Subject: General Tech | May 7, 2013 - 03:16 PM | Jeremy Hellstrom
Tagged: stonesoft, security, purchase, mcafee, Intel
A small security firm called Stonesoft was acquired by Intel, or rather McAfee, for just under $400m. They provide not only software and services but actual network appliances which utilize their proprietary Stonesoft Security Engine to provide secure connectivity. This makes a lot of sense when you think back on Intel's statements when purchasing McAfee, they are not interested in only providing security at the software level but are interested in moving to the hardware level. You can find out a bit more at The Inquirer.
"SECURITY VENDOR McAfee has bought software security firm Stonesoft to add to its range of network security products.
McAfee, which is owned by Intel, is one of the biggest security vendors but has so far been focused on end-point products such as anti-virus and firewall software that runs on consumer PCs. Now the firm has made a move to go deeper into the network, buying security software vendor Stonesoft for $389m in cash."
Here is some more Tech News from around the web:
- Samsung switches on Knox for the Galaxy S4, availability depends on mobile operators @ The Inquirer
- YouTube channels at $1.99 per month could launch this week @ The Register
- Adobe kills Creative Suite – all future features online only @ The Register
- Wolf 15 Piece Watch Box Review @ NikKTech
Subject: General Tech | February 26, 2013 - 01:45 PM | Jeremy Hellstrom
Tagged: mcafee, security, RSA 2013, sandbox
McAfee has been showing off their stuff at RSA 2013 specifically the new heuristic malware detection capabilities which they will be using instead of their current malware signature database which has over 113 million core samples. That signifies a huge change for the antivirus company as it moves to real time monitoring of all the processes on your machine for suspicious activity instead of matching patterns directly. While this could lead to some interesting side effects for verification software such as you find in some games, McAfee claims 100% effectiveness against current rootkits on Intel hardware compatible with Deep Defender, though they did not give many specifics about that test to The Register.
That is not all they are up to, McAfee just purchased Validedge's sandboxing technology to allow them to watch malware as it arrives and infects a machine to allow them to study its patterns. Strangely, The Inquirer mentions that they will be recording the signature so it is possible that it is an exaggeration that they are completely abandoning their signature database altogether and will be using a hybrid database and heuristic monitoring. The first software using this new option will be available in the second half of this year. Also briefly mentioned in the story is a suggestion that McAfee will be able to repair infected computers automatically via the ePO Agent.
"Signature-based malware identification has been around since the dawn of the computer security industry, but McAfee has said it's dumping the system – or rather, adapting it – in an upgraded security suite which will (it claims) virtually eliminate susceptibility to botnets."
Here is some more Tech News from around the web:
- Altera signs up to use Intel's upcoming 14nm process node @ The Inquirer
- HP offloads WebOS to LG for use in televisions @ The Inquirer
- Internet Explorer 10 for Windows 7 @ [H]ard|OCP
- Samsung, Visa in pay-by-bonk tie up @ The Register
- Not so fast, BlackBerry. Now Samsung wants your tasty biz mobe pie @ The Register
- Hacking the International Space Station with a toothbrush @ Hack a Day
- Super single-photon source for quantum computers @ nanotechweb
Subject: General Tech | May 24, 2012 - 12:19 PM | Jeremy Hellstrom
Tagged: mcafee, Intel, cloud
Intel's purchase of AntiVirus vendor McAfee has been feeding rumours and speculation for about 10 months now and while we have plenty of buzzwords and a feeling that they are looking at securing Cloud Computing only recently have we seen anything concrete. The first product to give us insight into their actual plans has arrived on the market bearing an awkward name, McAfee Management for Optimized Virtual Environments AntiVirus. This is essentially antivirus and antimalware specifically designed to be used in virtualized server environments which are connected to and providing services to a large amount of geographically separate devices ... aka 'The Cloud". It is possible that they have a product which will be able to prevent the spread of an infection by leveraging the strictly partitioned nature of virtual servers and data stores, something that will be very important for anyone providing SaaS (Software as a Service) to clients.
