Joanna Rutkowska

Career

Joanna Rutkowska first gained widespread recognition in the security community at the Black Hat Briefings conference in Las Vegas in August 2006. There she presented two significant pieces of research: an attack against the Vista kernel protection mechanism, and a technique she dubbed Blue Pill, which used hardware virtualization to transparently move a running operating system into a virtual machine. The original concept underlying Blue Pill had been published by another researcher at IEEE Oakland in May 2006 under the name VMBR. Following the conference, eWeek Magazine named her one of the Five Hackers who Put a Mark on 2006.

In the years that followed, Rutkowska continued to focus on low-level and systems security. In 2007 she demonstrated that certain hardware-based memory acquisition techniques — including FireWire-based approaches — are unreliable and can be defeated. Later that same year, working alongside team member Alexander Tereshkin, she presented further research on virtualization malware. In 2008, her team turned attention to Xen hypervisor security. In 2009, together with team member Rafal Wojtczuk, she presented an attack against Intel Trusted Execution Technology and Intel System Management Mode.

Invisible Things Lab

In April 2007, Rutkowska founded Invisible Things Lab in Warsaw, Poland. The company focuses on operating system and virtual machine monitor (VMM) security research and provides consulting services. A notable contribution from this period came in a 2009 blog post in which she coined the term evil maid attack, describing a method for accessing encrypted data on a disk by compromising firmware through an external USB flash drive — a concept that has since become a standard reference in discussions of physical security threats.

Qubes OS

In 2010, Rutkowska and Rafal Wojtczuk began development of Qubes OS, a security-oriented desktop operating system based on the Xen hypervisor, which currently utilizes Fedora Linux as the admin qube. The initial release of Qubes 1.0 was completed on September 3, 2012. The system's central design principle is security by compartmentalization: different subsystems and workflows are isolated within lightweight Xen virtual machines called qubes, each operating as a separate virtual machine. The project describes itself as "a reasonably secure operating system" and has received endorsements from numerous privacy and security experts. Its design is informed by research into proven vulnerabilities in the trusted compute base that remain unaddressed in most common desktop operating systems.

Notable Work and Publications

Rutkowska has authored seminal works on systems trustability, including Intel x86 Considered Harmful and State Considered Harmful — A Proposal for a Stateless Laptop. Her research spans hardware memory acquisition weaknesses, hypervisor security, trusted execution environments, and the foundational architecture of secure operating systems.

Recognition and Conferences

Beyond her 2006 recognition by eWeek, Rutkowska has been an invited presenter at a wide range of prominent security conferences, including the Chaos Communication Congress, Black Hat Briefings, HITB, RSA Conference, RISK, EuSecWest, and the Gartner IT Security Summit. Her body of work has established her as a leading voice in low-level systems security and the practical design of trustworthy computing environments.