Joanna Rutkowska

Joanna Rutkowska is a Polish hacker and computer security specialist, known malware in general, and the installation and hiding backdoors in Microsoft Windows Vista, in particular, especially for their research in the field.

In August 2006, Rutkowska presented at the Black Hat Briefings conference two methods to bypass security measures in Windows Vista Beta 2 before - but it was one of the Five Hackers who Left a Mark on 2006 ( German about: Five Hacker, the 2006 Major have done ) honored by eWeek Magazine.

The first method, which presented Rutkowska at the conference, bypasses Vistas integrity check, so to inject unsigned code into the running Vista kernel can. The then in the Release Candidate 2 built by Microsoft Fix had only moderate success in eliminating the vulnerability. The second method, a rootkit technology, it could potentially allow malicious code to hide its presence through the use of CPU virtualization.

At the Black Hat Briefings in March 2007 Rutkowska gave a speech in which she showed that certain species can be undermined by hardware-based rootkit detection mechanisms. To avoid being detected, a program called Blue Chicken has been developed which, in turn, itself recognizes timing analysis and disappears for a short time from the Virtual Memory, so the latency is normal during the analysis.

At the Black Hat conference in 2008 she put together with Alexander Tereshkin and Rafał Wojtczuk the trilogy 0wning Xen before, in which she describes how to inject DMA code in the Xen hypervisor, and can implement it with ring 0 privileges. Similar to the Blue Pill rootkit also this hypervisor rootkit is barely detectable.

In April 2011, she presented her team with the first beta of the Linux distribution Qubes OS, which relies on security through virtualization and runs on the basis of Fedora 14. By means of a Xen hypervisor running applications in virtual machines from each other foreclosed.

In April 2007, Rutkowska founded the "Invisible Things Lab", a company in Warsaw, explores operating system security and offers various discussions in the computer field.