I wrote then:

“The unvarnished fact is that the networked society to which we’ve become accustomed in the last several years has a soft, vulnerable underbelly.

And the more we rely upon it, the more people with a combination of advanced technical skills and repugnant motivations are going to look for ways to turn it against us.

Some will do so as a means of making a personal profit. Others may see it as a way of advancing a political or ideological agenda.

But others will want to use theirs skills to do serious harm to innocent people on a large scale.”

Part of these predictions or ruminations or whatever you care to call them makes me think of the hijinks of the group that started out in the spring variously known as LulzSec, Anonymous and later adopted the moniker AntiSec. This loosely affiliated group emerged from the wake of the various attacks against Sony, and seemed to have nothing to prove but that it could make mincemeat out of whatever security measures had been put in place by Sony or whatever video game outfit it had targeted on a given day.

Sony’s Playstation Network was a favorite target, and its service was at least partially offline during two months ended in July.

Then, as summer dawned, the group’s members became aware of global politics and teamed up with Anonymous, the Wikileaks-allied band of hackers known for their campaigns of digital civil disobedience. Together they declared “immediate and unremitting war” on governments and corporations, and said their top priority would be to steal and leak any classified government information, including but not limited to email and documentation. They attacked an Arizona police agency as a way of making a statement against anti-immigrant laws in that state, and published the names and home addresses of several officers.

Later they sought to earn some street cred by stealing “secret” documents from NATO, only to learn after the fact that the documents they released had not only been released before, but weren’t even really all that secret to begin with. It wasn’t long before alleged members of the group started showing up in handcuffs, which seemed not to faze them. The prospect of body bags and real-world violence during a confrontation with Mexican drug cartels, however, did.

Yet for all the headlines they garnered and the headaches they caused, the LulzSec/Anonymous/AntiSec gang wasn’t anywhere near the scariest thing to appear on the computer security landscape in 2011. To my mind, one of the top three scariest things was the disclosure of Operation Shady RAT, which Intel-unit McAfee said appeared to be the biggest large-scale compromise ever, affecting 72 organizations and governments around the world, including the U.S., Taiwan, Vietnam, South Korea, Canada and India — some of them dating back as far as 2006. McAfee said the attacker was a “state actor,” though it declined to name it. The candidate highest on the short list was, naturally, China.

The second truly scary incident was the attack carried out against RSA Security, a unit of the IT company EMC, the maker of the popular SecurID tokens that so many people have on their keychains and use to create an added layer of security that goes beyond the password. Months later, the U.S. defense contractor Lockheed Martin was attacked with duplicate SecurID tokens.

Finally, the Stuxnet Trojan (used by parties officially unknown, but probably Israel with a little help from the U.S.) continued to fascinate and confound security researchers in 2011. Having caused nuclear centrifuges in Iran to explode in an attempt to set back that country’s nuclear weapons research program, Stuxnet was found to have a sibling called Duqu. Unlike Stuxnet, which messed with industrial control computers and made them do things they wouldn’t normally do, Duqu’s mission was much simpler: Steal everything in sight.

And after that, it was discovered by researchers at Kaspersky labs that Stuxnet and Duqu are part of an even bigger family, with at least three more siblings still undetected by researchers, and that all five were created by the same people and with the same tools. Chances are we’ll see at least a few of those final three in 2012, particularly as tension with Iran heats up.

So while there was much to consider scary happening on the Internet in 2011, I’m grateful for being wrong on one key prediction: That we didn’t see a significant computer attack used to physically harm innocent people on a large scale. That’s one prediction I hope to miss for years to come.

Today, HP presented a new strategy intended to boost its role in the business of supplying IT security to large businesses. With two big shifts hitting the corporate computing environment — cloud computing and scores of worker-selected mobile devices entering the workplace — there are a lot of new security challenges giving CIOs headaches.

“If you look at those trends, they challenge the traditional notions of enterprise security,” says Tom Reilly, HP’s VP and general manager for Enterprise Security Products. “So we want to address those challenges.”

The traditional approach in IT security was to establish strong perimeters around the network and around a company’s computers that could keep bad guys out and let good guys in, and then setting strict rules about what people allowed access can do.

Cloud computing obviates the need for a perimeter, because all the computing resources are, well, in the cloud. They live on some virtualized server in someone else’s data center. And someone who brings their iPhone to the office expects to have the same level of access to the resources they need to do the job. The old models don’t really apply anymore.

Meanwhile, attacks are surging. A study by the Ponemon Institute — which, in fairness, was sponsored by HP’s subsidiary ArcSight — found that cyberattacks against a group of 50 large companies grew by 44 percent last year versus the prior year. The companies in the sample group — all of which had 700 or more users — were hit with a combined 72 successful attacks per week, averaging more than one per company per week. The study also found that the costs to mitigate these attacks went up by 56 percent year over year.

“The bad guys are getting better, but as we change our IT environment we’re giving them more surface area from which to launch these attacks,” Reilly says.

So HP is coming into the picture with what it says is a new approach. It turns out HP has been quietly building up its security bona fides through acquisitions. Last year it paid $1.5 billion to acquire security intelligence firm ArcSight, of which Reilly was CEO. In 2009, it acquired TippingPoint, a network security outfit that came with the $2.7 billion acquisition of 3Com. Another pair of acquisitions, Fortify and SPI Dynamics, both specialize in application security.

