Facebook’s Data Security Meltdown Could Bolster Blockchain: Analyst

The social media giant shouldn’t mistake the forest for the trees. While Facebook continues to reel from a security breach involving the personal data of tens of millions of users, they may just have demonstrated the value of an unalterable public ledger, aka blockchain. RBC Capital Markets analyst Mitch Steves thinks so, according to a recent

The post Facebook’s Data Security Meltdown Could Bolster Blockchain: Analyst appeared first on CCN

Expanding Intel’s Bug Bounty Program: New Side Channel Program, Increased Awards

By Rick Echevarria

At Intel, we believe that working with security researchers is a crucial part of identifying and mitigating potential security issues in our products. Similar to other companies, one of the ways we’ve made this part of our operating model is through a bug bounty program. The Intel® Bug Bounty Program was launched in March 2017 to incentivize security researchers to collaborate with us to find and report potential vulnerabilities. This, in turn, helps us strengthen the security of our products, while also enabling a responsible and coordinated disclosure process.

More:  Security Exploits and Intel Products (Press Kit) | Security Research Findings (Intel.com)

Coordinated disclosure is widely regarded as the best way to responsibly protect customers from security exploits. It minimizes the risk that exploitable information becomes publicly known before mitigations are available. Working closely with our industry partners and our customers, we encourage responsible and coordinated disclosure to improve the likelihood that users will have solutions available when security issues are first published. Our Bug Bounty Program supports this objective by creating a process whereby the security research community can inform us, directly and in a timely fashion, about potential exploits that its members discover.

In support of our recent security-first pledge, we’ve made several updates to our program. We believe these changes will enable us to more broadly engage the security research community, and provide better incentives for coordinated response and disclosure that help protect our customers and their data.

Updates to our program include:

  • Shifting from an invitation-only program to a program that is open to all security researchers, significantly expanding the pool of eligible researchers.
  • Offering a new program focused specifically on side channel vulnerabilities through Dec. 31, 2018. The award for disclosures under this program is up to $250,000.
  • Raising bounty awards across the board, with awards of up to $100,000 for other areas.

More details on the program, including these new updates, can be found online on the Intel security site or our HackerOne page.

We will continue to evolve the program as needed to make it as effective as possible and to help us fulfill our security-first pledge. Thank you, in advance, to all of those across the industry who choose to participate.

Rick Echevarria is vice president and general manager of Platform Security at Intel Corporation.

The post Expanding Intel’s Bug Bounty Program: New Side Channel Program, Increased Awards appeared first on Intel Newsroom.

Intel and Microsoft Collaborate to Deliver Industry-First Enterprise Blockchain Service

blockchain-2x1
» Click to view full infographic

Today, Microsoft announced a new framework that enables businesses to adopt blockchain technology for increased enterprise privacy and security, and named Intel as a key hardware and software development partner. As part of this collaboration, Microsoft, Intel and other blockchain technology leaders will build a new enterprise-targeted blockchain framework – called the Coco Framework – that integrates Intel® Software Guard Extensions (Intel SGX) to deliver improved transaction speed, scale and data confidentiality to enterprises. This first-of-its-kind innovation accelerates the enterprise readiness of blockchain technology, allowing developers to create flexible and more secure enterprise blockchain applications that can be easily managed by businesses.

Rick Echevarria Blog: Collaborating with Microsoft to Strengthen Enterprise Blockchains

Blockchain is a digital record-keeping system where digital transactions are executed, validated and recorded chronologically and publicly. Because it’s decentralized and transparent, it increases the efficiency and security of financial transactions – and does so at a significantly lower cost than traditional ledgers. The technology can be used for everything from simple file sharing to complex global payment processing and has the potential to transform the way companies operate.

Intel, Microsoft and other blockchain technology leaders are working together to deliver security-enhanced, scalable capabilities in blockchain services. The Coco Framework uses Intel SGX to add new levels of privacy and confidentiality to blockchain transactions. Intel SGX is a hardware-based security technology that can help improve blockchain solutions by providing a trusted execution environment that isolates key portions of a blockchain program. Intel SGX consists of a set of CPU instructions and platform enhancements that create private areas in the CPU and memory that can protect code and data during execution. Intel SGX helps the Coco Framework provide confidential data and accelerated transaction throughput. The data confidentiality is achieved by encrypting sensitive blockchain data until it is opened in an Intel SGX enclave by a permitted program. The accelerated throughput is achieved by isolating the transaction verification process to speed network consensus.

