Intel's embedded security strategy faces tech obstacles

Security vendors react to blockbuster deal


Security vendors have welcomed Intel's $7.7bn acquisition of McAfee as confirmation of the importance of security in the future of computing but warned plans to embed security in chips will pose difficult technical challenges and may upset existing partners.

Intel's blockbuster deal follows Symantec’s recent acquisition of PGP, IBM’s purchase of BigFix and most recently HP’s acquisition of application security firm Fortify. Platform vendors are buying security firms while the industry undergoes one of its most rapid phases of consolidation to date.

Pat Clawson, chief of endpoint security provider Lumension, said Intel's arch-rival AMD will need to consider whether it needs to mirror the acquisition, which is likely to send shock waves across the market.

"For the security industry, it makes the top layer of the security stack – such as Symantec – obvious acquisition targets not only for chip manufacturers but also hardware providers, such as mobile device manufacturers," Clawson said. "On the flip side, it could leave a wasteland of security companies as mid-sized security companies see a diminishing number of prospective acquirers."

The chip giant already markets secure virtualisation and secure XML gateway products, so it is not a complete stranger to the security market.

Intel wants to use the McAfee acquisition to make security a pillar of next-generation computing and to embed security in a much greater range of devices - everything from smartphones to TVs and cash machines. Executing this plan will not be without difficulties, security vendors warn.

“There are a lot of things wrong with today's anti-virus model such as tracking the sheer number of potential bad types of software," said Ron Gula, chief exec of Tenable Network Security. "Putting this into hardware may sound promising, but I question how much can be placed into a chip.

“If Intel can move the anti-virus agent into hardware, I'd like some assurances that this can be patched when a security vulnerability is found with it. Anti-virus software is very complex and we often run into customers whose agents are one or two patch levels behind and open to attack. Patching hardware or firmware is much harder than patching software.”

Intel hopes to develop security products for a wide range of devices, including smartphones, cash machines and even cars. Simply re-engineering existing desktop software is not enough, according to one mobile security expert.

"Defending an increasingly device-dominated internet has been used as a key rationalization for the deal – but smart device security is a highly specialized space, talent is scarce, and the combined company will need to substantially beef up its credentials in this area," commented Adrian Turner, chief exec of mobile security firm Mocana, a development partner of Symantec.

"The device-dominated internet will be fundamentally different from the PC security model familiar to both companies. It requires an entirely different philosophical and architectural approach – it can’t just be built on top of existing PC antivirus software," he added.

Rich Mogull of industry analysts Securosis said that Symantec, EMC/RSA, and other security vendors are likely to aggressively fight any integration of security and silicon, forcing Intel to keep the platform open to competitors. ®

Broader topics


Other stories you might like

  • Microsoft fixes under-attack Windows zero-day Follina
    Plus: Intel, AMD react to Hertzbleed data-leaking holes in CPUs

    Patch Tuesday Microsoft claims to have finally fixed the Follina zero-day flaw in Windows as part of its June Patch Tuesday batch, which included security updates to address 55 vulnerabilities.

    Follina, eventually acknowledged by Redmond in a security advisory last month, is the most significant of the bunch as it has already been exploited in the wild.

    Criminals and snoops can abuse the remote code execution (RCE) bug, tracked as CVE-2022-30190, by crafting a file, such as a Word document, so that when opened it calls out to the Microsoft Windows Support Diagnostic Tool, which is then exploited to run malicious code, such spyware and ransomware. Disabling macros in, say, Word won't stop this from happening.

    Continue reading
  • Intel freezes hiring for PC chip team, cites 'macroeconomic uncertainty'
    Inflation, Apple M2, PC market shrink: Could the timing have been worse?

    Intel's PC chip division is the latest team caught in the current tide of economic uncertainty, as the company freezes hiring in the group. 

    In an internal memo obtained by Reuters, Intel told employees all hiring and job requisitions in the client computing group were on hold for at least two weeks. During that time, the chipmaker will reportedly be reevaluating its priorities with "increased focus and prioritization in our spending [to] help us weather macroeconomic uncertainty," Intel said. 

    The client computing group, which designs end-user hardware, is Intel's largest by sales, having generated $9.3 billion of the $18.4 billion Intel made last quarter. Despite its place at the top, the CCG's Q1 takings were still down 13 percent compared to the same time in 2021. It was also the only Intel division to lose money compared to Q1 2021, another potential reason for the hiring freeze in the sector. 

    Continue reading
  • AMD bests Intel in cloud CPU performance study
    Overall price-performance in Big 3 hyperscalers a dead heat, says CockroachDB

    AMD's processors have come out on top in terms of cloud CPU performance across AWS, Microsoft Azure, and Google Cloud Platform, according to a recently published study.

    The multi-core x86-64 microprocessors Milan and Rome and beat Intel Cascade Lake and Ice Lake instances in tests of performance in the three most popular cloud providers, research from database company CockroachDB found.

    Using the CoreMark version 1.0 benchmark – which can be limited to run on a single vCPU or execute workloads on multiple vCPUs – the researchers showed AMD's Milan processors outperformed those of Intel in many cases, and at worst statistically tied with Intel's latest-gen Ice Lake processors across both the OLTP and CPU benchmarks.

    Continue reading
  • Qualcomm wins EU court battle against $1b antitrust fine
    Another setback for competition watchdog as ruling over exclusive chip deal with iPhone nullified

    The European Commission's competition enforcer is being handed another defeat, with the EU General Court nullifying a $1.04 billion (€997 million) antitrust fine against Qualcomm.

    The decision to reverse the fine is directed at the body's competition team, headed by Danish politico Margrethe Vestager, which the General Court said made "a number of procedural irregularities [which] affected Qualcomm's rights of defense and invalidate the Commission's analysis" of Qualcomm's conduct. 

    At issue in the original case was a series of payments Qualcomm made to Apple between 2011 and 2016, which the competition enforcer had claimed were made in order to guarantee the iPhone maker exclusively used Qualcomm chips.

    Continue reading

Biting the hand that feeds IT © 1998–2022