HP’s plan is to mix these security capabilities into its Enterprise services offerings, Reilly says. Rather than try to sell each company new firewalls or other stuff, HP can come in and augment whatever security the company is already using with better information about threats and a new set of tools that can see how the company’s infrastructure is being used, not just on-premise, but within cloud-based environments, as well.

The point, Reilly says, is not so much to sell specific new security products to companies, but to take a service-based approach that helps a company get a better handle on the new security troubles it may be facing.

The trouble is that HP hasn’t generally been viewed as a player in the IT security market, and risk-averse CIOs are usually slow to embrace new vendors, because they tend to have long-term relationships with suppliers. But with the nature of the threats changing, HP is apparently hoping to use its status as an established supplier of servers, PCs and other IT products and services, to start a conversation around security with its customers.

There has been a lot of activity around security in the last few years. Intel spent more than $7 billion to acquire the security software firm McAfee earlier this year, and IBM already offers a muscular set of security products and services. It will quickly run into competitors, for sure.

If nothing else, following as it does in the wake of HP’s plans to divest itself of PCs and its mobile device business, a robust security offering is something that enterprise customers are going to expect. If there’s really going to be a new enterprise-centric HP, expect to see more moves like this. Whether or not they’ll work is another matter.

The WaveSecure software offers the ability to remotely back up contacts, photos and other data, with such options as device tracking and remote-wipe capability.

And these aren’t the kind of cyber attacks carried out by bumbling troublemakers like the LulzSec gang, which make headlines but really only cause a nuisance for companies like Sony. In these cases, networks were compromised by remote access tools — or RATs, as they’re known in the industry. These tools — and they are tools, because they have legitimate uses for system administrators — give someone the ability to access a computer from across the country or around the world. In this case, however, they were secretly placed on the target systems, hidden from the eyes of day-to-day users and administrators, and were used to rifle through confidential files for useful information. It’s not for nothing that McAfee is calling this Operation Shady RAT.

McAfee says the attacker was a “state actor,” though it declined to name it. I’ll give you three guesses who the leading candidate is, though you’ll probably need only one: China.

Dmitri Alperovitch, McAfee’s Vice President, Threat Research, makes a statement in his blog entry on the discovery that should give everyone minding a corporate or government network pause: “I am convinced that every company in every conceivable industry with significant size and valuable intellectual property and trade secrets has been compromised (or will be shortly), with the great majority of the victims rarely discovering the intrusion or its impact.” He further divides the worldwide corporate landscape into two camps: Those who have been compromised and know it, and those who simply don’t know it yet.

This has been a particularly nasty year on the cyber security front. (I hate to say it, but I told you so.) Prior to this, the big attack whose full impact has not yet been fully sized up was the one against the RSA SecureID system, which uses popular keychain devices that create a constantly changing series of numbers that in turn create a second password for access to system resources. They’re widely used in government and military circles and among defense contractors. Google has been a regular target in recent years.

The RSA attack and Operation Shady RAT are examples, Alperovitch says, of an “Advanced Persistent Threat.” The phrase has come to be a buzzword that, loosely translated into English, means the worst kind of cyber attack you can imagine. Unlike the denial-of-service attacks and network intrusions carried out by LulzSec and its ilk, which require only minimal skill and marginal understanding of how networks and servers work, an APT is carried out by someone of very high skill who picks his targets carefully and sneaks inside them in a way that is difficult to detect, which allows access to the target system on an ongoing basis that may persist for years.

How did these attacks happen? Its very simple: Someone at the target organization received an email that looked legitimate, but which contained an attachment that wasn’t. This is called “spear phishing,” and it has become the weapon of choice for sophisticated cyber attackers. The attachments are not what they appear to be — Word documents or spreadsheets or other routine things — and contain programs that piggyback on the targeted user’s level of access to the network. These programs then download malware which gives the attackers further access. This all happens in an automated way, but soon after, live attackers log in to the system to dig through what they can find, copy what they can, and make a getaway — though they often leave the doors unlocked so they can come back for repeat visits.

Alperovitch notes — correctly, to my mind — that the phrase has been picked up and overused by the marketing departments of numerous security companies. His larger point is that too often those attacked in this way refuse to come forward and disclose what they’ve learned, thereby allowing the danger to continue for everyone else.

Alperovitch says that the data taken in Operation Shady RAT adds up to several petabytes worth of information. It’s not clear how it has been used. But, as he says, “If even a fraction of it is used to build better competing products or beat a competitor at a key negotiation (due to having stolen the other team’s playbook), the loss represents a massive economic threat not just to individual companies and industries but to entire countries that face the prospect of decreased economic growth.” It’s also bad for a target’s national security, because defense contractors dealing in sensitive military matters are often the targets. The best thing that can happen is that victims start talking about their attacks and sharing information with each other so that everyone can be ready for the next one, which is surely coming.

The bigger news is that Dave DeWalt, the McAfee president who saw the company through its $7.7 billion acquisition by Intel last year, is departing, though he will remain on McAfee’s board.

