A Polish programmer Joanna Rutkowska proposed a very clever idea a few years ago. She was experimenting with rootkits and discovered a new way to go about infecting the system. The attack, known as the Blue Pill attack, moved all of the victim’s operating system into a virtual machine created by the malware.
This way, the victim could never get rid of the spyware, no matter what (unless he would reinstall the OS altogether). Joanna explains: “The idea behind Blue Pill is simple: your operating system swallows the Blue Pill and it awakes inside the Matrix controlled by the ultra thin Blue Pill hypervisor.” Although it was an interesting concept to ponder, it hasn’t been used by any other malware to date, because there are just so many other, simpler ways to infect and spy upon a system.
Joanna later decided to switch sides and leave the Dark Side to work on a project aimed to increase user security by creating an operating system named Qubes. Qubes is an open-source OS based on the “Security by Isolation” principle. To achieve this, the OS fragments the system into many virtual machines, each with a separate purpose. The OS “uses lightweight VMs to create security domains (e.g., “work,” “personal,” and “banking,”). A typical user would likely need around five domains. Very paranoid users, or those who are high-profile targets, might use a dozen or more domains.”
Qubes is a very ambitious idea and it will likely be successful, at least with high-priority surveillance targets, such as certain journalists, hacktivists, and the paranoid types. If the users suspect their computer has been compromised, they can simply reinstall the virtual machine they suspect was affected.
For those of you interested in trying out the OS, or simply to find out more details, make sure to visit the official website.
