What to Make of Intel Buying McAfee

James Senior posted on his Twitter account:

“oh dear lord no. why intel, why? http://ow.ly/2s2dm reminds me of when Intel got into the hosting business. http://ow.ly/2s2fT

James is referencing an article posted by the BBC on the recent news of Intel’s takeover of McAfee for 7.68 Billion. While I agree with James on Intel’s foray into hosting – of course hindsight is 20/20 – I disagree with his position on this particular deal and here’s why.

Despite the rapid growth over the last 15 years of PC’s, viruses are still problematic. Despite continual efforts at training the masses, viruses still are far too prevalent. Additionally the methods for exploitation continue to spread and evolve faster than the education can keep up with.  For example, by now, the vast majority – save your grandmother – knows not to open executables sent via email (largely this practice is blocked at the email level anyway).  A smaller, but still growing population have learned to not open attachments from people you don’t know. And yet viruses at times runs rampant.

The virus landscape has largely changed with a more sophisticated modern day virus writer.  He/she is no longer malicious in their intent to infect your computer but instead often plant malware to consume and distribute private information on your computer. Certainly dangerous viruses still exist, but there’s less money in that.

Given that education can’t keep up (or thus far hasn’t proven to be able to keep up) with the changing exploits and security software saturation is still less than 100%, I see the move by Intel as a positive one. Imagine virus protection at the chip level. The virus uses the chip and it’s processing to do it’s damage. If the chip can refuse access to the virus, the virus is rendered ineffective.

In an environment with increasing questions/concerns about security threats, a chip maker who can offer it’s customers virus protection has a significant advantage over it’s competitors.  Additionally, every computer has a CPU and saturation into the market would be swift as computers with this technology would be introduced into the market as people replaced their old PC’s.

In an interesting twist to this story, I could see Microsoft having interest in this particular marriage. Largely portrayed by many as insecure, a chip with protection renders the discussion about OS security potentially moot. Whether Microsoft would admit to it or not, it has skin in this game.

Overall, I think Intel’s choice is a strategic one and might prove be a great one. After over two decades of security software, software hasn’t been the answer. That doesn’t mean software couldn’t be the answer, however history has thus far shown software as a weak solution.  It’s time for a game-changer. This could be the road to that much needed change.

Time will tell…


Posted 08-19-2010 3:39 PM by Tim Barcz
Filed under: ,

[Advertisement]

Comments

Neal Blomfield wrote re: What to Make of Intel Buying McAfee
on 08-19-2010 9:15 PM

How can you make AV on a chip work when most AV systems built in software still don't work to the level required to make virii a thing of the past?

Patrick wrote re: What to Make of Intel Buying McAfee
on 08-20-2010 9:08 AM

One would think people know not to open executable files.  As much as I have drilled it into the users, someone will click an attachment because it looks like it came from someone they know and they were in a hurry so did not stop to think.  I just had to get onto someone for that.

So as long as people don't think, virii will spread.

Joe wrote re: What to Make of Intel Buying McAfee
on 08-20-2010 9:28 AM

The concept of implementing comprehensive AV at the chip level is not workable.

Software AV systems are periodically updated with virus signature data.  The same would be required of any silicon based AV.  This means that only the generic part of the AV could be put on chip.  The same cycle of catching up with the latest virus would still be present.  No gain over software based AV.

Tichaona Dhliwayo wrote re: What to Make of Intel Buying McAfee
on 08-20-2010 9:54 AM

"Imagine virus protection at the chip level. The virus uses the chip and it’s processing to do it’s damage. If the chip can refuse access to the virus, the virus is rendered ineffective."

...em how exactly would the processor do this as Joe wrote virus signature data would still be required the same old catch up game. In my view the AV would still work exactly the same resulting in exactly the same problems we have today.

Tichaona Dhliwayo wrote re: What to Make of Intel Buying McAfee
on 08-20-2010 9:58 AM

"Imagine virus protection at the chip level. The virus uses the chip and it’s processing to do it’s damage. If the chip can refuse access to the virus, the virus is rendered ineffective."