It’s not the first time that DeWalt has taken a company into a large acquisition. In 2003, he was the CEO of Documentum, which was acquired by storage giant EMC. He’s also chairman of the board at Polycom and recently joined the board of Jive Software, the pre-IPO social enterprise concern where former McAfee director Tony Zingale is CEO.

Last month VentureBeat reported he was going to Palo Alto Networks, a security start-up backed by Greylock Partners, Sequoia Capital, Globespan Capital Partners and JAFCO Ventures.

DeCesare joined McAfee in 2007 and had run its global operations, including manufacturing, facilities, and worldwide sales. Gebhart joined McAfee in 1999. His most recent role was running the retail and direct web sales strategies for the consumer, mobile and small business units.

It is in stealth mode no more. The company today took the wraps off at least some of its plans and revealed the closing of a $9.2 million Series A funding round that also includes investments from Ignition Partners and Lightspeed Venture Partners. Levine is joining Bromium’s board.

Its founders are Gaurav Banga, the former CTO of Phoenix Technologies; Simon Crosby, the former CTO of the Data Center and Cloud Division of Citrix; and Ian Pratt, the current chairman of Xen.org and another Citrix veteran. Both Pratt and Crosby joined Citrix after it acquired the open source virtualization company Xensource in 2007.

Bromium is turning out to be a bit of a reunion of former Xensource execs: Frank Artale, a managing director at Ignition who was also a Xensource exec, is joining Bromium’s board as well.

So what does Bromium plan to do? It won’t say, but I got a few hints from Simon Crosby, Bromium’s CTO. “The timing of this is perfect to what is going on right now with all the attacks that have been going on recently,” he said.

The attacks against EMC’s RSA security products, and also on Google’s Gmail, he says, were carried out via the client — that is, end user devices like a PC, a smartphone or a tablet. “Bromium believes that getting to a secure era in cloud computing requires securing both the client and the cloud.”

And how to get there? Again, he wouldn’t say exactly, but he did point the way: Virtualization. The technique of creating numerous “virtual” computers that run concurrently on a single physical host computer has been a fundamental development in the evolution of cloud computing. “Everyone I think knows that virtualization can help with security, but no one has really delivered an elegant solution that enhances security through the use of virtualization,” Crosby told me. “This is where I think we can strike a blow for the good guys.”

For another hint, look at Intel’s recently closed acquisition of security software concern McAfee. “Intel gets that security needs to move closer to the hardware, and we would agree with that,” Crosby said. McAfee’s CTO, George Kurtz, is on Bromium’s board.

Bromium marks the second security start-up that Andreesen Horowitz has invested in recently. The other was Silver Tail Systems. And it probably won’t be the last. As AH founder Marc Andreesen said in his appearance with Walt Mossberg and Kara Swisher at D9, he loves security. Why? “The threats keep morphing.” Indeed they do.

But, from a friend and former co-worker, I learned that the iPhone also doesn’t like it when it gets too hot.

Joris Evers, who now does PR for McAfee, was in Mexico City last month, sitting outside when his iPhone warned him that things had gotten too hot for comfort. It displayed a warning message and told him (in several languages) that the only thing it was willing to do was make an emergency call. Otherwise, it was waiting until things cooled down.

It also turns out that the iPhone, like Mobilized, likes talking about itself in the third person.

Evers said it was warm, not hot, though he was in the direct sun. His laptop was willing to work, despite the conditions.

“I guess iPhones need sun protection in addition to screen protection and fall protection,” Evers mused on his personal blog.

The result is a push from both start-ups and traditional security firms, with Webroot becoming the latest software maker to offer a mobile-specific product.

On Monday, the company launched Webroot Mobile Security for Android–a program that comes in a basic free version as well as a more advanced paid edition that sells for $14.95 per year. Webroot says that, for now, Best Buy will be its exclusive outlet for the paid version.

As with other smartphone security software, the new Webroot product focuses not just on protecting against viruses but also managing the threats posed by the fact that smartphones are basically easily lost honeypots filled with tons of personal information.

“We believe in protecting you as an individual, not just the device you use to connect to the Internet,” Webroot vice president Quinn Curtis said in a statement. “With smartphones and tablets, we carry around vast amounts of personal data including our contacts, emails, passwords, and even financial information. This data is targeted by cybercriminals through malware, online scams, and device theft, and the market success of the Android mobile operating system provides the scale they need to make those attacks profitable.”

Webroot joins McAfee and AVG as well as Lookout Mobile Security, a well-funded start-up that focuses on smartphone security software.

Two of the new directors come from the software security firm McAfee, where Jive CEO Tony Zingale held a board seat from 2008 until its $7.7 billion acquisition by chip giant Intel: Charles Robel was McAfee’s chairman and has been on its board’s audit committee, and sits on the board of Autodesk and is the lead independent director on the board of Informatica; and David DeWalt was McAfee’s president, and before that was president of software sales and services at storage giant EMC, following the acquisition of Documentum, which it acquired in 2003 and where he was CEO. Dewalt is chairman of the board at Polycom.

