet, Smartphones, PC, TV, Watch and other gadgets running Android on different hardware architecture, Android uses a specialized virtual machine to run their apps ..

The concept lies here. Developers write code and we download those from the Play Store or some other source. This code is mostly uncompiled. When you use those, it gets comipled to target(in otherwords ‘according to’) the type of device we are having ..

Dalvik (JIT Compilation)

Usually Android uses Dalvik Virtual Machine to compile and run. The concept of Dalvik lies here. Dalvik VM uses JIT (Just-In-Time) Comiplation, which means the downloaded and installed app remains uncompiled untill it’s first launch. And when it is launched first time, it gets compiled just in that time and loaded into RAM (main memory) and hence the name Just-In-Time Compilation. This whole process repeats again when the app/os gets restarted ..

ART (AOT Compilation)

Now Android 4.4 KitKat includes a new runtime call “Android runtime”, ART. Unlike JIT, which must compile every app everytime whenever it’s loaded, ART works on a concept called ahead-of-time (AOT) compilation. The Concept lies here. When you download and install an app it automatically pre-compiles. This takes up more space on your device and takes longer to initially install when compared to Dalvik. However, apps launch quicker and are arguably faster when run using ART rather than Dalvik. What’s more, since less time is required to run apps, your processor doesn’t get worked as hard and your battery life may benefit as a result ..

ART is not set Default

ART is currently very experimental. Not every app works properly in ART, and if you already installed all your apps under Dalvik, you’ll need to reboot and wait up to 20 minutes (less if you have fewer apps, more if you’ve got a bunch) for that first boot to complete. You see, it’s got to pre-compile all of them so they’re ready for you. For all of those reasons, ART is disabled by default ..


As based on reports from various sources, it is approximated as follows

  1. 50% – 100% increase in speed
  2. 25% increase in battery life

AOT compilation is the future, and ART is the way Google is going to get us there. This is just the first little step toward a much more lofty goal. Perhaps ART will be the standard runtime in Android 5.0 ..

For further more information visit here ..

The Bluebox Labs, which is a security research team has recently traced a hole in Android’s current security model via which the hackers can easily modify the APK code without harming the cryptographic signature. The vulnerability by San Francisco’s Bluebox Security is basically a discrepancy in how an Android application is cryptographically verified and installed, which allows APK code modification without even breaking the cryptographic signature ..

Android apps are basically packaged as APK and signed via an encryption key in order to prevent the malware from making any changes to the code. These Signed applications are designed to empower the system to detect any sort of meddling or alteration ..

However, using the recently discovered vulnerability, a hacker can make the system believe that the changes in the application are still legal ..

A representative of the company was quoted by Appleinsider as saying, “A device affected by this exploit could do anything in the realm of computer malice, including become a part of a botnet, eavesdrop with the microphone, export your data to a third party, encrypt your data and hold it hostage, use your device as a stepping stone to another network, attack your connected PC, send premium SMS messages, perform a DDoS attack against a target, or wipe your device,” ..

Since when?

The said hole has been there right since the release of the very first dessert version Android 1.6 “Donut,” which means that the flaw was in the install base of all the Android versions including Eclair, Froyo, Gingerbread, Honeycomb, Ice Cream Sandwich and Jelly Bean ..

What will can it do to your device?

Once the malware passed the Android’s app-signing model, it can easily obtain complete access to the Android system and all the data and other applications installed in the device like the email, SMS messages, documents, etc. and retrieve all stored account and service passwords. Later, the application can also overtake the usual functionality of your device like making phone calls, sending text messages and turn on the camera and record your calls ..

Reported to Google?

Yes, the BlueBox has already reported the bug to Google previously in February but it was left to the device manufacturers if they wanted to release a firmware update to curb this. Apparently, Samsung has already released a patch for its latest flagship Samsung Galaxy S4 ..