By Richi Jennings. August 19, 2010.
What on Earth is Intel up to? Why would a chipmaker buy a huge security company? Don't expect anyone from either firm to tell us the real reason Intel bought McAfee. I've added 2+2, so read on and I'll tell you what I think its plans are, in The Long View...
$7.68 billion is a lot of cash. For what? So it can give the industry "a paradigm shift" and "a fundamentally new approach" for "an increasingly ... connected world"?
Blah blah blah. Snore.
Of course, I didn't expect much more than meaningless, paint-by-numbers platitudes out of DeWalt and Otellini; not this early in the game. Hey, they wouldn't want to give their competitors too much of a clue what they're planning, would they?
So how could this combination possibly make sense? Here's my take...
These days, protecting computers from malware is extraordinarily hard. Long-gone are the days when a daily AV signature update would prevent all ills.
No matter how clever the malware detection, it's still fundamentally running on top of a operating system platform that can't be trusted. Whether it's Windows, Mac OS, or Linux, malware detection is still only software, which can be defeated with enough cleverness; for example, rootkits, bootkits, and VMBRs.
In theory, a better way to be sure of detecting known malicious code or malicious behavior in unknown code is to do the detection in hardware. What if a future Intel CPU or chipset had malware detection built into the hardware?
With some fairly lightweight additions, an Intel-based motherboard could fingerprint patterns of behavior and send them for analysis to a central service, without recourse to the operating system. If malicious intent were detected, the service would respond with a suggested action, such as displaying a warning video overlay, disconnection from the network, or even an emergency shutdown.
This would probably require an all-Intel CPU+chipset solution on the motherboard, which would handily lock out chipset competitors, such as NVIDIA. Unless FTC regulation requires Intel to license such technology, of course.
Anyway, may you live in interesting times, as the Chinese curse goes. This acquisition could well be a curse on Symantec, Sophos, Trend Micro and the rest. Not to mention Microsoft's increasingly-sorrowful security business.
Insightful idea or fanciful garbage? Leave a comment below...
|Richi Jennings is an independent analyst/consultant, specializing in blogging, email, and security. A cross-functional IT geek since 1985, you can follow him as @richi on Twitter, pretend to be richij's friend on Facebook, or just use good old email: TLV@richij.com.|