The Internet security industry has always been a multi-vendor playing field. ISPs look to a number of resources to address their various liabilities and concerns. In turn, customers have a number of products to choose from and the ability to create a custom security system that is tailored to their specifications.
So what if “Mc-Intel” were to go forth with their plans of a “walled garden.” Imagine instead of multiple vendors, one vendor, with one standardized security infrastructure. Customers would have no brand or service options and security settings would be default on every system. People’s PCs have just as unique a security infrastructure as people’s homes. Some of us have alarms, video cameras, and keypads. Others go on vacation and leave the doors unlocked.
You could compare the security market to the smartphone market. Smartphone users have been given the option between the single source Apple application store and the multiple vendor Android apps. In a comscore report shown below from July 2010, it shows that although the iPhone had a larger market share (23.8%) than Google’s Android (17%), the Android is growing at a much faster rate. These statistics show that customers want the option of vendors and the option of the varying levels of risk associated with them.
Android’s security can be facilitated at many different levels leaving the end user to decide what is suitable to their needs, where Apple’s store provides standard security to all users. In the case of multiple vendors, corporate identities and end users have the ability to design their own security policies and not have to bow to those of a third party in the case of a single source application arena.
Although Intel addresses security at the host level, there is still the issue of the network and malicious traffic. At this point, Intel’s plan does not seem to incorporate vulnerabilities in the network, which the multiple player scenario addresses in a variety of ways. This was demonstrated at the recent Black Hat conference where researcher Chris Paget hijacked a cell tower and routed outbound cell calls through his low cost, homemade device and intercepted even encrypted calls. Other man in the middle network attacks are inevitable without the placement of an effective filtering mechanism at some level of the network. Time will tell if “McIntel” addresses this concern.
Another concern is that malicious actors will simply go to the weakest areas as they currently do and attack the largest markertshare. They will simply change their methodologies to leverage the weakest areas of the Internet. Placing effective mechanisms in the proper places addresses this concern and a multiple player industry enables this. If your security were to have one gatekeeper, some would find that adequate, others would want more, others less. If our PC behavior mimics our smartphone preferences, then customers have spoken. We have different needs and desires for security and we would like the option.
Many people having been crying out a call to action to hardware vendors that they need to take a more proactive stands, and to that end I applaud Intel for this step. From a strictly security perspective, this kind of step could improve the situation at hand, though will not solve it.
- Marc