Jonathan  Heiliger  is  the  Vice  President  of  Technical Operations at Facebook, meaning he’s the one who makes Facebook go. He reports directly to CEO Mark Zuckerberg. Before that he led the engineering team at Walmart.com, and before that he was COO at Loudcloud, the company that ultimately became Opsware.

Sundar  Pichai  is  vice  President  of  product  management at Google, and oversees such products as Google  Toolbar,  Chrome  and Chrome  OS. Before Google, he worked at Applied Materials, the maker of chip manufacturing gear, and was management consulting for McKinsey and Co.

I asked CEO Tony Zingale about Jive’s plans to go public. He wouldn’t comment on that, naturally, but its well understood that Zingale, who ran software company Mercury Interactive until its $4.5 billion sale to HP, was brought on with an IPO in mind, as The Wall Street Journal reported last year. He also wouldn’t comment when I asked him if Jive has hired any bankers.

But he did say that Jive is at what he called “an inflection point.” In case you hadn’t notice, social enterprise software is a segment that’s growing like crazy, with offerings from Salesforce.com, Parature, Yammer, and a host of others. “We’re building the next great enterprise software company,” Zingale says. “And guys like this don’t join boards of companies that aren’t already successful and that don’t have a pretty good runway ahead of them.”

Jive certainly has some momentum. It has about 3,000 corporate customers–including big names like Cisco Systems, Nike, VMWare, Intel and fast food giant Yum Brands–and about 15 million end users. And last year it landed a big $30 million investment from Kleiner Perkins. Its other investor is Sequoia Capital, which invested $15 million in 2007. Boomtown’s Kara Swisher talked to Zingale and another Jive director Ted Schlein about the investment in a video interview last year, which I’ve added below.

]]> http://allthingsd.com/20110330/in-another-pre-ipo-move-jive-software-adds-four-directors-all-with-public-company-experience/feed/ 0 http://allthingsd.com/20110327/u-s-products-help-block-mideast-web/ http://allthingsd.com/20110327/u-s-products-help-block-mideast-web/#comments Mon, 28 Mar 2011 03:32:41 +0000 Paul Sonne and Steve Stecklow http://voices.allthingsd.com/?p=38174 As Middle East regimes try to stifle dissent by censoring the Internet, the U.S. faces an uncomfortable reality: American companies provide much of the technology used to block websites.

McAfee Inc., acquired last month by Intel Corp., has provided content-filtering software used by Internet-service providers in Bahrain, Saudi Arabia and Kuwait, according to interviews with buyers and a regional reseller. Blue Coat Systems Inc. of Sunnyvale, Calif., has sold hardware and technology in Bahrain, the United Arab Emirates and Qatar that has been used in conjunction with McAfee’s Web-filtering software and sometimes to block websites on its own, according to interviews with people working at or with ISPs in the region.

A regulator in Bahrain, which uses McAfee’s SmartFilter product, says the government is planning to switch soon to technology from U.S.-based Palo Alto Networks Inc. It promises to give Bahrain more blocking options and make it harder for people to circumvent censoring.

Read the rest of this post on the original site

]]> http://allthingsd.com/20110327/u-s-products-help-block-mideast-web/feed/ 0 http://allthingsd.com/20110228/intel-locks-up-mcafee/ http://allthingsd.com/20110228/intel-locks-up-mcafee/#comments Mon, 28 Feb 2011 23:31:59 +0000 Voices http://voices.allthingsd.com/?p=37102 Intel announced today that its $7.7 billion acquisition of McAfee, announced in August, is now complete. McAfee will operate as a wholly owned subsidiary and continue to sell security products and services under its own brand. Meanwhile, the companies are working on “a fundamentally new approach [to security] involving software, hardware and services,” the first fruits of which should be ripe later this year.

]]> http://allthingsd.com/20110228/intel-locks-up-mcafee/feed/ 0 http://allthingsd.com/20110228/webs-hot-new-commodity-privacy/ http://allthingsd.com/20110228/webs-hot-new-commodity-privacy/#comments Mon, 28 Feb 2011 13:30:13 +0000 Julia Angwin and Emily Steel http://voices.allthingsd.com/?p=37060 As the surreptitious tracking of Internet users becomes more aggressive and widespread, tiny start-ups and technology giants alike are pushing a new product: privacy.

Companies including Microsoft Corp., McAfee Inc.—and even some online-tracking companies themselves—are rolling out new ways to protect users from having their movements monitored online. Some are going further and starting to pay people a commission every time their personal details are used by marketing companies.

“Data is a new form of currency,” says Shane Green, chief executive of a Washington start-up, Personal Inc., which has raised $7.6 million for a business that aims to help people profit from providing their personal information to advertisers.

Read the rest of this post on the original site

]]> http://allthingsd.com/20110228/webs-hot-new-commodity-privacy/feed/ 0 http://allthingsd.com/20110210/oil-firms-hit-by-hackers-from-china-report-says/ http://allthingsd.com/20110210/oil-firms-hit-by-hackers-from-china-report-says/#comments Thu, 10 Feb 2011 13:30:50 +0000 Nathan Hodge and Adam Entous http://voices.allthingsd.com/?p=36174 Hackers who appear to be based in China have conducted a “coordinated, covert and targeted” campaign of cyber espionage against major Western energy firms, according to a report expected to be issued today by cybersecurity firm McAfee Inc.