...em how exactly would the processor do this as Joe wrote virus signature data would still be required the same old catch up game. In my view the AV would still work exactly the same resulting in exactly the same problems we have today.

Eric wrote re: What to Make of Intel Buying McAfee
on 08-20-2010 10:16 AM

Virus protection on a chip is a stupid idea.  It is possible, on the other hand, to make architectures more secure, but what does McAfee know about that?!

GWAdmin wrote re: What to Make of Intel Buying McAfee
on 08-20-2010 10:34 AM

I think that the only reason intel bought McAfee is so they can have entrance to a market where they have no experience. And to get more $$$. And what the heck is virii? I always thought it was viruses...

Hard wrote re: What to Make of Intel Buying McAfee
on 08-20-2010 11:13 AM

I would think this is leading to secondary processors that can give a boost to OS-installed antivirus. This could work where the chip-level would work in tandem with av software installed on the OS. However, it needs to be open where AV software from Symantec/Microsoft/Trend Micro or whichever vendor will be able to plug into the new Intel AV processor. I'm scared, though, that this will end up forcing McAfee software to be installed on the OS to supplement it. I can't say many would be crazy about being forced to use McAfee's (or that of any one vendor's) software  on their OS. The hardware should not dictate the ISV software vendor used. Freedom of choice should be maintained otherwise Intel may see a stronger migration over to AMD.

ghSea wrote re: What to Make of Intel Buying McAfee
on 08-20-2010 11:18 AM

Do you think Intell bought McAfee because they lack antivirus technology or their engineers can't figure it out? Did Coca Cola buy Minute Maid so they could learn how to squeeze oranges and change their formula? This is a business deal, not a technology deal.

And virii is not a word, despite the wiki link; reading that link would show you it's bogus; stop crapping on the english language.

technogeist wrote re: What to Make of Intel Buying McAfee
on 08-20-2010 12:24 PM

I just wonder how they would disarm a future infection at the hypervisor level.

Tim Barcz wrote re: What to Make of Intel Buying McAfee
on 08-20-2010 12:52 PM

Certainly there would be a software component and virus definitions would need to updated. I think many of you are missing the point in that even though it would require updates, you'd get a much better saturation of virus software.

I think too many of are accepting the status quo...the world is flat, you can't put a man on the moon, etc - all obviously debunked even though it was widely accepted at the time.

I can bet you that Intel and McAfee aren't sitting idly by and accepting the current solutions as good enough.

Mike wrote re: What to Make of Intel Buying McAfee
on 08-20-2010 1:17 PM

When Microsoft tried to lock down the kernel to help prevent badstuff from getting into the OS (AKA Defense in depth) to make Windows safer to use, the antivirus folks threatened Microsoft with "antitrust" action claiming that they (the antivirus folks) couldn't ensure that the OS was safe if they couldn't get into the kernel to verify it.

So Microsoft ended up backing down and leaving hooks to the Kernel (leaving Windows more vulnerable) so that the AV folks wouldn't whine.

I don't see AV on a chip being all that successful, I think Intel has another approach in mind, one where the OEMs get a bigger discount on intel chips if they preinstall McAfee.

Andrew wrote re: What to Make of Intel Buying McAfee
on 08-20-2010 2:00 PM

Great--so the same technology McAfee uses to slow your computer to a crawl will now be integrated into chips.  This is a win for who?

Stan wrote re: What to Make of Intel Buying McAfee
on 08-20-2010 3:32 PM

My company designes, developes and implements software that detects intrusions, by network analysis of messages, traces, and tracks hackers and cyber-terrorists. Viruses are in effect not the most critical intrusion. Worms, Trojan horses, and the capability to create "zombie" computers, and networks are more critical. These threats would be difficult to implement on a chip, since the network interface would be affected, rather than the CPU! Unless an EPROM type of programmer chip that access the network interface to prevent intrusions the system defaults to an Anti-Virus situation.

