|Employer||Invisible Things Labs|
|Known for||Blue Pill, Evil Maid attack, Qubes OS|
She became known after the Black Hat Briefings conference in Las Vegas in August 2006, where Rutkowska presented an attack against Vista kernel protection mechanism, and also a technique dubbed Blue Pill, that used hardware virtualization to move a running OS into a virtual machine. Subsequently she has been named one of Five Hackers who Put a Mark on 2006 by eWeek Magazine for her research on the topic. The original concept of Blue Pill was published by another researcher at IEEE Oakland on May 2006 under the name VMBR. Its effectiveness is a subject of a debate among some researchers.
During following years, Rutkowska continued to focus on low-level security. In 2007 she demonstrated that certain types of hardware-based memory acquisition (e.g. FireWire based) are unreliable and can be defeated. Later in 2007, together with a team member Alexander Tereshkin, presented further research on virtualization malware. In 2008, Rutkowska with her team focused on Xen hypervisor security. In 2009, together with a team member Rafal Wojtczuk, presented an attack against Intel Trusted Execution Technology and Intel System Management Mode.
In April 2007 Rutkowska founded Invisible Things Lab in Warsaw, Poland. The company focuses on OS and VMM security research and provides various consulting services.
In 2010, she and Rafal Wojtczuk began working on the Qubes OS security-oriented, Fedora-based desktop Linux distribution whose main concept is "security by isolation" by using domains implemented as lightweight Xen virtual machines. Qubes 1.0 was officially released on September 3, 2012.
- Invisible Things Lab -- Resources
- Five Hackers Who Left a Mark on 2006, Ryan Naraine, eWeek.com
- SubVirt: Implementing malware with virtual machines
- Beyond The CPU: Defeating Hardware Based RAM Acquisition Tools
- IsGameOver(), anyone?
- Xen virtualisation swallows a "Blue Pill"
- Attacking Intel Trusted Execution Technology
- Qubes OS Homepage