Feeds

AuthenTec sells out to Apple to the sound of 1,000 lawsuits

Directors hounded for not hawking the business to Samsung

3 Big data security analytics techniques

Luring in the devs

This included some 23 patents as well as hardware products, and when it bought them, these were seen as simply decryption accelerators for many forms of security processing. AuthenTec has spent time extending the crypto hardware into a full trusted island inside silicon called SafeZone, a secure execution environment for handsets and tablets. This can be dropped into the Apple A6 and successor chips designed by Apple which drive its core iOS product lines, making them secure overnight.

If Apple then offered these hooks to its development community, HD video could be as safe as on a TV, or safer. Apple could offer this to any number of processes, DRM for video delivery, VPN for enterprise security, and potentially it could go beyond this to replacing the heart of security in financial transactions and in identity management (so SIMs). Other areas it has been focused on are as a secure OS boot to avoid OS roll-back attacks, a secure real time clock for date and time enforcement, random number generator and a safe asset store. The Cores can process AES, triple DES and ARC4 decryption with acceleration logic, all in a low power, small, silicon footprint.

It can be included in any Application Processor SoC and used like most hardware security systems, such as a conditional access smart card, to underpin both a DRM and a VPN. These cores only talk only through an email gateway to each other and to other application processor cores. It has already been sold into a number of LG Android devices and is used in Motorola Droids and in NEC devices in Japan.

AutheTec bought 23 patents from SafeNet to apply to security core designs. The core was implemented on SoCs built in 90 and 65 nanometer geometry and when we last looked was being worked on for both 45 nm and 40 nm chips, although the design of course is independent of any silicon process.

We made quite a fuss in Faultline when a similar, perhaps even more sophisticated, design was put into the major set top chips at Broadcom and ST Micro last year, but this was one designed by Cryptography Research which it called its CryptoFirewall. That company told us at the time that discussions were continuing with other set top chip makers and reluctantly confirmed that it was in advanced discussions with providers or Applications Processors for tablets and smartphones.

We thought at the time it meant Qualcomm, Nvidia and Marvel, who are thinking about licensing the core, and always felt Apple was unlikely to do so. We argued that as tablets come to handle HD video content, Hollywood is going to insist on content protection having a hardware base, and not simply use code Obfuscation and authentication seen in software hardened, downloadable DRMs. Another fact which drives the adoption by Apple of some form of security, capable of securing HD video from professional pirates, is the fact that the new shipping release of the latest Apple MAC OS, code named Mountain Lion, finally offers AirPlay Mirroring for both HD video and games, working in conjunction with the Apple TV product.

Keeping an eye on ARM

If you can openly mirror HD streams from the iPad to the TV, the Mac to the TV and an iPhone to a TV, and these are 1080p streams, then you‘d better be sure the latest movies on any of these devices cannot be pirated, otherwise Hollywood will get might upset and take video capability away from you. It could be that there is a happy coincidence here of Apple getting a bunch of technologies that it wants for a number of projects, all at once?

But would it pay substantially more than it paid for PA Semi-conductor, which designs its A6 chips ($278m) to provide it merely with an access technology (fingerprint sensor). We don‘t think so and think that the real play here is to differentiate and retain control of hardware security on its devices, in direct response to ARM working a deal with Gemalto and Giesecke & Devrient, to bring a genuine security system onto the cores which all ARM licensees can adopt. That deal was announced in April and it will take about a year before a security core will emerge from it, and by buying AuthenTec, Apple leapfrogs this move.

Apple’s new Mac OS can now stream HD content using AirPlay Mirroring It is the embedded devices division at AuthenTec, which includes both the SafeZone project and the software only DRM, and it is this division which has had all the revenue increases lately, and what has brought the company to the attention of Apple.

One thing announced in the deal which supports this is that Apple says that it has also entered an Intellectual Property and Technology Agreement which provides Apple with the right to acquire non-exclusive licenses "with respect to hardware technology, software technology and patents" of the company. That would not apply if the company is successfully sold, since Apple could sign any deal it likes with a company it owns 100 per cent. So this is more about protecting the rights to a key Apple launch, with an licence agreement in case anything goes wrong with the acquisition. It pays $20m for the privilege, and has 270 days at its sole discretion, to buy that licence for which it will pay $115m.

The mention of hardware we think refers to the SafeZone core, but may equally refer to fingerprinting hardware. It can‘t however refer to the software-only DRM download. Apple is also paying $7.5m for some product development, so it looks like Apple is in a hurry to build something, probably to come out in one of its next launches. As we say it could conceivably refer to an implementation of the fingerprinting technology, perhaps on a touchscreen, but our bet is that the SafeZone core will appear inside an Apple device quite soon. New intellectual property resulting from this work will be owned, it says, by Apple.

Meanwhile on the back of this we saw at least four separate legal moves begun within days of the deal being announced, to prevent it and insist that the board of directors hawk the property around to more potential buyers. Samsung is clearly the other company that investors want to see bidding on this property because last month it too took a license to AuthenTec‘s VPN QuickSec Mobile VPN Client for Android, deemed to be for enterprise phone use.

The class action legal eagles think that this contract would mean that Samsung would counterbid if there was permission for AuthenTec to reach out to it. We don‘t think it would and anyway we think the Apple deal is watertight, complete with the "no shop" restriction. Suits or investigations have been filed by Rigrodsky & Long of New York; Ryan & Maniskas of Pennsylvania; Faruqi & Faruqi of New York and Levi & Korsinsky of New York and Washington, to name but a few.

Copyright © 2012, Faultline

Faultline is published by Rethink Research, a London-based publishing and consulting firm. This weekly newsletter is an assessment of the impact of the week's events in the world of digital media. Faultline is where media meets technology. Subscription details here.

3 Big data security analytics techniques

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.