31Profile: Joanna Rutkowska

Polish citizen Joanna Rutkowska came on the world’s computer security scene in a dramatic way. She announced in 2006 (http://theinvisiblethings.blogspot.com/2006/06/introducing‐blue‐pill.html) the ultimate rootkit malware program. A rootkit is a malware program that modifies the operating system in order to better hide from the operating system and any program using it. Rutkowska had discovered a method whereby a malicious program could hide in such a way that it could not be easily discovered by any known method, even if you knew about the malicious program and that it was on the operating system. She called her idea the “blue pill.”

The blue pill allegory comes from the famous movie The Matrix (http://www.imdb.com/title/tt0133093/). In the movie, the protagonist, Neo, is offered two different pills, one red and one blue, to take after discovering that what he thought was the real world is revealed to be a cyber‐illusion. If he takes the red pill, he will be able to stay in the real world. But if he takes the blue pill, he will go back to the illusory, more comfortable world he knew. Every movie goer knows he decided on the red pill and started to fight the movie’s antagonists to save the world!

Rutkowska named her discovery the blue pill because her rootkit method utilizes the built‐in virtualization features of today’s CPUs to execute itself as a virtualization hypervisor with the unaware operating system running off of it. The subjugated operating ...

Get Hacking the Hacker now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.