The Register also points out that in order to fully benefit from this AV product you will need a relatively new Xeon for your servers to support Trusted Execution Technology and a Sandy/Ivy Bridge processor for client side machines. That means hardware upgrades which Intel's sales team would be more than happy to talk to you about.
"What Intel is planning is a cloud-to-desktop security strategy, mixing hardware and software features in a federated framework designed to make cloud computing safer, locking down the desktop and, coincidentally, giving IT managers another reason to specify Intel's systems during the next upgrade cycle."
Here is some more Tech News from around the web:
- Google 7-inch tablet PC to ship in June with initial volume of 600,000 units @ DigiTimes
- Building an x-ray machine and letting everything go to your head @ Hack a Day
- Boffins develop nanoscale vacuum tube running at .46 THz @ The Register
- Extreme Overclocking Session III ( EOS ) Event 2012 @ Madshrimps
- Win a Unique Custom Modified PC from Sapphire @ TechwareLabs
- Win a ZOTAC Z68-ITX WiFi Supreme motherboard @ Hardware.Info
Subject: General Tech | May 7, 2012 - 12:30 PM | Jeremy Hellstrom
Tagged: Intel, mcafee, cloud
It really has been almost a year and a half since Intel bought McAfee and we started speculating on what this would mean. It was a common hypothesis that Intel wanted to leverage the Trusted Execution Technology that exists in Xeon processors as well as a belief that there would be instruction sets in the Core architecture that could be used to make your machine more secure without sacrificing performance. That theory has proven true as Jason Waxman who is in charge of Intel's Cloud initiative spoke about the current and planned implementations of their hardware assisted antivirus. A new tool called McAfee Management for Optimized Virtual Environments AntiVirus will handle scans and updates for the server and service side and new additions to McAfee's ePO agent which expand its ability to secure networks and servers. The Register put together a generalized look at what we know so far and while we are still hoping to see more specifics from Intel soon it is certainly more interesting than the other McAfee story currently circulating.
"Jason Waxman, general manager of Intel's Cloud Infrastructure Group, said that over the last year or so he'd been inundated with questions about what Intel was going to do with McAfee since it lashed out $7.68bn for the security firm, during an industry-wide buying spree on cyber-security companies. Chipzilla's been intentionally quiet on the subject, but was now ready to talk he said."
Here is some more Tech News from around the web:
- Microsoft Creates Kinect-Like System Using Laptop Speaker & Microphone @ Slashdot
- The TR Podcast 111: Spandex, SLI, and a snap-together tablet
- Ubuntu 12.04 LTS ARMv7 Linux Performance Gains @ Phoronix
- Adobe Photoshop Lightroom 4 Review @ Techgage
- Sony Cyber-shot DSC-TX20 Review @ TechReviewSource
- Kingston HyperX Event Antwerp @ Madshrimps
- Tones OC Academy IV @ Madshrimps
Subject: General Tech | September 13, 2011 - 05:05 PM | Scott Michaud
Tagged: mcafee, Intel, idf 2011, idf
As the Intel Developer Forum commences we finally learn a little bit about what Intel is attempting to do with the acquisition of McAfee among other tidbits. Malware is one of the banes of computing existence. Information is valuable, security is hard, and most people do not know either. Antimalware software remains a line of defense between you and infections in the event that your first three lines of defense (patching known security vulnerabilities in software; limiting inbound connections and permissions; and common sense) fail to help. While no antimalware software is anywhere near perfect Intel believes that getting protection a little deeper in the hardware will do a little more to prevent previously unknown exploits.
Great Norton’s Ghost!
According to McAfee’s website, DeepSAFE is a platform for security software to see more of what is going on in the hardware around the Operating System itself. They are being very cagey about what technology is being utilized both on their site as well as their FAQ (pdf) which causes two problems: firstly, we do not know exactly what processors support or will support DeepSAFE; secondly, we do not know exactly what is being done. While this is more details than we knew previously there are still more than enough holes to fill before we know what this technology truly is capable of.