Intel is an active participant in the blockchain revolution, participating in developing standards, actively contributing technology and providing expert insight. Intel is actively engaged with industry leaders to improve performance, reliability and scalability of blockchain technologies.

Intel® Xeon processors provide unique capabilities that can improve the privacy, security and scalability of distributed ledger networks. For example, the recently-announced Intel® Xeon Scalable processors include a range of hardware-based trust, key protection and crypto-acceleration features that increase blockchain security and performance.

The post Intel and Microsoft Collaborate to Deliver Industry-First Enterprise Blockchain Service appeared first on Intel Newsroom.

Intel and Microsoft Collaborate to Deliver Industry-First Enterprise Blockchain Service

blockchain-2x1
» Click to view full infographic

Today, Microsoft announced a new framework that enables businesses to adopt blockchain technology for increased enterprise privacy and security, and named Intel as a key hardware and software development partner. As part of this collaboration, Microsoft, Intel and other blockchain technology leaders will build a new enterprise-targeted blockchain framework – called the Coco Framework – that integrates Intel® Software Guard Extensions (Intel SGX) to deliver improved transaction speed, scale and data confidentiality to enterprises. This first-of-its-kind innovation accelerates the enterprise readiness of blockchain technology, allowing developers to create flexible and more secure enterprise blockchain applications that can be easily managed by businesses.

Rick Echevarria Blog: Collaborating with Microsoft to Strengthen Enterprise Blockchains

Blockchain is a digital record-keeping system where digital transactions are executed, validated and recorded chronologically and publicly. Because it’s decentralized and transparent, it increases the efficiency and security of financial transactions – and does so at a significantly lower cost than traditional ledgers. The technology can be used for everything from simple file sharing to complex global payment processing and has the potential to transform the way companies operate.

Intel, Microsoft and other blockchain technology leaders are working together to deliver security-enhanced, scalable capabilities in blockchain services. The Coco Framework uses Intel SGX to add new levels of privacy and confidentiality to blockchain transactions. Intel SGX is a hardware-based security technology that can help improve blockchain solutions by providing a trusted execution environment that isolates key portions of a blockchain program. Intel SGX consists of a set of CPU instructions and platform enhancements that create private areas in the CPU and memory that can protect code and data during execution. Intel SGX helps the Coco Framework provide confidential data and accelerated transaction throughput. The data confidentiality is achieved by encrypting sensitive blockchain data until it is opened in an Intel SGX enclave by a permitted program. The accelerated throughput is achieved by isolating the transaction verification process to speed network consensus.

Intel is an active participant in the blockchain revolution, participating in developing standards, actively contributing technology and providing expert insight. Intel is actively engaged with industry leaders to improve performance, reliability and scalability of blockchain technologies.

Intel® Xeon processors provide unique capabilities that can improve the privacy, security and scalability of distributed ledger networks. For example, the recently-announced Intel® Xeon Scalable processors include a range of hardware-based trust, key protection and crypto-acceleration features that increase blockchain security and performance.

The post Intel and Microsoft Collaborate to Deliver Industry-First Enterprise Blockchain Service appeared first on Intel Newsroom.

KARL – kernel address randomized link

In a message to the tech@ mailing list, Theo de Raadt (deraadt@) has announced a new randomization feature for kernel protection:

Over the last three weeks I've been working on a new randomization
feature which will protect the kernel.
[...]
Recently I moved all our kernels to a new mapping model, with patrick
and visa taking care of two platforms.
[...]
As a result, every new kernel is unique.  The relative offsets between
functions and data are unique.
[...]
However, snapshots of -current contain a futher change, which I
worked on with Robert Peichaer (rpe@):

That change is scaffolding to ensure you boot a newly-linked kernel
upon every reboot.[...]

Read the full message for the juicy details.

Note that, because of the new mechanisms, unhibernate does not work on -current (for now).

KARL – kernel address randomized link

In a message to the tech@ mailing list, Theo de Raadt (deraadt@) has announced a new randomization feature for kernel protection:

Over the last three weeks I've been working on a new randomization
feature which will protect the kernel.
[...]
Recently I moved all our kernels to a new mapping model, with patrick
and visa taking care of two platforms.
[...]
As a result, every new kernel is unique.  The relative offsets between
functions and data are unique.
[...]
However, snapshots of -current contain a futher change, which I
worked on with Robert Peichaer (rpe@):

That change is scaffolding to ensure you boot a newly-linked kernel
upon every reboot.[...]

Read the full message for the juicy details.