Law-enforcement agencies said they are investigating the incidents, which McAfee said have been going on at least since late 2009 but may have started as early as 2007. The company said the attacks, which it dubbed “Night Dragon,” were still occurring.

McAfee said the hackers targeted five multinational firms, but wouldn’t identify the companies by name because some of them are clients. McAfee said it was sharing the findings “to protect those not yet impacted and to repair those who have been.”

Read the rest of this post on the original site »

]]> http://allthingsd.com/20110210/oil-firms-hit-by-hackers-from-china-report-says/feed/ 0 http://allthingsd.com/20110131/intel-says-sandy-bridge-support-chip-has-design-errors/ http://allthingsd.com/20110131/intel-says-sandy-bridge-support-chip-has-design-errors/#comments Mon, 31 Jan 2011 19:02:03 +0000 Arik Hesseldahl http://newenterprise.allthingsd.com/?p=2602 Shares of Intel are taking a bit of a drubbing today as the company announced it had discovered a design error in a chip supporting its Sandy Bridge generation of microprocessors. The chip is called Cougar Point, and it’s involved with the data connection to other devices within or outside the computer–hard drives or internal optical drives–using SATA connections. Intel says the performance of these connections could degrade over time. The systems affected have Core i5 and Core i7 quad-core chips.

The company has already stopped making the chip with the problem, but as is always the case with the incredibly complex process of semiconductor manufacturing, doing so is a costly process. Intel said it will reduce its revenue forecast for the first quarter by $300 million as it ends production of the old chip and gets volume of the new one ramped up. Total cost to repair and replace affected materials and computers already sold with the problem chip will be $700 million.

Those with long memories will recall Intel’s Pentium bug in the mid-1990s, which caused a big crisis of confidence in Intel chips, jokes from late-night TV hosts and a drop in the company’s stock price. This error is nothing like that. The company says the processor itself is unaffected.

Analysts are telling investors not to overreact. “Assuming pent-up demand for Sandy Bridge and mild competition, we think impact of this problem will be relatively small,” Standard & Poor’s analyst Clyde Montevirgen told clients in a note today. Mark Moskowitz of J.P. Morgan said it is likely that only a small number of end consumers are affected.

Meanwhile, Intel closed its $1.4 billion deal to acquire the wireless chip division of the German chipmaker Infineon, and said it expects to finally close its $7.7 billion acquisition of McAfee by the end of the quarter.

The combination of those two deals plus the chip trouble caused Intel to issue new guidance for the first quarter. It now expects first-quarter sales in the range of $11.3 billion to $12.1 billion, which is slightly higher than previous guidance. However it shaved three points off its gross margin forecast: The mid-point of the range is now 61 percent, down from 64 percent.

Intel shares are down more than one percent at the moment, while shares of rival Advanced Micro Devices are surging by more than five percent.

]]> http://allthingsd.com/20110131/intel-says-sandy-bridge-support-chip-has-design-errors/feed/ 1 http://allthingsd.com/20101228/mcafee-releases-annual-top-scary-reasons-to-buy-our-software-list/ http://allthingsd.com/20101228/mcafee-releases-annual-top-scary-reasons-to-buy-our-software-list/#comments Tue, 28 Dec 2010 19:33:16 +0000 Voices http://voices.allthingsd.com/?p=34421 Security outfit McAfee today unveiled its 2011 Threat Predictions report, and sure enough, the biggest threats are aimed at “2010′s most buzzed about platforms and services, including Google’s Android, Apple’s iPhone, foursquare, Google TV and the Mac OS X platform, which are all expected to become major targets for cybercriminals.” Another in a long list of non-shocking (but still sobering) predictions: “Politically motivated attacks will be on the rise, as more groups are expected to repeat the WikiLeaks paradigm.” The report’s bottom line: Anything you do online carries risks. Which is undeniably true.

]]> http://allthingsd.com/20101228/mcafee-releases-annual-top-scary-reasons-to-buy-our-software-list/feed/ 0 http://allthingsd.com/20101221/u-s-regulators-approve-intels-perplexing-acquisition-of-mcafee/ http://allthingsd.com/20101221/u-s-regulators-approve-intels-perplexing-acquisition-of-mcafee/#comments Tue, 21 Dec 2010 19:41:41 +0000 Arik Hesseldahl http://newenterprise.allthingsd.com/?p=898 The Federal Trade Commission today approved a $7.7 billion deal by Intel, the world’s largest maker of computer chips, to acquire McAfee, the security software maker.

The deal, which once approved would amount to the largest deal in Intel’s history, still faces scrutiny by the European Union’s antitrust regulators, who have expressed concerns. This is of course the group that handed down the largest antitrust fine in its history against Intel. An appeal by Intel against that fine is pending.

I still find this combination a little confusing. I certainly see the need for Intel to grow its business beyond its core of providing the world’s personal computers and servers with microprocessors, and to add security features to future chips. But making chips is what it does best, and history has shown that when Intel deviates from what it does best it often regrets it later.

