======== Research ======== Here are links to various research papers, projects, videos, and blog posts related to Qubes OS. Secure Software Development =========================== - `Security challenges for the Qubes build process `__ by Joanna Rutkowska, May 2016 Towards Trusted Hardware ======================== - `Thoughts on the "physically secure" ORWL computer `__ by Joanna Rutkowska, September 2016 - `State considered harmful `__ by Joanna Rutkowska, December 2015 - `Intel x86 considered harmful `__ by Joanna Rutkowska, October 2015 Intel's Safeguard Extensions ============================ - `Thoughts on Intel's upcoming SoftwareGuard Extensions (Part 2) `__ by Joanna Rutkowska, September 2013 - `Thoughts on Intel's upcoming SoftwareGuard Extensions (Part 1) `__ by Joanna Rutkowska, August 2013 Attacks on Intel TXT ==================== - `Attacking Intel TXT® via SINIT code execution hijacking `__ by Rafal Wojtczuk and Joanna Rutkowska, November 2011 - `Another Way to Circumvent Intel® Trusted Execution Technology `__ by Rafal Wojtczuk, Joanna Rutkowska, Alex Tereshkin, December 2009 - `ACPI: Design Principles and Concerns `__ by Loic Duflot, Olivier Levillain, and Benjamin Morin, 2009 - `Attacking Intel® Trusted Execution Technology `__ by Rafal Wojtczuk and Joanna Rutkowska Software Attacks Coming Through Devices ======================================= - `Following the White Rabbit: Software Attacks against Intel® VT-d `__ by Rafal Wojtczuk and Joanna Rutkowska, April 2011 - `On Formally Verified Microkernels (and on attacking them) `__ by Joanna Rutkowska, May 2010 - `Remotely Attacking Network Cards (or why we do need VT-d and TXT) `__ by Joanna Rutkowska, April 2010 - `Can you still trust your network card? `__ by Loïc Duflot, Yves-Alexis Perez and others Application-level Security ========================== - `Virtics: A System for Privilege Separation of Legacy Desktop Applications `__ by Matt Piotrowski, May 2010 Compartmentalization, Isolation, and Separation =============================================== - `Software compartmentalization vs. physical separation `__ by Joanna Rutkowska, August 2014 - `Breaking Up is Hard to Do: Security and Functionality in a Commodity Hypervisor `__ by Patrick Colp at el., October 2011 The Qubes Architecture ====================== - `Qubes virtual mini-summit 2021 `__ by 3mdeb and the Qubes team, August 2021 - `Qubes Air: Generalizing the Qubes Architecture `__ by Joanna Rutkowska, January 2018 - `Introducing the Next Generation Qubes Core Stack `__ by Joanna Rutkowska, October 2017 - `Introducing the Qubes Admin API `__ by Joanna Rutkowska, June 2017 - `Qubes OS Architecture Spec v0.3 `__ by Joanna Rutkowska and Rafal Wojtczuk, January 2010