Stan wrote re: What to Make of Intel Buying McAfee
on 08-20-2010 3:33 PM

My company designes, developes and implements software that detects intrusions, by network analysis of messages, traces, and tracks hackers and cyber-terrorists. Viruses are in effect not the most critical intrusion. Worms, Trojan horses, and the capability to create "zombie" computers, and networks are more critical. These threats would be difficult to implement on a chip, since the network interface would be affected, rather than the CPU! Unless an EPROM type of programmer chip that access the network interface to prevent intrusions the system defaults to an Anti-Virus situation.

Stan wrote re: What to Make of Intel Buying McAfee
on 08-20-2010 3:34 PM

My company designs, develops and implements software that detects intrusions, by network analysis of messages, traces, and tracks hackers and cyber-terrorists. Viruses are in effect not the most critical intrusion. Worms, Trojan horses, and the capability to create "zombie" computers, and networks are more critical. These threats would be difficult to implement on a chip, since the network interface would be affected, rather than the CPU! Unless an EPROM type of programmer chip that access the network interface to prevent intrusions the system defaults to an Anti-Virus situation.

Adam wrote re: What to Make of Intel Buying McAfee
on 08-20-2010 3:59 PM

Macafee in my experience is one of the worst antivirus packages out there.  If Intel was going to buy a AV company, they could at least buy a good one... It's reminiscent of Intel trying to do graphics processors....

Eswar wrote re: What to Make of Intel Buying McAfee
on 08-20-2010 4:28 PM

Here's the deal. No AV can protect you because of zero day exploits. I had winXP running for about 3 yrs without a single virus infection with no AV ever needed. All AVs do are get you messed up with false positives OR making your PCs slow. I use OS X now for other reasons (7 is not bad either). I don't see the necessity for AVS. All I see is education being might necessary.

Steve wrote re: What to Make of Intel Buying McAfee
on 08-21-2010 8:13 AM

You Obviously never heard of WINTEL,,,

en.wikipedia.org/.../Wintel

technogeist wrote re: What to Make of Intel Buying McAfee
on 08-22-2010 8:30 PM

Windows XP Home edition (pre-service pack 2) was abominable.

Daily, we were having customers return heavily compromised machines. And all because Microsoft delivered the OS in a wide-open (most system services running) that let in the nasties. Firewall not fit for purpose, very easily disabled by malware, partly because of the random order that system services were started up.

Pathetic.

Ferenc Attila wrote re: What to Make of Intel Buying McAfee
on 08-23-2010 3:13 AM

Intel opened a can of worms with this one. Why?

1. As Tichaona and Joe said before, putting the engine of the AV on the chip is no biggie - but taking care of the updates, well, that is a problem. It would still require action on the part of the malware and re-action on the chip / av-maker side. So, a big fat nothing.

2. One could make an educated guess and think that Intel is trying to implement something like DEP on the chip level. Problem is, there are so many ways to get around that! Yes, it is worth a decent try, but I don't really see it going anywhere.

Besides, just think of false positives. Developers are having a hard enough time writing decent code, without having to worry about some bundled instruction set killing their threads on the lowest level possible.

3. Legal issues! Remember what happened to Microsoft when it started including IE into every copy of Windows? It took some years, but now we have the ballot screen - at least in Europe, we do. Now, imagine what could happen when Intel will start shipping millions of CPU's, chipsets, whatnot, all loaded with a nice version of Intel Antivirus :) The other producers of hardware and antimalware would cry bloody murder - and they would have a legal precedent to lean on. Same thing when Microsoft (who I believe is doing a damn fine job, even in the world of candystore Apple-mania), tried to close down the kernel. All the antimalware spooks started protesting. MS backed down. The results are quite obvious. If this idea will die anywhere, it will be in a court of law.

