CloudCloud ManagementSecurityWorkspace

Intel’s McAfee: Proper Security On A Chip Still A Pipe Dream

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

It’s still the dream, but full security on a chip isn’t going to happen any time soon, McAfee admits

McAfee has admitted the dream of full security on a chip is nowhere near becoming a reality, leaving some critics still baffled by the Intel acquisition of the security giant for £4.8 billion two years ago.

Many had hoped the Intel deal would produce some revolutionary security technologies, but so far only one major product has emerged – DeepDefender, which works at the chip level, but does not offer much more value over rival offerings other than decent rootkit detection. Even then, rivals claim DeepDefender does not do rootkit hunting better than available products.


The benefits of security on a chip, amounting to full malware scanning at the processor level, are clear if it could be provided. It would probe all processes going through a device, even below the operating system, so picking up on particularly well-hidden threats should be more effective than OS-level protection.

Too fat for McAfee

But the problem is that providing core security processes is just too big a job for a chip to handle right now, Ross Allen, vice president for McAfee in UK & Eire, told TechWeekEurope.

“If you take a picture of yourself, it’s 2MB and it does nothing. Then you think about all the code associated with anti-malware protection and it’s a lot more,” Allen said.

“[Our anti-malware] is not a skinny application. So either we redefine how it’s done or we’ve got to massively skinny-down the product.

“I don’t see [full security on a chip] happening in the short term.”

Allen doesn’t see DeepDefender as a standalone product either, saying it was really an “additional product differentiation feature”.

Meanwhile, McAfee’s end point products aren’t blowing the opposition away. Dennis Technology Labs tests recently ranked the company’s Security-as-a-Service bottom out of five for accuracy and fourth for protection. The McAfee service also recorded more false positives than all the others.

Rivals Symantec, Trend Micro, Kaspersky and Sophos were the other vendors included in the tests covering products aimed at SMBs. McAfee did fare far better in the tests for enterprise-grade products.

Symantec not surprised

This will all lend weight to those who said Intel paid too much for McAfee, and that, in terms of security technology alone, little impressive would emerge from the partnership.

Symantec, which outshone competitors in those same Dennis Labs tests, was not surprised to hear McAfee’s admission that security delivered on the chip was not going to happen anytime soon.

Darren Thompson, CTO of Symantec, told TechWeekEurope he knew there were benefits to having certain processes done on the chip, but “the technology is not there yet”.

He also argued all hardware becomes commoditised, meaning relying on high hardware specifications was the wrong way to think about technology today. Security should focus on the software, Thompson said.

“If there are critical security components embedded in anything in hardware, that’s lock-in and that concerns me.”

Are you a security expert? Try our quiz!