Note that, because of the new mechanisms, unhibernate does not work on -current (for now).

Our Unwavering Commitment to Security, Post-McAfee

By Doug Fisher

On behalf of Intel, I want to offer our full support to the McAfee team as one of the largest standalone cybersecurity companies in the industry. We will continue to collaborate with McAfee and other ecosystem partners to optimize and enhance their products for Intel® Architecture. It is just one of the ways we will deliver on our vision to integrate industry-leading security and privacy capabilities all the way from the cloud to billions of smart, connected computing devices.

News Byte: A Brand New McAfee Commits to Building a Safer Future
News Release: McAfee Announces New Status as a Standalone Cybersecurity Company

Just as our customers require quality and performance from our products, they expect security to be part of everything we do. Intel has always been, and always will be, an innovator in digital security. We hold a unique position in the digital ecosystem, designing and protecting the hardware root of trust. Because we power everything ranging from smart connected devices to the cloud, we can help to simplify security for tens of thousands of hardware, software and service providers, as well as billions of end users.

By 2020, Intel estimates that 200 billion smart objects will be part of the Internet of Things1 (IoT). That poses new security challenges.

I believe that the traditional model of “software protecting software” no longer protects us against modern threats. Intel’s hardware-based approach can better secure every layer of the compute stack (hardware, BIOS, firmware, operating systems, applications, networks and the cloud) to drive an overarching security solution.

Secure the Silicon Foundation

The security industry needs a trusted foundation, especially as cyber threats move down the stack, from application software to hardware, the most valuable attack surface. We deliver a silicon root of trust that includes unique and compelling security extensions to the Intel® instruction set architecture, designed to protect applications, operating systems, firmware, BIOS and hardware.

Intel drives consistent capabilities across our portfolio of products for integrity, reliability and recoverability to protect against modern and evolving attacks. Consistent capabilities across our portfolio include protected boot, hardware and software ID, protected storage, and a trusted execution environment.

Deliver End-to-End, Cross-Platform Security Solutions

We align Intel software and hardware priorities to drive better solutions for our customers and their users. From defining and implementing new features for Intel® Architecture to the enabling of new security technologies for our customers to differentiate and monetize, Intel designs security solutions with the customer and user experience in mind.

I am proud of our ability to integrate innovative end-to-end security solutions addressing new and existing workloads. Hardware-enabled security enables new solutions and opportunities in many key areas, including:

Automated Driving: Security in a connected car goes beyond protecting the user’s data to include the safety of occupants, pedestrians and other vehicle users. Connected cars are systems of systems, presenting more and more attack surfaces. Some essential security capabilities such as biometric and multi-factor authentication and secure software-defined cockpits can protect identity and privacy as well as personal safety.

Artificial Intelligence: AI can help us keep pace with new patterns of attack and automate the detection, identification and classification of threats. But AI workloads need to be protected as well. That is why Intel established the Intel Science and Technology Center with Georgia Tech. It will help provide advanced research on understanding “adversarial” machine learning and develop threat mitigations at the algorithm level.

Virtual/Merged Reality: Amazing VR/MR experiences depend on immersive content, and to be shared or sold that content must be protected. Intel delivers hardware-level security and performance across media interfaces with High-bandwidth Digital Content Protection (HDCP), and our announced product plans include 4K ultra-high definition (UHD) baseline security.

5G: 5G wireless telecommunications opens new opportunities for telco companies and their consumer and business customers. But it also creates new targets for attackers. Security must be built in, from endpoints to the cloud, to protect user confidentiality as well as the integrity and availability of networks and systems. As telco companies transform with software-defined networks (SDNs), they require hardware-enabled security. Intel® Open Security Controller (Intel® OSC) will orchestrate SDN security policies for intrusion prevention, next-generation firewall and application delivery control, regardless of security vendor.

At Intel we will continue to integrate innovative, end-to-end security solutions to support these four market opportunities and beyond.

Collaborate with Ecosystem Partners to Deliver New Security Capabilities

A fragmented security ecosystem creates opportunities for bad actors — and bad outcomes. By collaborating with partners across hardware, software and services industries to deliver new security capabilities to market, we help drive an open ecosystem that delivers integrity, reliability, recoverability and consistency through hardware-enabled security.

Making it Easier for Developers to Drive Scale

One of our main goals is to help the millions of developers build security into applications using our tools, libraries and resources. We achieve that with simple consistent application programming interfaces to Intel® hardware capabilities. That makes application development easier, and it accelerates adoption of our hardware-enabled security capabilities.