Subject: Editorial | July 20, 2011 - 06:10 PM | Jeremy Hellstrom
Tagged: vpro, TPM, speculation, security, mcafee, intel txt, Intel, infineon, amt
Not too long ago the tech world was buzzing with the news that Intel had aquired McAfee for $7.68 billion. This gave them the knowledge base to start thinking about putting antivirus technology directly onto their chips, which seemed far more likely than an Intel branded software antivirus product. When Intel CTO Justin Rattner started talking about technology that resembled the failed attempts at digital rights management, such as Microsoft's Palladium, or the Trusted Platform Module, aka TPM, a different idea was promoted with its own acronyms; Intel Active Management Technology (AMT) and Intel Trusted Execution Technology (Intel TXT). This theory was lent credence by the mention of Intel's vPro and a desire by Intel to move security to the top of their list of priorities. By integrating security software directly into vPro architecture, it might not even be necessary to place antivirus code directly on their hardware. Adding optimization to product architecture that Intel trusts absolutely, as they made it themselves, and the overall level of security on an Intel based virtual machine would be greatly increased.
Then Intel went and muddied the water with the $1.9 billion purchase of Infineon Technologies AG’s wireless business, which doesn't own manufacturing facilities but does own the intellectual property and patents for chips providing wireless communication. Suddenly some discarded theories about the purchase of McAfee seemed valid again. One possibility that was bandied about was the idea of Intel moving into ARM territory in the cell phone business. With Intel's new focus on low power chips, with Atom being the starting point, the idea of Intel moving into providing secure CPUs appropriate for cell phones and tablets became much more believable. With the current rise of viruses targeted at those mobile platforms and the vulnerabilities present in Android and Windows based phones having hardware based antivirus, or at least optimized hardware, makes a lot of sense.
It also differentiates them from ARM, who has more market experience making ultra low power chips but certainly does not own an antivirus vendor. The security concerns with cell phones and tablets will continue to increase at the same pace as the capabilities of the devices increase. Where once bluejacking was the biggest concern of a cell phone user, a smart phone user can browse the world wild web and expose themselves to all sorts of nastiness, including more than just the nastiness they intended to browse for. A hardware solution would leave more processing power for the user; running Norton 360 on a cell phone or tablet would chew up a lot of cycles.
Today those muddied waters were stirred up even more as Intel announced it is planning to buy Fulcrum Microsystems, maker of high end 10Gbps and 40Gbps ethernet switches. This purchase would support the theory decided before the purchase of Infineon's wireless group; that Intel is taking a serious look at a total TPM ecosystem. In order to truly trust your platform you need to do more than secure your endpoints. If your server is running AMT or Intel TXT, then you can be assured that any virtual machine running on it can be trusted. As well, if both the server and client are running processors capable of Intel's TPM (sounds so much better that DRM, eh?) again both machines can be considered trusted platforms.
That does not help with trusting data which has been transferred over a WAN, or in some cases even a LAN. Data transfer allows an attacker a means of entry, or at least a way of denying data transfer. With a trusted platform, any data which does not match what is expected by the receiving machine will be prevented from running, so a successful man in the middle attack might not allow remote code execution or privilege escalation but would certainly act as a DoS attack as the TPM client refuses to accept the incoming data. Once the routers and switches involved in the data transfer are secured with the exact same TPM specifications, the entire route is protected and can all be considered part of the same Trusted Platform. The network devices would reject any code injection attempted on the data during transfer, allowing data to flow freely inside a LAN as well as customized WANs.
Returning to the secure cell phone theory, we can now consider the possibility of a TPM compliant cell phone thanks to the theoretical integration of Intel processors into your phone and tablet. Now you would be able to include your mobile communications into your TPM ecosystem. Properly implemented that security and not only will you challenge ARM 's market share by out-securing them, you could topple RIM's share of the business market as a BlackBerry may be handy to the sales team but they are a nightmare for the IT/IS security team. Nothing is perfect but that would be a huge step towards defeating the current attack vectors that effect business systems. So far Intel is not saying much, so all we can do is speculate ... which is fun.
Get notified when we go live!