4. Would this feature be free? I mean Intel is already a pretty premium supplier, as far as price/performance go. Would this added feature result in added costs? Would the updates come as free, or subscription based? That would mean a goodly amount of investment for Intel into a field they don't really have much experience in.

5. McAfee? Oh come on - the drama queen of bundled antimalware. Intel could have done better. A whole lot better!

6. Been done before. Remember CIH? The elders of the tribe certainly do. That virus messed up a lot of mainboards and drives. Remember the reaction? Mainboard manufacturers started including TrendMicro and others on the driver disks and some kind of protection on the chip level. Then the idea sort of died on its own. With today's update-the bios-over-the-internet solutions, I wonder when we'll have the same problem again!

7. to STAN: you say that most of us are against progress, world is flat, whatever.  Yes, it is true, most of us are kind of pessimistic about this solution. After enough years of work in the IT&C support business, you adopt a "believe it when I see it working" position. Yes, we are sort of conservative. It also saves money and lotsa grief, both for me and my customers.

fastdude7 wrote re: What to Make of Intel Buying McAfee
on 08-23-2010 7:56 AM

use unix you no0bs

Frank wrote re: What to Make of Intel Buying McAfee
on 08-23-2010 8:02 AM

I think it is a great idea. The hardware must be constructed in a way that the concept of viruses are impossible. Allways wondered why that is not the case.

Ferenc Attila wrote re: What to Make of Intel Buying McAfee
on 08-23-2010 8:44 AM

Frank, and how exactly would you do that? Design a hardware that will execute anything but malware?

Maybe some people do not realize it yet, but there is nothing magical about code. For a CPU the code of a game will pretty much look the same as the code from malware WITH NO real-world way of telling the difference between the two, while not slowing to a crawl.

MehGerbil wrote re: What to Make of Intel Buying McAfee
on 08-23-2010 9:13 AM

If Intel wants to build in chip level protection what could be the possible benefit of buying a bloated software solution?  

I have to agree with the poster who said that they probably want to sell chips at a discount to OEMs that include McAffee only on the systems they sell.

Tim Barcz wrote re: What to Make of Intel Buying McAfee
on 08-23-2010 11:28 AM

@Ferenc,

How is this different than a packet sniffer or intrusion detection system that can sniff out malicious code?  If those systems can work when at their level it's just bits of data coming across a wire - a set of instructions is far more telling than just bits - then how is it not that a CPU could detect these malicious programs somehow?

Ferenc Attila wrote re: What to Make of Intel Buying McAfee
on 08-24-2010 4:49 AM

@Tim, it's not that simple and you damn well know it. Or at least, if you blog about the subject, you should.

Being very close to the bare metal level of the system, you can not do much else then scan everything. Hmm, would anyone care to calculate the bottlenecks and possible problems? Does anyone even remotely remember the KISS principle? Keeping it simple? Obviously not.

Yes, of course, the idea of chip level protection is a nice one. But it has so many caveats to it, that when you really get down to it, it could well be penny wise, pound stupid. Just too many places to go wrong.

Oh, I like what you said - a set of instructions being far more telling than just bits - oh, it is nice indeed. Would you please explain for the general public, how  would you tell the difference with decent reliability between a two sets of instructions that move X data set from A to B? One is legal, the other is malware. Please tell the difference :) Please remember, you have to tell the difference in real time, with more than 95% reliability and less than 2% of false positives. Oh, let's multiply the problem by adding more than one processor, more than one core. Let's add a virtual system too on top of everything. Would your chip defense go through it all, reliably? Or would it create more problems than it protects from? Remember again, we are talking about a McAfee solution - not the best and brightest in any case :D

It is very nice to be feel all warm and fuzzy about such a strategic solution, that would solve pretty much everything :) But it would still have to work, without adding bottlenecks, without adding extra costs, without N+1 other possible problems.

