Intel’s McAfee Acquisition Means Chip-Level Security
Intel is buying software security firm McAfee for $7.9 billion. It’s now time to bake security into the hardware rather than layer it on, says Eric Lundquist
Recently, I noticed my 17-year-old son working even more intently than usual on his laptop.
A new version of World of Warcraft? No, his Microsoft Windows 7 laptop had picked up a particularly nasty virus. He’s better than I am at finding and eliminating bad bugs, but this one was well hidden.
Eventually, after a couple of hours he worked his way through a number of suspect Windows registry settings, found the virus and deleted the bad and reset his registry. This was a hassle to him and I told him that very few users are aware of the Windows registry, let alone willing to fiddle around with the settings.
Integrated security
And that is why Intel spending $7.68 billion to buy security firm McAfee is a good deal.
Intel has the money and is keenly aware that it needs to move more and more of the fundamentals of computing into the hardware. The current distinction where Intel, or Advanced Micro Devices, or any of the other chip makers provide a platform while the software builders do all the interesting and vital functions is not a winning brand strategy.
Intel is aware of this.
In announcing the McAfee acquisition, Intel’s press release stated, “With the rapid expansion of growth across a vast array of Internet-connected devices, more and more of the elements of our lives have moved online,” said Intel CEO and President Paul Otellini.
“In the past, energy-efficient performance and connectivity have defined computing requirements. Looking forward, security will join those as a third pillar of what people demand from all computing experiences,” Otellini added.
OK, press release breathlessness aside, making security the third pillar of why the chip matters is a sensible approach.
Energy efficiency, connectivity and now security integrated into the chip level will indeed make it tougher for the bad guys to do their work.
Security designers will have a much bigger toolkit to wall off certain functions, allow changes to be made only after assuring identity and generally making the digital playground a safer place to play. This gets particularly important as more and more devices get connected into the web.
New platforms
Intel is clearly the big guy on the block in the server and client world, but less so in the emerging markets of smartphones, smart devices and game boxes. Those products need security also.
The acquisition also makes the vendor landscape much more interesting.
Microsoft has been trying to pull more and more security features into the operating system.
Cloud computing is still more talk than action as cloud vendors struggle to define when and where security and privacy rules should be put in place and enforced. And all that mobile Internet discussion tends to avoid the security issue at present.
Chip-level security can be very effective, but has to balance security needs with the flexibility of incorporating new operating system updates and application development.
Over the last couple years, the bad guys have been getting smarter and in many cases winning the security race; putting the locks in the chips could help reverse those wins.