Feeds

Intel seeks security through app stores

Walled gardens are good for us... er... you

Build a business case: developing custom apps

IDF Intel appears to be proposing to turn the x86 software market into an Apple-style apps store, and it's doing so in the name of security. One casualty will be anti-virus software as we know it.

Speaking at IDF this week about Intel's purchase of anti-malware monger McAfee, CEO Paul Otellini spoke of a need to move from a "known bad" to a "known good" model. In essence, that means no longer checking code for known forms of malware after it has been installed but only allowing safe code to be installed in the first place.

Intel's plan is to "give you a trusted machine that only allows in trusted software", Otellini said.

How do you do that? By signing that code with a signature guaranteeing its authenticity and safety, then preventing unsigned code from being run.

This is what Apple does with the iTunes App Store and, to a lesser extent, with Mac OS X 10.6 code. Snow Leopard apps can be signed, but unsigned code will still run. iOS code, on the other hand, will not run unless it's been signed, at least on iDevices that haven't been jailbroken.

Intel already has an app store: AppUp, the Atom-oriented software store it announced last year and opened to the public this week. it's not hard to view AppUp as a prototype for a broader shop that sells all kinds of "trusted" x86 software.

Some users will of course object to this, fearing the PC software market will become an Apple-style walled garden. We can't see the Linux community being keen on such a move either, freedom of code being one of the tenets of the open source culture.

But a fair few mainstream users, we suspect, will be happy with such restrictions if it means they can be sure the software they download is safe to use. The walled garden approach hasn't hindered Apple in any way, iOS users happily downloading dozens of apps irrespective of the limitations, or the security benefits.

So that's the end of anti-virus utilities then? Quite possibly. Only allowing a system to run "trusted" code would inherently prevent malware that's spread through email or rogue websites from executing.

More to the point, by shifting away from the need to compare code against the ever-growing database of malware, there'd be no need for regular virus definition updates that AV vendors' subscription sales model is based upon. ®

Maximizing your infrastructure through virtualization

More from The Register

next story
Whoah! How many Google Play apps want to read your texts?
Google's app permissions far too lax – security firm survey
Chrome browser has been DRAINING PC batteries for YEARS
Google is only now fixing ancient, energy-sapping bug
Do YOU work at Microsoft? Um. Are you SURE about that?
Nokia and marketing types first to get the bullet, says report
Microsoft takes on Chromebook with low-cost Windows laptops
Redmond's chief salesman: We're taking 'hard' decisions
EU dons gloves, pokes Google's deals with Android mobe makers
El Reg cops a squint at investigatory letters
Big Blue Apple: IBM to sell iPads, iPhones to enterprises
iOS/2 gear loaded with apps for big biz ... uh oh BlackBerry
OpenWRT gets native IPv6 slurping in major refresh
Also faster init and a new packages system
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Mobile application security vulnerability report
The alarming realities regarding the sheer number of applications vulnerable to attack, and the most common and easily addressable vulnerability errors.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.