We also help developers through our security contributions to open-source projects such as Linux* kernel, OpenStack* and Yocto*, and by driving open standards such as the Unified Extensible Firmware Interface (UEFI Security) and Fast IDentity Online (FIDO) Alliance.

By making it easy for developers to protect devices, software and user experiences, we help them differentiate their products on Intel architecture — in turn, driving scale throughout the security ecosystem.

Establish Trust through Cloud Services and Shared Best Practices

As Intel provides an optional hardware root of trust for local attestation, we also offer optional remote attestation with cloud-based trusted services. They extend hardware-enabled security and reinforce platform trust. For example, the Intel® SGX Attestation Service allows developers who use protected enclaves to confirm enclave validity.

Beyond Intel® technology, which powers much of the world’s computing, we offer enterprise IT know-how and best practices. For example, our shared “hackability” studies, threat research and analysis of attack surfaces benefit the rest of the security industry.

Intel’s Commitment to Security

As McAfee becomes a standalone cybersecurity company, Intel reiterates its unwavering commitment to integrated, hardware-enabled security. At Intel, hardware and software will continue to work seamlessly together to solve growing cybersecurity challenges. I am excited to see this ecosystem build momentum. There is much more to come as we continue to deliver experiences that are truly amazing … and secure.

Doug Fisher is senior vice president and general manager of the Software and Services Group (SSG) at Intel Corporation. He is responsible for software and software development at Intel worldwide. Follow Doug Fisher on Twitter at @DougWFisher for additional insights on this topic and more.

1IDC, Intel, United Nations.

The post Our Unwavering Commitment to Security, Post-McAfee appeared first on Intel Newsroom.

Our Unwavering Commitment to Security, Post-McAfee

By Doug Fisher

On behalf of Intel, I want to offer our full support to the McAfee team as one of the largest standalone cybersecurity companies in the industry. We will continue to collaborate with McAfee and other ecosystem partners to optimize and enhance their products for Intel® Architecture. It is just one of the ways we will deliver on our vision to integrate industry-leading security and privacy capabilities all the way from the cloud to billions of smart, connected computing devices.

News Byte: A Brand New McAfee Commits to Building a Safer Future
News Release: McAfee Announces New Status as a Standalone Cybersecurity Company

Just as our customers require quality and performance from our products, they expect security to be part of everything we do. Intel has always been, and always will be, an innovator in digital security. We hold a unique position in the digital ecosystem, designing and protecting the hardware root of trust. Because we power everything ranging from smart connected devices to the cloud, we can help to simplify security for tens of thousands of hardware, software and service providers, as well as billions of end users.

By 2020, Intel estimates that 200 billion smart objects will be part of the Internet of Things1 (IoT). That poses new security challenges.

I believe that the traditional model of “software protecting software” no longer protects us against modern threats. Intel’s hardware-based approach can better secure every layer of the compute stack (hardware, BIOS, firmware, operating systems, applications, networks and the cloud) to drive an overarching security solution.

Secure the Silicon Foundation

The security industry needs a trusted foundation, especially as cyber threats move down the stack, from application software to hardware, the most valuable attack surface. We deliver a silicon root of trust that includes unique and compelling security extensions to the Intel® instruction set architecture, designed to protect applications, operating systems, firmware, BIOS and hardware.

Intel drives consistent capabilities across our portfolio of products for integrity, reliability and recoverability to protect against modern and evolving attacks. Consistent capabilities across our portfolio include protected boot, hardware and software ID, protected storage, and a trusted execution environment.

Deliver End-to-End, Cross-Platform Security Solutions

We align Intel software and hardware priorities to drive better solutions for our customers and their users. From defining and implementing new features for Intel® Architecture to the enabling of new security technologies for our customers to differentiate and monetize, Intel designs security solutions with the customer and user experience in mind.

I am proud of our ability to integrate innovative end-to-end security solutions addressing new and existing workloads. Hardware-enabled security enables new solutions and opportunities in many key areas, including:

Automated Driving: Security in a connected car goes beyond protecting the user’s data to include the safety of occupants, pedestrians and other vehicle users. Connected cars are systems of systems, presenting more and more attack surfaces. Some essential security capabilities such as biometric and multi-factor authentication and secure software-defined cockpits can protect identity and privacy as well as personal safety.

Artificial Intelligence: AI can help us keep pace with new patterns of attack and automate the detection, identification and classification of threats. But AI workloads need to be protected as well. That is why Intel established the Intel Science and Technology Center with Georgia Tech. It will help provide advanced research on understanding “adversarial” machine learning and develop threat mitigations at the algorithm level.