]]> http://allthingsd.com/20101221/u-s-regulators-approve-intels-perplexing-acquisition-of-mcafee/feed/ 1 http://allthingsd.com/20101208/big-patent-firm-sues-nine-tech-firms/ http://allthingsd.com/20101208/big-patent-firm-sues-nine-tech-firms/#comments Wed, 08 Dec 2010 19:20:06 +0000 Don Clark http://voices.allthingsd.com/?p=33766 Intellectual Ventures LLC, which has spent a decade buying and filing for patents, named nine big technology companies as defendants in its first-ever infringement suits.

The closely held firm was co-founded by former Microsoft Corp. chief technology officer Nathan Myhrvold, who had avoided litigation for years but never ruled it out.

Intellectual Venture’s lawsuits focus on patents in the fields of computer security and semiconductor technology. One suit names Symantec Corp., McAfee Inc., Trend Micro Inc. and Check Point Software Technologies Ltd.

Read the rest of this post on the original site »

]]> http://allthingsd.com/20101208/big-patent-firm-sues-nine-tech-firms/feed/ 0 http://allthingsd.com/20100913/hp-havent-found-a-new-ceo-yet-might-as-well-buy-another-company/ http://allthingsd.com/20100913/hp-havent-found-a-new-ceo-yet-might-as-well-buy-another-company/#comments Mon, 13 Sep 2010 08:27:09 +0000 John Paczkowski http://digitaldaily.allthingsd.com/?p=48298 [Update: HP has indeed agreed to acquire ArcSight for $1.5 billion.]

Mark Hurd’s ouster from Hewlett-Packard (HPQ) hasn’t slowed the company’s recent spending spree. In August, HP acquired security-software company Fortify for an undisclosed sum. Shortly afterward it snatched data-storage vendor 3Par away from Dell after a hard-fought bidding war.

Now HP’s M&A team has set its sights on another acquisition: ArcSight (ARST). People familiar with the matter say that HP is close to announcing a deal to buy the security-software maker. The rumored price: $1.5 billion, a nice 25 percent premium over ArcSight’s $1.21 billion market value based on its closing stock price last Friday. A deal could be announced within days.

ArcSight’s speciality is network-intrusion detection and its client list includes government agencies as well as financial services and healthcare companies. Were HP to acquire it, it would do much to bolster its portfolio of security and network offerings as it looks to further expand into those high-margin businesses.

But a deal isn’t a sure thing. Talks with HP are said to be ongoing and presumably ArcSight does have other suitors knocking on its door–particularly after Intel (INTC) signaled the coming consolidation of the security market with its $6.8 billion acquisition of McAfee.

]]> http://allthingsd.com/20100913/hp-havent-found-a-new-ceo-yet-might-as-well-buy-another-company/feed/ 0 http://allthingsd.com/20100827/intel-intent-on-ingesting-infineon/ http://allthingsd.com/20100827/intel-intent-on-ingesting-infineon/#comments Fri, 27 Aug 2010 10:00:14 +0000 John Paczkowski http://digitaldaily.allthingsd.com/?p=47419 Intel’s in an acquisitive mood these days. A week after buying antivirus software maker McAfee for $7.68 billion, the company is reportedly finalizing a deal to acquire Infineon Technologies’ wireless business. No word yet on terms, though Infineon’s asking price is rumored to be nearly $2 billion.

If it’s able to consummate a deal, and sources say that could happen as early as today, Intel (INTC) will with one move become a major player in the smartphone chip market, a component supplier to the likes of RIM (RIMM), Samsung, Nokia (NOK) and Apple (AAPL)–you’ll find Infineon silicon in the iPad and iPhone. And that’s something Intel has openly lusted after for years–or at least since it sold off its own communications and application chip business to Marvell four years ago.

]]> http://allthingsd.com/20100827/intel-intent-on-ingesting-infineon/feed/ 0 http://allthingsd.com/20100819/intel-to-buy-mcafee-for-7-7-billion/ http://allthingsd.com/20100819/intel-to-buy-mcafee-for-7-7-billion/#comments Thu, 19 Aug 2010 13:03:40 +0000 John Paczkowski http://digitaldaily.allthingsd.com/?p=46740

Intel announced its largest acquisition to date this morning, and it has little to do with the chipset market it has dominated for decades.

The chipmaker said it has agreed to buy antivirus software company McAfee (MFE) in a $7.7 billion acquisition that will expand its security offerings. Under the terms of the deal, Intel will pay $48 a share in cash, a hefty 60 percent premium over McAfee’s Wednesday closing stock price of $29.93. Both companies’ boards have approved the deal, though it still requires approval from McAfee shareholders and regulators.

What does Intel (INTC) want with McAfee, a vendor of oft-maligned antivirus software? To embed some of the company’s security tools directly into Intel chips for “hardware enhanced security.” And secure another, steadier revenue stream, perhaps.

Anyway, the acquisition is Intel’s largest ever, easily surpassing its 1999 takeover of Level One for $2.2 billion. Once it closes, McAfee will be a wholly owned subsidiary of Intel, reporting to its software and services group.

“With the rapid expansion of growth across a vast array of Internet-connected devices, more and more of the elements of our lives have moved online,” said Intel President and Chief Executive Paul Otellini. “In the past, energy-efficient performance and connectivity have defined computing requirements. Looking forward, security will join those as a third pillar of what people demand from all computing experiences.”

