Joanna Rutkowska Biography ,Age,Education,Timeline,Twitter And More

Joanna Rutkowska

SEXIEST HACKER IN THE WORLD
CEO "QUBES OS"

Name:-Joanna Rutkowska
Full Name:-Joanna Rutkowska
Nick Name:-Joanna
Birthday:- 17 September 1988
Live Location:-Maryland US
Nationality:–USA
Born Country:–USA
Born In:– Maryland
Famous As:– Hacking And "Qubes OS"
Salary:–Not Fixed
Height:– 5 feet 4 inches approx
Weight:-58kg approx
Boyfriend:– Not know
Father:– Not Know
Mother:– Not Know
Brother:– Not Know
Bra Size:- 35B
Body Shape:- Hourglass
Waist Size:- 23 inches
Hip Size:- 34 inches
Eye Colour:- Light Brown
Hair Colour:- Brown
Feet/Shoe Size:- 7
Dress Size:- 6
Horoscope:- Taurus
Hometown:-Maryland

Joanna Rutkowska studied in Warsaw University of Technology; a Masters degree in Computer Science is completed from here. He has worked as a Polish computer security researcher who is mainly known for his research on low-level security and malware. She had a dream that I would go to the security community and one day she moved into the security community after the Black Hat Briefing Conference in August 2006 in Las Vegas. And a few days later Joanna Rutkowska launched an attack against Vista, creating a mood for the people.

Joanna Rutkowska started working on Rafal Wojtchuk Cubes OS Security Desktop XN Distribution. Because the Fedora Linux that it uses can take advantage of it quite easily because there will be no error in it. This key concept will be protected by compartmentalization. XEN will use an implemented domain as a virtual machine and the project represents itself as "a secure operating system". Its security is quite good and to isolate it will have to be supported by many lightweight privacy and security experts.

Joanna Rutkowska Timeline

Known in the security community after the Black Hat Briefing Conference in Las Vegas in August 2006.
In 2006, a mark was put out by eWeek Magazine for its research on the subject.
The original concept of the blue pill was published in May 2006 by another researcher at IEMB Oakland called VMBR.
In 2007 it demonstrated that some types of hardware-based memory acquisition (such as FireWire based) are unreliable.
Later in 2007, a team member, along with Alexander Terraskin, presented further research on virtualization malware.
In April 2007, Rutkowska founded the Invisible Things Lab in Warsaw, Poland.
In 2008, Rutkowska along with his team focused on XP hypervisor security.
In 2009, a team member teamed up with Rafal Wojtchuk to launch an attack against Intel Trusted Execution Technology and Intel System Management Mode.
In 2010 Joanna Rutkowska has been invited as an honored guest at security conferences.

Qubes OS Review

if your client system is compromised it's just the game over because the client system and the malware that is there can see your screen can simulate your keyboards or your actions etc so we really need secure client systems and the problem we have is that present client systems are not really secure totally secure actually some problems that we have today and the Thrones are not going away attacks coming through otherwise decent applications such as web browsers or PDF readers through an exploit so we open our malicious PDF that exploits a buffer overflow in PDF Reader or Microsoft Office or LibreOffice or whatever and you get old attacks coming to malicious applications that we just accidentally installed some spyware factors whatever attacks coming through USB devices which might be untrusted because they might be having a file system with malformed metadata or maybe malformed partition table which just happens to be exploiting some hypothetical