Virtual/Merged Reality: Amazing VR/MR experiences depend on immersive content, and to be shared or sold that content must be protected. Intel delivers hardware-level security and performance across media interfaces with High-bandwidth Digital Content Protection (HDCP), and our announced product plans include 4K ultra-high definition (UHD) baseline security.

5G: 5G wireless telecommunications opens new opportunities for telco companies and their consumer and business customers. But it also creates new targets for attackers. Security must be built in, from endpoints to the cloud, to protect user confidentiality as well as the integrity and availability of networks and systems. As telco companies transform with software-defined networks (SDNs), they require hardware-enabled security. Intel® Open Security Controller (Intel® OSC) will orchestrate SDN security policies for intrusion prevention, next-generation firewall and application delivery control, regardless of security vendor.

At Intel we will continue to integrate innovative, end-to-end security solutions to support these four market opportunities and beyond.

Collaborate with Ecosystem Partners to Deliver New Security Capabilities

A fragmented security ecosystem creates opportunities for bad actors — and bad outcomes. By collaborating with partners across hardware, software and services industries to deliver new security capabilities to market, we help drive an open ecosystem that delivers integrity, reliability, recoverability and consistency through hardware-enabled security.

Making it Easier for Developers to Drive Scale

One of our main goals is to help the millions of developers build security into applications using our tools, libraries and resources. We achieve that with simple consistent application programming interfaces to Intel® hardware capabilities. That makes application development easier, and it accelerates adoption of our hardware-enabled security capabilities.

We also help developers through our security contributions to open-source projects such as Linux* kernel, OpenStack* and Yocto*, and by driving open standards such as the Unified Extensible Firmware Interface (UEFI Security) and Fast IDentity Online (FIDO) Alliance.

By making it easy for developers to protect devices, software and user experiences, we help them differentiate their products on Intel architecture — in turn, driving scale throughout the security ecosystem.

Establish Trust through Cloud Services and Shared Best Practices

As Intel provides an optional hardware root of trust for local attestation, we also offer optional remote attestation with cloud-based trusted services. They extend hardware-enabled security and reinforce platform trust. For example, the Intel® SGX Attestation Service allows developers who use protected enclaves to confirm enclave validity.

Beyond Intel® technology, which powers much of the world’s computing, we offer enterprise IT know-how and best practices. For example, our shared “hackability” studies, threat research and analysis of attack surfaces benefit the rest of the security industry.

Intel’s Commitment to Security

As McAfee becomes a standalone cybersecurity company, Intel reiterates its unwavering commitment to integrated, hardware-enabled security. At Intel, hardware and software will continue to work seamlessly together to solve growing cybersecurity challenges. I am excited to see this ecosystem build momentum. There is much more to come as we continue to deliver experiences that are truly amazing … and secure.

Doug Fisher is senior vice president and general manager of the Software and Services Group (SSG) at Intel Corporation. He is responsible for software and software development at Intel worldwide. Follow Doug Fisher on Twitter at @DougWFisher for additional insights on this topic and more.

1IDC, Intel, United Nations.

The post Our Unwavering Commitment to Security, Post-McAfee appeared first on Intel Newsroom.

A Brand New McAfee Commits to Building a Safer Future

McAfee, the globally trusted security provider, announced today that it has begun operating as a new standalone company. As a standalone business, McAfee is one of the world’s largest pure-play cybersecurity firms. Built on the belief that “Together is Power,” the new McAfee will expand upon its leading security solutions platform to better enable customers to effectively identify and orchestrate responses to cyber-threats.

News Release: A Brand New McAfee Commits to Building a Safer Future

News and Information

Infographics

Visuals

Intel Security

The post A Brand New McAfee Commits to Building a Safer Future appeared first on Intel Newsroom.

A Brand New McAfee Commits to Building a Safer Future

McAfee, the globally trusted security provider, announced today that it has begun operating as a new standalone company. As a standalone business, McAfee is one of the world’s largest pure-play cybersecurity firms. Built on the belief that “Together is Power,” the new McAfee will expand upon its leading security solutions platform to better enable customers to effectively identify and orchestrate responses to cyber-threats.

News Release: A Brand New McAfee Commits to Building a Safer Future

News and Information

Infographics

Visuals

Intel Security

The post A Brand New McAfee Commits to Building a Safer Future appeared first on Intel Newsroom.