Care to give me an estimate for when we will see this in real life? I wouldn't hold my breath that long :P

dahlya wrote re: What to Make of Intel Buying McAfee
on 09-01-2010 10:47 AM

The detail I find to be the most important here is that McAfee has made my computer consulting side business a small fortune. If only it actually CAUGHT viruses? Intel, what are you thinking?

devlicio.us wrote re: What to Make of Intel Buying McAfee
on 06-01-2011 9:43 AM

What to make of intel buying mcafee.. May I repost it? :)

devlicio.us wrote re: What to Make of Intel Buying McAfee
on 06-03-2011 11:10 AM

What to make of intel buying mcafee.. Bully :)

devlicio.us wrote re: What to Make of Intel Buying McAfee
on 06-05-2011 11:25 AM

What to make of intel buying mcafee.. Peachy :)

t3eq sex video ugtf wrote re: What to Make of Intel Buying McAfee
on 07-02-2011 5:16 PM

What to make of intel buying mcafee.. WTF? :)

Karimu wrote re: What to Make of Intel Buying McAfee
on 11-01-2012 10:04 AM

I would like to thnkx for your efforts you might have set in creanitg this web site. I'm hoping the same high-grade web site submit from you in the upcoming as well. In fact your creative creanitg abilities has inspired me to obtain my own web site now. Truly the running a blog is spreading its wings quickly. Your write up can be a excellent example of it.  0Was this answer helpful?

high pr backlinks wrote re: What to Make of Intel Buying McAfee
on 01-18-2013 4:45 PM

TLHdT8 Very neat post.Really thank you! Really Great.

generic viagra discount wrote re: What to Make of Intel Buying McAfee
on 01-26-2013 9:38 PM

qAmbaU I truly appreciate this article post.Really thank you! Keep writing.

http://bestmedicineonline.info wrote re: What to Make of Intel Buying McAfee
on 02-15-2013 4:09 PM

wKnpmY Very informative post.Really thank you! Will read on...

buy imitrex generic wrote re: What to Make of Intel Buying McAfee
on 02-24-2013 3:11 PM

fV3LqR Thank you ever so for you blog.Thanks Again. Cool.

http://1buyviagrahere.com/ wrote re: What to Make of Intel Buying McAfee
on 03-02-2013 10:44 AM

RKz1VK Great, thanks for sharing this article post. Great.

bookmarks wrote re: What to Make of Intel Buying McAfee
on 03-13-2013 4:23 PM

OC62Lf I truly appreciate this blog.Thanks Again. Cool.

bookmaring service wrote re: What to Make of Intel Buying McAfee
on 03-14-2013 10:21 AM

2XXma1 Fantastic article post.Much thanks again. Awesome.

buy social bookmarks wrote re: What to Make of Intel Buying McAfee
on 03-23-2013 6:27 PM

jWnucQ Thanks a lot for the blog article.Thanks Again. Cool.

bears wrote re: What to Make of Intel Buying McAfee
on 04-06-2013 7:42 PM

Thanks for sharing, this is a fantastic blog post.Thanks Again. Keep writing.

social bookmarking service wrote re: What to Make of Intel Buying McAfee
on 04-13-2013 12:53 AM

4HJY30 Thanks a lot for the blog article.Much thanks again. Fantastic.

social bookmarking service wrote re: What to Make of Intel Buying McAfee
on 04-19-2013 9:34 AM

sSYA3a Thanks again for the blog article.Much thanks again. Will read on...

buy social bookmarks wrote re: What to Make of Intel Buying McAfee
on 04-24-2013 5:53 AM

oC32nA This is one awesome article.Much thanks again. Cool.

modular homes upstate NY wrote re: What to Make of Intel Buying McAfee
on 06-05-2013 12:44 AM

3DBWXl Thanks for the blog article.Thanks Again. Want more.

social bookmarks wrote re: What to Make of Intel Buying McAfee
on 06-21-2013 1:39 PM

WybRbG Appreciate you sharing, great blog article. Cool.

