>the iPhone has much stricter (DEP-style) page protections than OSX
Not sure relative to OSX (or why that relates to Android), however note that Android makes just as heavy of a use of the ARM's NX bit. Gruber recently subtly implied that Android was more reckless about security -- in a blurb about Android 2.2s V8 JIT engine for JavaScript, Gruber offhandedly mentioned that iOS "couldn't" perform such optimization because it barred executable segements -- implying that it didn't have NX-type uses, and he was simply blindly wrong.
And clearly it isn't quite so universal in iOS. This demonstration makes that amply clear.
RPW and Vince from Zynamics wrote a compiler that transforms the REIL intermediate form Zynamics BinDiff/BinNavi tools generate into synthesized stack frames that continually return through fragments of legitimate basic blocks in signed executable iOS code; I believe they're working with fully general programs built in that form, which is to traditional computer programs what Voltron is to Johnny 5.
Which is to say that the cat is thoroughly out of the bag here. All I can point out is, it's not like Apple is totally slacking on the iPhone.
Not sure relative to OSX (or why that relates to Android), however note that Android makes just as heavy of a use of the ARM's NX bit. Gruber recently subtly implied that Android was more reckless about security -- in a blurb about Android 2.2s V8 JIT engine for JavaScript, Gruber offhandedly mentioned that iOS "couldn't" perform such optimization because it barred executable segements -- implying that it didn't have NX-type uses, and he was simply blindly wrong.
And clearly it isn't quite so universal in iOS. This demonstration makes that amply clear.