And just like that Intel is a player in the security software and services market.

SANTA CLARA, Calif.–Intel Corporation has entered into a definitive agreement to acquire McAfee, Inc., through the purchase of all of the company’s common stock at $48 per share in cash, for approximately $7.68 billion. Both boards of directors have unanimously approved the deal, which is expected to close after McAfee shareholder approval, regulatory clearances and other customary conditions specified in the agreement.

“We believe this acquisition will result in our ability to deliver a safer, more secure and trusted Internet-enabled device experience.”
The acquisition reflects that security is now a fundamental component of online computing. Today’s security approach does not fully address the billions of new Internet-ready devices connecting, including mobile and wireless devices, TVs, cars, medical devices and ATM machines as well as the accompanying surge in cyber threats. Providing protection to a diverse online world requires a fundamentally new approach involving software, hardware and services.

Inside Intel, the company has elevated the priority of security to be on par with its strategic focus areas in energy-efficient performance and Internet connectivity.

McAfee, which has enjoyed double-digit, year-over-year growth and nearly 80 percent gross margins last year, will become a wholly-owned subsidiary of Intel, reporting into Intel’s Software and Services Group. The group is managed by Renée James, Intel senior vice president, and general manager of the group.

“With the rapid expansion of growth across a vast array of Internet-connected devices, more and more of the elements of our lives have moved online,” said Paul Otellini, Intel president and CEO. “In the past, energy-efficient performance and connectivity have defined computing requirements. Looking forward, security will join those as a third pillar of what people demand from all computing experiences.

“The addition of McAfee products and technologies into the Intel computing portfolio brings us incredibly talented people with a track record of delivering security innovations, products and services that the industry and consumers trust to make connecting to the Internet safer and more secure,” Otellini added.

“Hardware-enhanced security will lead to breakthroughs in effectively countering the increasingly sophisticated threats of today and tomorrow,” said James. “This acquisition is consistent with our software and services strategy to deliver an outstanding computing experience in fast-growing business areas, especially around the move to wireless mobility.”

“McAfee is the next step in this strategy, and the right security partner for us,” she added. “Our current work together has impressive prospects, and we look forward to introducing a product from our strategic partnership next year.”

“The cyber threat landscape has changed dramatically over the past few years, with millions of new threats appearing every month,” said Dave DeWalt, president and CEO of McAfee. “We believe this acquisition will result in our ability to deliver a safer, more secure and trusted Internet-enabled device experience.”

McAfee, based in Santa Clara and founded in 1987, is the world’s largest dedicated security technology company with approximately $2 billion in revenue in 2009. With approximately 6,100 employees, McAfee’s products and technologies deliver secure solutions and services to consumers, enterprises and governments around the world and include a strong sales force that works with a variety of customers.

The company has a suite of software-related security solutions, including end-point and networking products and services that are focused on helping to ensure Internet-connected devices and networks are protected from malicious content, phony requests and unsecured transactions and communications. Among others, products include McAfee Total Protection™, McAfee Antivirus, McAfee Internet Security, McAfee Firewall, McAfee IPS as well as an expanding line of products targeting mobile devices such as smartphones.

Intel has made a series of recent and successful software acquisitions to pursue a deliberate strategy focused on leading companies in their industry delivering software that takes advantage of silicon. These include gaming, visual computing, embedded device and machine software and now security.

Home to two of the most innovative labs and research in the high-tech industry, Intel and McAfee will also jointly explore future product concepts to further strengthen security in the cloud network and myriad of computers and devices people use in their everyday lives.

On a GAAP basis, Intel expects the combination to be slightly dilutive to earnings in the first year of operations and approximately flat in the second year. On a non-GAAP basis, excluding a one-time write down of deferred revenue when the transaction closes and amortization of acquired intangibles, Intel expects the combination to be slightly accretive in the first year and improve beyond that.

Intel was advised by Goldman Sachs & Co. and Morrison & Foerster LLP. McAfee was advised by Morgan Stanley & Co. Inc. and Wilson Sonsini Goodrich & Rosati, P.C.

]]> http://allthingsd.com/20100819/intel-to-buy-mcafee-for-7-7-billion/feed/ 0 http://allthingsd.com/20100421/mcafee-glitch-reboots-computers-again-and-again/ http://allthingsd.com/20100421/mcafee-glitch-reboots-computers-again-and-again/#comments Wed, 21 Apr 2010 23:21:13 +0000 Ben Worthen http://voices.allthingsd.com/?p=24203 PCs across the country rebooted continuously Wednesday, in a mass outbreak reminiscent of the widespread computer viruses from a decade ago. The cause this time wasn’t a virus, however, but a glitch on the part of a company that’s supposed to stop such malicious programs.

Security company McAfee Wednesday morning issued a software update intended to give the computers that it’s contracted to protect a new list of malicious files to block and delete. Somehow a file that is part of Microsoft’s (MSFT) Windows operating system made it on to the list. And when McAfee’s software deleted this file, all hell broke loose.