news wrote re: What to Make of Intel Buying McAfee
on 07-09-2013 2:34 AM

vqxYdr Great blog.Really looking forward to read more. Cool.

cheap social bookmarks wrote re: What to Make of Intel Buying McAfee
on 07-29-2013 3:38 AM

WirKy8 Awesome post. Really Great.

amazing news wrote re: What to Make of Intel Buying McAfee
on 08-03-2013 10:59 AM

rnBMWP Major thanks for the blog article.Really thank you! Keep writing.

awesome links for you wrote re: What to Make of Intel Buying McAfee
on 08-22-2013 12:17 PM

LMkTOr Hey, thanks for the post.Really thank you! Will read on...

link building wrote re: What to Make of Intel Buying McAfee
on 09-07-2013 11:15 AM

WsTO9t Thanks again for the blog.Really thank you! Really Great.

online business wrote re: What to Make of Intel Buying McAfee
on 09-13-2013 1:07 AM

GrvSZc I am so grateful for your article post.Really thank you! Will read on...

awesome linkbuilding site wrote re: What to Make of Intel Buying McAfee
on 09-30-2013 11:27 PM

UNaEhC Great, thanks for sharing this article post.Much thanks again. Really Cool.

top seo guys wrote re: What to Make of Intel Buying McAfee
on 10-24-2013 11:13 AM

bc1FyP wow, awesome blog.Much thanks again. Cool.

great link building wrote re: What to Make of Intel Buying McAfee
on 11-20-2013 11:34 PM

r42K9e Say, you got a nice article.Much thanks again. Much obliged.

check it out wrote re: What to Make of Intel Buying McAfee
on 01-10-2014 2:13 PM

nnfdE3 Thank you ever so for you article.Really thank you! Awesome.

nice site here wrote re: What to Make of Intel Buying McAfee
on 01-16-2014 2:21 AM

Wpl53Z wow, awesome blog article.Really thank you! Great.

check it out wrote re: What to Make of Intel Buying McAfee
on 01-21-2014 7:20 PM

EluThB I really liked your blog post. Cool.

matt wrote re: What to Make of Intel Buying McAfee
on 03-03-2014 10:57 AM
matt wrote re: What to Make of Intel Buying McAfee
on 03-08-2014 11:49 AM
smashing site wrote re: What to Make of Intel Buying McAfee
on 03-13-2014 12:14 AM

3O1Jq9 Really appreciate you sharing this post.Thanks Again. Keep writing.

check it out wrote re: What to Make of Intel Buying McAfee
on 03-25-2014 9:37 PM

feH8rw Very good blog.Really thank you! Cool.

best money here wrote re: What to Make of Intel Buying McAfee
on 04-04-2014 2:10 PM

RiDSFI Great blog post. Great.

Add a Comment

(required)  
(optional)
(required)  
Remember Me?

About The CodeBetter.Com Blog Network
CodeBetter.Com FAQ

Our Mission

Advertisers should contact Brendan

Subscribe
Google Reader or Homepage

del.icio.us CodeBetter.com Latest Items
Add to My Yahoo!
Subscribe with Bloglines
Subscribe in NewsGator Online
Subscribe with myFeedster
Add to My AOL
Furl CodeBetter.com Latest Items
Subscribe in Rojo

Member Projects
DimeCasts.Net - Derik Whittaker

Friends of Devlicio.us
Red-Gate Tools For SQL and .NET

NDepend

SlickEdit
 
SmartInspect .NET Logging
NGEDIT: ViEmu and Codekana
LiteAccounting.Com
DevExpress
Fixx
NHibernate Profiler
Unfuddle
Balsamiq Mockups
Scrumy
JetBrains - ReSharper
Umbraco
NServiceBus
RavenDb
Web Sequence Diagrams
Ducksboard<-- NEW Friend!

 



Site Copyright © 2007 CodeBetter.Com
Content Copyright Individual Bloggers

 

Community Server (Commercial Edition)