Joanna Rutkowska
Joanna Rutkowska | |
---|---|
Nationality | Polish |
Occupation | Security researcher |
Employer | Invisible Things Labs |
Known for | Blue Pill, Evil Maid attack, Qubes OS |
Website |
blog |
Joanna Rutkowska is a Polish computer security researcher, primarily known for her research on low-level security and stealth malware.[1]
She became known in the security community after the Black Hat Briefings conference in Las Vegas in August 2006, where Rutkowska presented an attack against Vista kernel protection mechanism, and also a technique dubbed Blue Pill, that used hardware virtualization to move a running OS into a virtual machine. Subsequently she has been named one of Five Hackers who Put a Mark on 2006 by eWeek Magazine for her research on the topic.[2] The original concept of Blue Pill was published by another researcher at IEEE Oakland on May 2006 under the name VMBR.[3]
During following years, Rutkowska continued to focus on low-level security. In 2007 she demonstrated that certain types of hardware-based memory acquisition (e.g. FireWire based) are unreliable and can be defeated.[4] Later in 2007, together with a team member Alexander Tereshkin, presented further research on virtualization malware.[5] In 2008, Rutkowska with her team focused on Xen hypervisor security.[6] In 2009, together with a team member Rafal Wojtczuk, presented an attack against Intel Trusted Execution Technology and Intel System Management Mode.[7]
In April 2007, Rutkowska founded Invisible Things Lab in Warsaw, Poland. The company focuses on OS and VMM security research and provides various consulting services.
In 2010, she and Rafal Wojtczuk began working on the Qubes OS security-oriented desktop Xen distribution, which utilises Fedora Linux. Its main concept is "security by compartmentalization", using domains implemented as lightweight Xen virtual machines to isolate various subsystems. The project refers to itself as "a reasonably secure operating system" and has received endorsements by numerous privacy and security experts. It is fairly unique in its capabilities, having a design informed by research on proven vulnerabilities in the trusted compute base (TCB), that are unaddressed in most common desktop operating systems.
She has published seminal works on systems trustability, most recently Intel x86 Considered Harmful[8] and State Considered Harmful - A Proposal for a Stateless Laptop.[9] Rutkowska has been invited as an esteemed presenter at security conferences, such Chaos Computer Conferences, Black Hat Briefings, HITB, RSA Conference, RISK, EuSecWest & Gartner IT Security Summit.
References
- ↑ "About". Invisible Things Lab. Retrieved 12 June 2016.
- ↑ Naraine, Ryan (2 January 2006). "Five Hackers Who Left a Mark on 2006". eWeek. Retrieved 11 June 2016.
- ↑ King, Samuel T.; Chen, Peter M.; Wang, Yi-Min; Verbowski, Chad; Wang, Helen J.; Lorch, Jacob R. (1 January 2006). "SubVirt: Implementing Malware with Virtual Machines". IEEE Computer Society. pp. 314–327. doi:10.1109/SP.2006.38 – via ACM Digital Library.
- ↑ Rutkowska, Joanna (28 February 2007). Beyond The CPU: Defeating Hardware Based RAM Acquisition (PDF). Black Hat DC. Washington, D.C.
- ↑ Rutkowska, Joanna; Tereshkin, Alexander (8 February 2007). IsGameOver(), anyone? (PDF). Black Hat USA. Las Vegas, Nevada.
- ↑ Walker-Morgan, Dj (12 August 2008). "Xen virtualisation swallows a "Blue Pill"". The H. Archived from the original on 8 December 2013.
- ↑ Attacking Intel Trusted Execution Technology
- ↑ Rutkowska, Joanna (October 2015). "Intel x86 considered harmful" (PDF). The Invisible Things. Retrieved 12 June 2016.
- ↑ Rutkowska, Joanna (December 2015). "State Considered Harmful - A Proposal for a Stateless Laptop" (PDF). The Invisible Things. Retrieved 12 June 2016.
External links
- Invisible Things Lab - corporate website
- CNET news - Vista Hacked at Black Hat
- SubVirt: Implementing malware with virtual machines