back in kernel assistant module or maybe they have a malicious firmware even as some some recent proof-of-concept shown shown this year that's coming through networking stack so all the Wi-Fi drivers and starks DHCP client like a few weeks ago Vishakha libs your DHCP client exploit probably many of you we're worrying about this problem it's not like the problems suddenly appeared just two weeks ago it's been here for years and it is here to stay attacks coming true that I just said file system metadata of volume metadata lack of GUI isolation whether it's Linux X or whether it's Mac OS 10 whether it's Windows there's essentially no GUI isolation so if I have a stupid Tetris game running alongside my email client where I which I used for my sensitive encrypted email the stupid Tetris application can just request to see the screenshot of the content my email client window this is just wrong so these are some fundamental problems that we see on desktop systems and there is really no good protection against those probably it should be obvious to you that patching for trying to find all the bugs in kernel of the file systems or the drivers set or the applications it's just not feasible it's also important to realize that security challenges with the related with desktop systems are quite different from those on servers as my impression that lots of people doing security especially on Linux they still have this kind of server oriented thinking and one important problem is that monolithic systems are generally hard to secure especially desktop systems it kernel isbest for security because when we think about it why all these things why Wi-Fi drivers tux bloated drivers tux we must be the USB drivers tax all the various exotic api's and subsystems why all these things should be part of the tcv I mean why I really come from a different background I'm coming from security not from open source backgrounds so when I look at this of course it's not Linux Pacific the same windows the same OS 10 it's a myth that OS 10 is a microkernel from security point of view it is not so it's pretty concerning the monolithic is not only about the kernel, it's also about the rest of the system so I use the term monolithic system GUI server again another monolithic creation ex ork well it's ex protocol and it's a whole code base that it's I can that full of exploitable backs and you don't really need a bug because as just previously said there is no effective GUI isolation so it's perfectly legal for an application to request a screenshot of other applications various other system services especially on a desktop system by the way, it is irrelevant whether for example our X server is rootless because whether it's part of the system TCP or not it's not so relevant when we do when we consider a user data point of view the excerpt might be running not as wrote still has access to all the application window contents some analytic for me from a security point of view means bloated complex difficult to understand and manage so to decide which parts of the system can communicate with which ones and which should not because some of them are trusted some of them are not ok so how do we solve those those problems security by compartmentalization as I just mentioned that's an obligatory cubes architecture slide so we have a something hypervisor which actually happens to be Sun we have up VMs where user applications and data are and we have some system service domains for example for net networking stocks and USB stack so it's not VM USB VM and we have secure admin and GUI domain so there is so yes we use virtualization Isolite domains that's a very good question to ask why would virtualization why would VMs be any better isolated from each other the normal processes is there something wrong with what good old memory management unit with ring three ring zero separation have you ever heard about an exploit that would be exploiting drink ring three drink zero escalation on Intel processor as I have not and obviously if we think about us then we can have a we can conclude it perhaps the virtualization is not the best thing to do because just adding another layer layer of complexity does not it's not going to solve any problem right however virtualization offers two important properties first of all it allows to reduce the interfaces especially the VM hypervisor the VM TCP interface so instead of implementing all the exotic api's instead of exposing all those drivers all those having all those file system modules and god knows what else in the in the TCP we don't have them the hypervisor just just do cpu memory device maybe virtualization and a few other things that's like almost nothing at the same time virtualization allow us to preserve like a compatibility with legacy apps and drivers and that's extremely important because if we are going to change the system API nobody is going to use our system so these are taking he key properties of why we use virtualization but before we get too excited about how great virtualization is it's important to realize that the VM hypervisor interface that we are shrinking or reducing it is not the only interface of concern secure is a simple example let's say we have two VMs and they are so well separated using hardware and forced virtualization right very strong guys Elijah very thin hypervisor Zen or maybe some microkernel or separation kernel whatever now imagine that we are adding some intervened service oh because perhaps somebody wanted to do file sharing and edit SMB server there or maybe it's a graphics virtualization maybe this does think that the rectangle complex into processing code maybe this is the GPU back-end or maybe that's even a storage button that is just smart and does all kinds of copy-on-write and other optimizations whatever that's a typical picture on many virtualization systems we add some complex back-end or code and expose it through a complex protocol to other VMs so now if it happens to be that there is some malware on the orange VM it might just exploit some hypothetical software bug like buffer overflow in this complex input processing code totally regardless of whether this is running under Zen microkernel whatever and of course this means that the separation is no longer so strong that's pretty weak so the lesson from this is that we should not get too excited about hardware virtualization because again virtualization is really nothing magic when it comes to security besides that it reduces interfaces and preserves compatibility except for iommu which I discuss later and where we should really be careful about it what we should really be careful about our interview interfaces and the code that handles interference services or communication there are some questions you might ask your virtualization solutions and our how did you divide simulation what is Q mu is it part of the TCB how is networking storage virtualization done her are the backups part of the TCB or not part of the tcp they should not be USB virtualization design GUI virtualization well if you see GPU or especially open to yellow DirectX being exposed to untrusted VMs chances are high that that this totally negates today negates the isolation generally how was the interview and communication framework done that was for example file copied down between VMs doesn't require running NFS or SMB between two VMs or is it done smarter so I just said the virtualization is nothing special just practical however there is one one important technology that I should mention that has been it's not really virtualization tercer but has been introduced together with virtualization extensions on on on intel and AMD and that is of course a mmm which on Intel is called vtd this important not to confuse vee word VDX VTX s just cpu virtualization so it allows for to eat the privileged driver domains and was probably pioneer in probably still is in in using driver domains using IMU allows us to have net VMS and USB VMS and by the way there's been a debate about micro kernels some years ago other microkernels of monolithic kernels micro kernels without iommu makes no sense from the security point of view because without iommu you cannot have truly untrusted driver domains or processes some that vm that's what we have in cubes by default you put all your Wi-Fi and other stuffs in a the privileged networking domain and this makes you feel good when you use a Wi-Fi at airport or in the hotel or at the conference because you don't have to worry about all the potential attacks there DHCP client for example a recent attack similarly we can have USB VM in cubes there's just a few clicks and you can have it if that USB makes you feel uneasy that's a nice solution so the picture just shows it we have some extremes we have a monolithic system on the left or everything essentially runs at this time through at the same privilege again I'm talking about monolithic system not just the kernel on the right extreme we see powered down air gaps totally useless fault experiment right just turned off machines but they're very secure and somewhere in the middle we try to position cubes I tried to find a good balance between security and usability and cubes really offers lots of flexibility in it allows two keys to slide the treated as a slider somehow and just blow it from one extreme to the other so quickly about the status please 1 2010 2012 release 2 just released last month release 3 is coming released to implements everything we just talked about you can go to keep so as - our cubes was the torque and and and read lots of dogs and go to meet increased and download the ice either we use federate 20 as a primary template we also have Debian on our clinics templates for those of you who don't like fedora our dumb zero is currently based on fedora 20 but it should really be irrelevant to you because there are really no user apps or data in terms of them zero in our case is just dumped in the terminal we also have support for Windows 7 base VMs but of course you must install windows and provide licensing key so it's a besides just being a collection of VMs what really cubes strand can show off is in when you write an application specifically for cubes, for example, we have a pretty nicely interim integrated tour VM since 2012 and right now there is another work going on by the UNIX people who are part including two cubes to us it's very nice because you can get some advantages of isolation and at the sign about at the same time from our very simple and we think very secure interview and communication framework same securing email is also another example, first of all, we have attachments that allow plugins that allows you to open attachments in disposable VMs we can we have a little plugin an application for split GPG or you can pull your private keys you know offline vm etc