Resources

2018

• Qubes Air: Generalizing the Qubes Architecture (January 2018)
  by Joanna Rutkowska

2017

• Introducing the Next Generation Qubes Core Stack (October 2017)
  by Joanna Rutkowska

• Introducing the Qubes Admin API (June 2017)
  by Joanna Rutkowska

2016

• Thoughts on the “physically secure” ORWL computer (September 2016)
  by Joanna Rutkowska

• Security challenges for the Qubes build process (May 2016)
  by Joanna Rutkowska

2015

• State considered harmful (December 2015)
  by Joanna Rutkowska

• Intel x86 considered harmful (October 2015)
  by Joanna Rutkowska

2014

• Software compartmentalization vs. physical separation (August 2014)
  by Joanna Rutkowska

2013

• Thoughts on Intel’s upcoming SoftwareGuard Extensions (Part 2) (September 2013)
  by Joanna Rutkowska

• Thoughts on Intel’s upcoming SoftwareGuard Extensions (Part 1) (August 2013)
  by Joanna Rutkowska

2011

• Exploring new lands on Intel CPUs (SINIT code execution hijacking) (Dec 2011)
  by Rafal Wojtczuk and Joanna Rutkowska

• Anti Evil Maid (September 2011)
  by Joanna Rutkowska

• Following the White Rabbit: Software Attacks against Intel® VT-d (May 2011)
  by Rafal Wojtczuk and Joanna Rutkowska

2010

• Exploiting large memory management vulnerabilities in Xorg (August 2010)
  by Rafal Wojtczuk

• On Formally Verified Microkernels (and on attacking them) (May 2010)
  by Joanna Rutkowska

• Remotely Attacking Network Cards (or why we do need VT-d and TXT) (April 2010)
  by Joanna Rutkowska

• The Qubes OS Architecture (January 2010)
  by Joanna Rutkowska, Rafal Wojtczuk

2009

• Another Way to Circumvent Intel® Trusted Execution Technology (December 2009)
  by Rafal Wojtczuk, Joanna Rutkowska, and Alexander Tereshkin

• Evil Maid Attack (October 2009)
  by Alexander Tereshkin and Joanna Rutkowska
  (USB image) (Source code)

• Introducing Ring -3 Rootkits (Black Hat USA, July 2009)
  by Alexander Tereshkin and Rafal Wojtczuk (Code)

• Attacking Intel® BIOS (Black Hat USA, July 2009)
  by Rafal Wojtczuk and Alexander Tereshkin

• Attacking SMM Memory via Intel® CPU Cache Poisoning (March 2009)
  by Rafal Wojtczuk and Joanna Rutkowska (Code)

• Attacking Intel® Trusted Execution Technology (Black Hat DC, Feb 2009)
  by Rafal Wojtczuk and Joanna Rutkowska
  (PDF slides) (Keynote slides) (MOV slides)

2008

• Adventures with a certain Xen vulnerability (Oct 2008)
  by Rafal Wojtczuk

• Xen 0wning Trilogy (Black Hat USA, Aug 2008)
  by Rafal Wojtczuk, Joanna Rutkowska, Alexander Tereshkin

  1. Subverting the Xen Hypervisor
  2. Detecting & Preventing the Xen Hypervisor Subversions
  3. Bluepilling the Xen Hypervisor

• Security Challenges in Virtualized Environments (RSA Conference, Apr 2008)
  by Joanna Rutkowska

2007

• IsGameOver(), anyone? (Black Hat USA, Aug 2007)
  by Joanna Rutkowska and Alexander Tereshkin