Processor Assisted Or OS Embedded Endpoint Security?
Yesterday, September the 13th 2011, the Information Security Arena has been shaken by a couple of
announcements earthquakes unleashed by two of the most important players in this market.
The first earthquake was detected in San Francisco, at the Intel Developer Forum, where McAfee announced DeepSAFE, a jointly developed technology from McAfee and Intel that enables to build hardware-assisted security products that take advantage of a deeper security footprint. According to McAfee, sitting beyond the operating system and close to the silicon, DeepSAFE technology allows to gain an additional vantage point in the computing stack to better protect systems. Although initially conceived as an anti-rootkit (and 0-day) technology, McAfee promises that DeepSAFE Technology will be the foundation for its next gen security products, maybe landing also on the Android Platform (but not on Intel’s MeeGo Mobile Platform).
The second earthquake was detected in Redmond where Microsoft announced that antivirus protection will be a standard feature for its next gen flagship OS Windows 8: features from its Security Essentials program, currently available as a separate download for Windows users, will be added to the Windows Defender package already built into Windows, allowing the users to get out-of-the-box protection against malware, along with firewall and parental controls, from within Windows without requiring a separate software. Another new security feature being baked into Windows 8 is protection from bootable USB drives that are infected with malware.
Although easily predictable (even if Microsoft took only 6 years to fully embed Sybari technology inside its OSes after the 2005 acquisition, rumors on a hardware assisted security technology were the pillars of the McAfee acquisition by Intel), these announcements have a potential huge impact on the landscape, both for consumers and more in general for the whole antivirus industry.
As fare as the Micorsoft announcement is concerned, consumers will be happy to find a free “OS-embedded” antimalware solution inside their (favourite ?) desktop operating system, on the other hand the antivirus industry will likely not be happy to have an embedded competitor to fight against (and to disable during the installation of their own products).
Similarly, just like the Operating System, the processor itself is a “necessary evil” for a PC so the other endpoint security vendors will not be happy to fight against a competitor technology which (quoting textual words) allows “McAfee DeepSAFE technology (to) sit beyond the operating system (and close to the silicon) allowing McAfee products to have an additional vantage point in the computing stack to better protect systems.”
Of course all this turmoil on the endpoint security arena looks paradoxical if compared with Google’s assertions according to which, its brand new ChromeOS will need no antivirus at all because of its many built in layers of security. On the other hand it risks to become a turmoil for the consumer who will have soon to face an hard question: will my next operating system need “software embedded” antimalware, “hardware assisted” antimalware or no antimalware at all?
Personally I do not like the idea of a single Microsoft Antivirus for every PC equipped with Windows 8 (a single vulnerability would be enough to infect millions of devices), in the same way I believe that an Operating System without antimalware protection is an unrealistic model which is not compatible with the multi-layer approach of the endpoint security (it is not a coincidence that ChromeOS has already fallen under the blows of a XSS vulnerability.
Similarly I do believe that, in order to avoid (further) Antitrust lawsuits Intel will open its direct access to processor layer to other vendors besides McAfee. On the other hand, in order to obtain the “go-ahead” from the European Commission, Intel promised to ensure that rival security vendors will have access to “all necessary information” to use the functionalities of Intel’s CPUs and chipsets in the same way as those functionalities are used by McAfee, the commission said in a statement…
Otherwise the lawyers seriously risk to be the sole winners of this endpoint revolution.
- 752,623 hits since November 2010
08/13/2011 - My Post on Android Malware Mentioned on Engadget.
04/14/2011 - The Article Smart Grid: L'ultima Frontiera del Cybercrime published on ICT Security Magazine May 2011.
03/14/2011 - Security Summit 2011: Paolo Passeri guest at Round Table "Mobile Security: Rischi, Tecnologie, Mercato"
02/14/2011 - The Article Gears of Cyberwar published on ICT Security Magazine January 2011.
About This Blog
In this blog I express my personal opinion, which does not necessarily reflects the opinion of my organization, about events and news or interest, concerning information security, winking to mobile world and, why not, to some curious personal event.
Every information is reported with its source.
Anyone intending to use information contained in my post is free to do so, provided that mention my blog in your article.
Top Posts & Pages
- List Of Hacked Celebrities Who Had (Nude) Photos Leaked
- 2013 Cyber Attacks Statistics
- 2012 Cyber Attacks Statistics
- 2013 Cyber Attacks Timeline Master Index
- A (Graphical) World of Botnets and Cyber Attacks
- August 2013 Cyber Attacks Statistics
- 16-31 March 2014 Cyber Attacks Timeline
- 1-15 March 2014 Cyber Attacks Timeline
- About Me
- 2012 Cyber Attacks Timeline Master Index
- Analyzing a banking Trojan info.lastline.com/blog/analyzing… - 1 day ago
- Pipeline for a scalable malware analysis process: an interesting take from our very own @marco_cova. Worths reading! info.lastline.com/blog/a-pipelin… - 1 day ago
- 16-31 March 2014 Cyber Attacks Timeline wp.me/p14J6X-2y0 - 4 days ago
- RT @lastlineinc: Lastline co-founder Engin Kirda presents "Evasive Malware Attacks" at NY Information Security Meetup http://t.co/pcoZnspu1l - 1 week ago
- WatchGuard Uses Lastline's Cloud Based Sandbox to Combat APTs info.lastline.com/blog/watchguar… - 2 weeks ago
- @kf916 For the moment only the timelines. I am very busy. Hope to republish the charts quite soon - 2 weeks ago
- @lastlineinc is present at #ROOMn2014, visit our booth and discover how you can protect your organization from mobile advanced threats - 2 weeks ago
- @raistolo @dguido have you tried @HackSurfer? - 2 weeks ago
- 1-15 March 2014 Cyber Attacks Timeline wp.me/p14J6X-2xK - 2 weeks ago
- How To Build An Effective Sandbox: info.lastline.com/blog/different… - 3 weeks ago