2021
2018
- The Next Chapter: From the Endpoint to the Cloud
- Introducing graphene-ng: running arbitrary payloads in SGX enclaves
- Qubes Air: Generalizing the Qubes Architecture
2017
- Introducing the Next Generation Qubes Core Stack
- Qubes OS 4.0-rc1 has been released!
- Introducing the Qubes Admin API
- Compromise recovery on Qubes OS: individual VMs & full system cases
2016
- Qubes OS 3.2 has been released
- Thoughts on the "physically secure" ORWL computer
- Security challenges for the Qubes build process
- Qubes OS 3.1 has been released
2015
- State considered harmful - A proposal for a stateless laptop (new paper)
- Intel x86 considered harmful (new paper)
- Qubes 3.0
- Caspar
- Qubes OS Project gets OTF funding to integrate Whonix, improve usability
- Qubes 3.0-rc1 ISO and roadmap for 2015
- My New Git-based Blog
2014
- Qubes R3/Odyssey initial source code release
- Announcing Qubes OS Release 2!
- Physical separation vs. Software compartmentalization
- Qubes OS R2 rc2, Debian template, SSLed Wiki, BadUSB, and more...
- Qubes OS R2 rc1 has been released!
- Shattering the myths of Windows security
2013
- Qubes R2 Beta 3 has been released!
- Windows 7 seamless GUI integration coming to Qubes OS!
- Thoughts on Intel's upcoming Software Guard Extensions (Part 2)
- Thoughts on Intel's upcoming Software Guard Extensions (Part 1)
- Qubes OS R3 Alpha preview: Odyssey HAL in action!
- Introducing Qubes Odyssey Framework
- Qubes 2 Beta 2 has been released!
- Converting untrusted PDFs into trusted ones: The Qubes Way
2012
- Qubes 2 Beta 1 with initial Windows support has been released!
- How is Qubes OS different from...
- Introducing Qubes 1.0!
- Qubes 1.0 Release Candidate 1!
- Some comments on "Operation High Roller"
- Windows support coming to Qubes!
- Qubes Beta 3!
- Thoughts on DeepSafe
2011
- Trusted Execution In Untrusted Cloud
- Exploring new lands on Intel CPUs (SINIT code execution hijacking)
- Playing with Qubes Networking for Fun and Profit
- Qubes Beta 2 Released!
- Anti Evil Maid
- Interview about Qubes OS
- My SSTIC 2011 slides
- From Slides to Silicon in 3 years!
- USB Security Challenges
- (Un)Trusting the Cloud
- The App-oriented UI Model and its Security Implications
- Following the White Rabbit: Software Attacks Against Intel VT-d
- The Linux Security Circus: On GUI isolation
- Why the US "password revolution" won't work
- Qubes Beta 1 has been released!
- Partitioning my digital life into security domains
- My documents got lost/stolen [offtopic]
2010
- Update on Qubes
- Qubes Alpha 3!
- ITL is hiring!
- On Thin Clients Security
- (Un)Trusting your GUI Subsystem
- Qubes, Qubes Pro, and the Future...
- The MS-DOS Security Model
- Skeletons Hidden in the Linux Closet: r00ting your Linux Desktop for Fun and Profit
- Qubes Alpha 2 released!
- Disposable VMs
- On Formally Verified Microkernels (and on attacking them)
- Evolution
- Remotely Attacking Network Cards (or why we do need VT-d and TXT)
- Introducing Qubes OS
- Priorities
2009
- Another TXT Attack
- Evil Maid goes after TrueCrypt!
- Intel Security Summit: the slides
- About Apple’s Security Foundations, Or Lack Of Thereof...
- PDF signing and beyond
- Vegas Toys (Part I): The Ring -3 Tools
- Black Hat 2009 Slides
- Interview
- Virtualization (In)Security Training in Vegas
- Quest to The Core
- More Thoughts on CPU backdoors
- Thoughts About Trusted Computing
- Trusting Hardware
- The Sky Is Falling?
- Attacking SMM Memory via Intel® CPU Cache Poisoning
- Independent Attack Discoveries
- Attacking Intel TXT: paper and slides
- Nesting VMMs, Reloaded.
- Closed Source Conspiracy
- Why do I miss Microsoft BitLocker?
- Attacking Intel® Trusted Execution Technology
2008
- Microsoft executive "rebuts" our research!
- Xen 0wning Trilogy: code, demos and q35 attack details posted
- The three approaches to computer security
- Teamwork & Crediting
- Intel patches the Q35 bug
- Attacking Xen: DomU vs. Dom0 consideration
- Our Xen 0wning Trilogy Highlights
- 0wning Xen in Vegas!
- Rafal Wojtczuk joins Invisible Things Lab
- 1984?
- Vegas Training 2008
- Research Obfuscated
- The Most Stupid Security News Ever
- The RSA Absurd
- Kick Ass Hypervisor Nesting!
2007
- Razor-Thin Hypervisors
- Thoughts On Browser Rootkits
- Tricky Tricks
- Virtualization Detection vs. Blue Pill Detection
- We're ready for the Ptacek's challenge!
- Invisible Things Lab, Bitlocker/TPM bypassing and some conference thoughts
- Understanding Stealth Malware
- The Human Factor
- The Game Is Over!
- Handy Tool To Play with Windows Integrity Levels
- Confusion About The "Joke Post"
- Vista Security Model – A Big Joke?
- Running Vista Every Day!
- Beyond The CPU: Cheating Hardware Based RAM Forensics
- Towards Verifiable Operating Systems