Thursday, January 27, 2011

European Commission (EC) Approves Intel Acquisition of McAfee

Five weeks after the FTC gave Intel approval of its $7.68 billion (US) acquisition of McAfee, the European Commission, watchdog for the European Union (EU, ) did the same.

"The commitments submitted by Intel strike the right balance, as they allow preserving both competition and the beneficial effects of the merger. These changes will ensure that vigorous competition is maintained and that consumers get the best result in terms of price, choice and quality of the IT security products," said Commission Vice-President in charge of competition policy Joaquin Almunia.

Among the commitments Intel made to the European Commission:

• McAfee competitors will have access to all necessary information to use functionalities of Intel's CPUs and chipsets in the same way as those functionalities used by McAfee.
• Intel will not to actively impede competitors' security solutions from running on Intel CPUs or chipsets.
• Intel will avoid hampering the operation of McAfee's security solutions when running on personal computers containing CPUs or chipsets sold by Intel's competitors (AMD, etc).

It will be interesting to read any comments McAfee’s internet security competitors (Symantec, Trend Micro, Kaspersky, Sophos, etc) regarding this decision. They have to be happy that they will have access to the same functionalities on the chip that McAfee will have. Whether McAfee will have any sort of early access is an interesting question.

Intel has had disagreements with the EC before. In 2009, Intel was fined $1.45 billion for engaging in illegal anticompetitive practices to exclude competitors from the market for X86 computer chips.

Let the monitoring begin.

Meanwhile, on Tuesday, Intel’s chief technology officer Justin Rattner announced that scientists at Intel are working on security technology that will stop all zero-day attacks*. The technology could be ready this year. He stated that the technology won’t be signature based. This could mean that heuristic or behavior based capabilities will be put on Intel’s chips. McAfee’s contribution to this project (if any) wasn’t mentioned.

*One definition of a zero day attack - A zero day attack capitalizes on vulnerabilities right after their discovery. Thus, zero-day attacks occur before the security community or the vendor of the software knows about the vulnerability or has been able to distribute patches to repair it.

No comments: