O'Reilly logo

Hacking the Hacker by Roger A. Grimes

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

31Profile: Joanna Rutkowska

Polish citizen Joanna Rutkowska came on the world’s computer security scene in a dramatic way. She announced in 2006 (http://theinvisiblethings.blogspot.com/2006/06/introducing‐blue‐pill.html) the ultimate rootkit malware program. A rootkit is a malware program that modifies the operating system in order to better hide from the operating system and any program using it. Rutkowska had discovered a method whereby a malicious program could hide in such a way that it could not be easily discovered by any known method, even if you knew about the malicious program and that it was on the operating system. She called her idea the “blue pill.”

The blue pill allegory comes from the famous movie The Matrix (http://www.imdb.com/title/tt0133093/). In the movie, the protagonist, Neo, is offered two different pills, one red and one blue, to take after discovering that what he thought was the real world is revealed to be a cyber‐illusion. If he takes the red pill, he will be able to stay in the real world. But if he takes the blue pill, he will go back to the illusory, more comfortable world he knew. Every movie goer knows he decided on the red pill and started to fight the movie’s antagonists to save the world!

Rutkowska named her discovery the blue pill because her rootkit method utilizes the built‐in virtualization features of today’s CPUs to execute itself as a virtualization hypervisor with the unaware operating system running off of it. The subjugated operating ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required