[clug] Whom could I approach to answer a Security question... How safe are Virtual M/c on

Alex Satrapa grail at goldweb.com.au
Fri Oct 12 00:15:56 MDT 2012

The safest option for your purposes would be a bootable CD which includes a minimal OS with a browser. This assumes that the host is not compromised at the BIOS level.

A VM is itself vulnerable to attack from the host (OS and other software running on the host) and from software running inside the VM: it is less secure than simply running a different web browser.

Running a different web browser (e.g.: Firefox) addresses the risk of a site being built specifically to attack Internet Explorer. Thus the assumption is made that the host OS is trusted, but IE is not.

Alex Satrapa | web.mac.com/alexsatrapa | Ph: 0407 705 332

On 12/10/2012, at 12:58, steve jenkin <sjenkin at canb.auug.org.au> wrote:

> Is there someone I can write to for good/definitive advice on a security
> question:
>  Are programs (like a browser) running within a VM on a Windows m/c
> safe from being 'sniffed'?
> Obviously, any sniffer program on the Host system will capture all
> input, but will it necessarily give away passwords and account/card numbers?
> Just how safe is it to give someone a Linux VM-image to run on their
> dodgy Winders box to do their banking and use on-line credit card?
> I've thought of SANS and Auscert.
> Does anyone on-list know if they answer questions like that (by
> non-memebers)?
> Is there someone/body that you can suggest I can ask my question of?
> Thanks in Advance
> steve
> -- 
> Steve Jenkin, Info Tech, Systems and Design Specialist.
> 0412 786 915 (+61 412 786 915)
> PO Box 48, Kippax ACT 2615, AUSTRALIA
> sjenkin at canb.auug.org.au http://members.tip.net.au/~sjenkin
> -- 
> linux mailing list
> linux at lists.samba.org
> https://lists.samba.org/mailman/listinfo/linux

More information about the linux mailing list