Joanna Rutkowska
Encyclopedia
Joanna Rutkowska is a Polish
security researcher, primarily known for her research on low-level security and stealth malware.
She became known after the Black Hat Briefings
conference in Las Vegas in August 2006, where Rutkowska presented an attack against Vista kernel protection mechanism, and also a technique dubbed Blue Pill
, that used hardware virtualization to move a running OS into a virtual machine. Subsequently she has been named one of Five Hackers who Put a Mark on 2006 by eWeek Magazine
for her research on the topic. The effectiveness of Blue Pill is a subject of a debate among some researchers.
During following years, Rutkowska continued to focus on low-level security. In 2007 she demonstrated that certain types of hardware-based memory acquisition (e.g. FireWire based) are unreliable and can be defeated. Later in 2007, together with a team member Alexander Tereshkin, presented further research on virtualization malware. In 2008, Rutkowska with her team focused on Xen hypervisor security. In 2009, together with a team member Rafal Wojtczuk, presented an attack against Intel Trusted Execution Technology and Intel System Management Mode.
In April 2007 Rutkowska founded Invisible Things Lab in Warsaw, Poland. The company focuses on OS and VMM security research and provides various consulting services.
In 2010, she and Rafal Wojtczuk created the Qubes security-centric operating system based on Disposable Virtual Machine.
Poland
Poland , officially the Republic of Poland , is a country in Central Europe bordered by Germany to the west; the Czech Republic and Slovakia to the south; Ukraine, Belarus and Lithuania to the east; and the Baltic Sea and Kaliningrad Oblast, a Russian exclave, to the north...
security researcher, primarily known for her research on low-level security and stealth malware.
She became known after the Black Hat Briefings
Black Hat Briefings
The Black Hat Conference is a computer security conference that brings together a variety of people interested in information security. Representatives of federal agencies and corporations attend along with hackers. The Briefings take place regularly in Las Vegas, Barcelona and Tokyo...
conference in Las Vegas in August 2006, where Rutkowska presented an attack against Vista kernel protection mechanism, and also a technique dubbed Blue Pill
Blue pill (malware)
Blue Pill is the codename for a controversial rootkit based on x86 virtualization. Blue Pill originally required AMD-V virtualization support, but was later ported to support Intel VT-x as well...
, that used hardware virtualization to move a running OS into a virtual machine. Subsequently she has been named one of Five Hackers who Put a Mark on 2006 by eWeek Magazine
EWeek
eWeek is a weekly computing business magazine published by Ziff Davis Enterprise.The magazine consists of a print publication and web site covering enterprise topics and is targeted at IT professionals rather than hobbyists.-Audience:The eWeek audience is actively involved in buying enterprise...
for her research on the topic. The effectiveness of Blue Pill is a subject of a debate among some researchers.
During following years, Rutkowska continued to focus on low-level security. In 2007 she demonstrated that certain types of hardware-based memory acquisition (e.g. FireWire based) are unreliable and can be defeated. Later in 2007, together with a team member Alexander Tereshkin, presented further research on virtualization malware. In 2008, Rutkowska with her team focused on Xen hypervisor security. In 2009, together with a team member Rafal Wojtczuk, presented an attack against Intel Trusted Execution Technology and Intel System Management Mode.
In April 2007 Rutkowska founded Invisible Things Lab in Warsaw, Poland. The company focuses on OS and VMM security research and provides various consulting services.
In 2010, she and Rafal Wojtczuk created the Qubes security-centric operating system based on Disposable Virtual Machine.
External links
- Qubes - Qubes Operating System Home
- InvisibleThings - personal website
- InvisibleThings blog
- Invisible Things Lab - corporate website
- CNET news - Vista Hacked at Black Hat
- Computerworld Security article