People all over the country reported that their computers stopped working. Among the victimized organization were a hospital in Rhode Island, police in Kentucky and the National Science Foundation, according to the AP.

Read the rest of this post on the original site

]]> http://allthingsd.com/20100421/mcafee-glitch-reboots-computers-again-and-again/feed/ 0 http://allthingsd.com/20100312/hunch-gets-it-right-adds-a-10-million-b-round-led-by-khosla-ventures/ http://allthingsd.com/20100312/hunch-gets-it-right-adds-a-10-million-b-round-led-by-khosla-ventures/#comments Fri, 12 Mar 2010 21:40:15 +0000 Peter Kafka http://mediamemo.allthingsd.com/?p=17354 Hunch, a buzzy start-up that answers questions using crowdsourced recommendations, has resolved one query of its own: Who’s going to fund our B round?

Sources tell me that Khosla Ventures is leading a new round that will add another $10 million to $12 million to the start-up’s bank account. General Catalyst Partners, Bessemer Venture Partners, and Ron Conway, who put $2 million into the company a year ago, are reinvesting.

I’m told that Gideon Yu, the former CFO of both Facebook and YouTube, is steering the investment for Khosla.

Hunch was co-founded by Caterina Fake, who founded Flickr and sold it to Yahoo (YHOO) in 2005, and Chris Dixon, who built SiteAdvisor and sold it to McAfee (MFE) in 2006.

Hunch is still a modest-sized site–its internal numbers put it at 1.2 million unique visitors–but Fake and Dixon are well-regarded entrepreneurs. And while they don’t like to be compared with Aardvark, which has a vaguely similar concept, the linkage does have some upside: Last month, Google (GOOG) bought that site for $50 million.

I asked Fake, Dixon and Yu for comment. Until I hear from them, you can read up on Hunch in Kara Swisher’s story from last month. Or you can watch this interview.

]]> http://allthingsd.com/20100312/hunch-gets-it-right-adds-a-10-million-b-round-led-by-khosla-ventures/feed/ 0 http://allthingsd.com/20100304/other-companies-than-google-faced-big-risks-in-attack-mcafee-says/ http://allthingsd.com/20100304/other-companies-than-google-faced-big-risks-in-attack-mcafee-says/#comments Thu, 04 Mar 2010 16:30:55 +0000 Ben Worthen http://voices.allthingsd.com/?p=22047 It’s not news that Google (GOOG) lost some intellectual property in the highly publicized cyber attack that targeted the Internet giant and many other companies. What is more surprising, the security firm McAfee (MFE) says, is how the others could have also been victimized.

The perpetrators in the Google case gained access in some instances to the systems where companies store their “source code,” the computer code at the heart of a tech company’s products, says George Kurtz, McAfee’s chief technology officer. With this access the hacker could either steal the source code or modify it.

Read the rest of this post on the original site

]]> http://allthingsd.com/20100304/other-companies-than-google-faced-big-risks-in-attack-mcafee-says/feed/ 0 http://allthingsd.com/20100218/hunchs-fake-and-dixon-speak-and-theyve-got-a-hunch-you-might-not-get-exactly-what-it-is-yet/ http://allthingsd.com/20100218/hunchs-fake-and-dixon-speak-and-theyve-got-a-hunch-you-might-not-get-exactly-what-it-is-yet/#comments Thu, 18 Feb 2010 18:42:18 +0000 Kara Swisher http://kara.allthingsd.com/?p=24560

When Aardvark was sold to Google (GOOG) for $50 million last week, a lot of folks wondered about the fate of Hunch, another hot start-up in the space.

Except, as correctly noted by two of its four co-founders, Caterina Fake and Chris Dixon, in a chat BoomTown had yesterday, Hunch is quite different–more of an algorithmically hopped up recommendation service that makes use of a mass of data from user-generated questions and answers than a simpler social search site.

That doesn’t make Hunch into either a Yahoo Answers or a Wikipedia with more charm or allow for annoyingly querying your friends on Facebook or the masses on Twitter.

Personally, Hunch reminds me of a crowd-sourced decision-making mosh pit without the sharp elbows, making all kinds of cool, if odd, connections.

This mass of varied data is what Dixon and Fake think is key to making better decisions.

Got it?

The New York-based Hunch launched about last June to a lot of hype–somewhat due to Fake’s success with her last start-up, Flickr, the popular photo-sharing site Yahoo (YHOO) bought in 2005.

And so far, Hunch has been growing decently, with 1.2 million unique monthly visitors now and tens of millions of questions asked and answered.

(Its other founders are Tom Pinckney and Matt Gattis.)

With $6 million in funding, where Hunch goes from here will be interesting to watch, as it adds perhaps more profiling features, both fun and helpful.

The business goal said Fake: Basic lead generation, for which Hunch will presumably be paid by all kinds of vendors.

Listen in on all this and more in my video interview with Fake, who works on product design at Hunch, and CEO Dixon, who has had his own serial entrepreneurial success selling security start-up SiteAdvisor to McAfee (MFE) in 2006:

]]> http://allthingsd.com/20100218/hunchs-fake-and-dixon-speak-and-theyve-got-a-hunch-you-might-not-get-exactly-what-it-is-yet/feed/ 3