zlacker

[parent] [thread] 7 comments
1. ChuckM+(OP)[view] [source] 2012-09-04 00:48:51
Actually folks on HN are interested in secure operating systems but they recognize that creating such is a Hard Problem (tm) which someone who is an unknown [1] in the field is unlikely to have achieved.

Now you can read up on Mark Miller's published papers [2] on Joule (actually pretty secure) and some of the issues associated with making things secure and get a much better feeling of solidity (for example).

So when the press release comes out that its passed the Defense department's B1/B2 review, then I suspect it will get a lot of interest here and else where.

[1] http://www.linkedin.com/profile/view?id=10279027 LinkedIn profile, one job CEO of this thing? A blog full of black hat sort of exploits but I didn't see any peer reviewed work.

[2] http://research.google.com/pubs/author35958.html

[3] http://en.wikipedia.org/wiki/Trusted_Computer_System_Evaluat...

replies(4): >>tptace+c1 >>rdl+d1 >>EliRiv+mp >>signif+hX
2. tptace+c1[view] [source] 2012-09-04 01:15:30
>>ChuckM+(OP)
Joanna Rutkowska is famous in computer security circles and highly credible on this particular topic.

The "black hat sorts of exploits" attributed to her tend to be things like, "abusing odd, barely-documented corners of x86 chipsets to bypass hardware-encrypted trusted boot roots". Thinking less of a professional in my field for having exploits attributed to them tends to be a bad idea, but it's a uniquely bad idea in Rutkowska's case.

Outside of conference presentations, Rutkowska doesn't have much peer-reviewed work in the literature. That's because Rutkowska is originally from the malware/rootkit/virus part of the industry. For obvious reasons, antivirus doesn't generate a lot of peer-reviewed academic research. One of those obvious reasons is that they're too busy printing money hats to bother. (This to my chagrin; I am very much not from the AV/malware part of the field).

I'm not vouching for Qubes or even saying that I think the approach (of semi-transparently allocating secure VMs for each application or trust domain on the system) is viable. But Rutkowska is worth taking seriously.

replies(2): >>virapt+o2 >>ChuckM+G3
3. rdl+d1[view] [source] 2012-09-04 01:15:38
>>ChuckM+(OP)
Invisible Things is pretty well respected in the trusted computing space (at least among the hacker world, not the DoD certification world)

SKPP pretty much sucked off all the "paper-writing industry" folks a few years ago into a kind of boring niche. Mark Miller is a big exception to that, but it's not a really vibrant research area compared to other parts of security now.

◧◩
4. virapt+o2[view] [source] [discussion] 2012-09-04 01:38:56
>>tptace+c1
> Outside of conference presentations, ...

Almost on topic: I have to say the team is also really cool and approachable at conferences - and for that I'm very grateful as a member of the unexperienced audience. They can really adjust the explanations to the right level for the general crowd, which must be quite hard considering the topic.

replies(1): >>daeken+b6
◧◩
5. ChuckM+G3[view] [source] [discussion] 2012-09-04 02:17:32
>>tptace+c1
Thank you for the background. Perhaps this time it is posted it will get a bit more traction/pageviews. My history was from early in the Java group trying to do security work in what was clearly going to be targeted as an exploit vector. For a variety of reasons that work didn't get out into Java 1.0 but pieces of it made it out into the crypto API and elsewhere. Folks with solutions to the 'trusted computing' problem that were both simple and wrong were a dime a dozen.

The meta issue here is that clearly the black hat work has some 'trade secret'ness too it in terms of competitors but it cries out for being published/peer reviewed post-money making opportunity or something.

◧◩◪
6. daeken+b6[view] [source] [discussion] 2012-09-04 03:17:04
>>virapt+o2
Generally security people are fairly approachable. If you're at BlackHat, all you have to do is say "I saw your presentation -- neat work, but I have some questions" or "want to grab a beer?" and you'll most likely have a good conversation.
7. EliRiv+mp[view] [source] 2012-09-04 11:32:17
>>ChuckM+(OP)
Just to throw in another data point; I have never worked on or in secure Operating Systems and have no particular interest in them. I recognise the name Joanna Rutkowska and I am aware that she is well-known and respected in this field. In my case at least, she's well-known enough that people outside the field have heard of her.
8. signif+hX[view] [source] 2012-09-04 19:45:34
>>ChuckM+(OP)
Unknown? Rutkowska has done some of the most interesting security research in virtualization security, including most famously the "Blue Pill" and "Red Pill" demonstrations - escalating privileges to Dom0 (and detection of presence of a hypervisor by the client). For both HVM and PV architectures (e.g., Windows & Xen), she and her colleagues have done ground-breaking work that have impacted the implementation of every major commercial and open source virtualization.

Academic pubs != Relevance

Edit: But since you asserted it, here are researchers that cite her work (over 130, including IEEE and ACM folk):

http://scholar.google.com/scholar?cites=13610021170603453007...

[go to top]