The problems which were pointed out are good ones, and they should be fixed. Fortunately, they are easy to fix.<p>In the grand scheme of things, though, this isn't as bad as it seems, since the vast majority of Android applications run in the Dalvik JVM. Hence the amount of code that is subject to weaknesses that could be exploited by the attacker to cause a jump into the non-randomized dynamic loader (for example) are much smaller.<p>Of course, there could still be bugs in native code applications, libraries, and system executables, so the ALSR should definitely be improved. Again, fortunately, this should be relatively easy to do.
So how does the ASLR work with images optimized to be loaded at specific address? (-fPIC all of them?)<p>I was under the impression that if you have two or more instances of the same .so/.dll/.dylibs in different processes, and they end up using different virtual addresses then they can't share the same code page. Maybe I'm behind times...