[clug] Whom could I approach to answer a Security question... How safe are Virtual M/c on
Alex Satrapa
grail at goldweb.com.au
Fri Oct 12 00:15:56 MDT 2012
The safest option for your purposes would be a bootable CD which includes a minimal OS with a browser. This assumes that the host is not compromised at the BIOS level.
A VM is itself vulnerable to attack from the host (OS and other software running on the host) and from software running inside the VM: it is less secure than simply running a different web browser.
Running a different web browser (e.g.: Firefox) addresses the risk of a site being built specifically to attack Internet Explorer. Thus the assumption is made that the host OS is trusted, but IE is not.
Alex Satrapa | web.mac.com/alexsatrapa | Ph: 0407 705 332
On 12/10/2012, at 12:58, steve jenkin <sjenkin at canb.auug.org.au> wrote:
> Is there someone I can write to for good/definitive advice on a security
> question:
>
> Are programs (like a browser) running within a VM on a Windows m/c
> safe from being 'sniffed'?
>
> Obviously, any sniffer program on the Host system will capture all
> input, but will it necessarily give away passwords and account/card numbers?
>
> Just how safe is it to give someone a Linux VM-image to run on their
> dodgy Winders box to do their banking and use on-line credit card?
>
> I've thought of SANS and Auscert.
> Does anyone on-list know if they answer questions like that (by
> non-memebers)?
>
> Is there someone/body that you can suggest I can ask my question of?
>
> Thanks in Advance
> steve
> --
> Steve Jenkin, Info Tech, Systems and Design Specialist.
> 0412 786 915 (+61 412 786 915)
> PO Box 48, Kippax ACT 2615, AUSTRALIA
>
> sjenkin at canb.auug.org.au http://members.tip.net.au/~sjenkin
> --
> linux mailing list
> linux at lists.samba.org
> https://lists.samba.org/mailman/listinfo/linux
More information about the linux
mailing list