[clug] Whom could I approach to answer a Security question... How safe are Virtual M/c on
steve jenkin
sjenkin at canb.auug.org.au
Fri Oct 12 01:53:07 MDT 2012
Alex Satrapa wrote on 12/10/12 5:15 PM:
> The safest option for your purposes would be a bootable CD which
> includes a minimal OS with a browser. This assumes that the host is
> not compromised at the BIOS level.
>
> A VM is itself vulnerable to attack from the host (OS and other
> software running on the host) and from software running inside the
> VM: it is less secure than simply running a different web browser.
>
> Running a different web browser (e.g.: Firefox) addresses the risk of
> a site being built specifically to attack Internet Explorer. Thus the
> assumption is made that the host OS is trusted, but IE is not.
>
> Alex Satrapa | web.mac.com/alexsatrapa | Ph: 0407 705 332
Alex,
Thanks for the response.
You're dead right, when administrative control of a system is lost, you
cannot guarantee *anything*, VM or not :-(
Running Anything But Outlook/Explorer is the first, most beneficial
thing for any home user to do.
But Alt.Browser is not a complete solution - good to 80%?
I'll keep rummaging around for ideas, let you know what I come up with.
I have good friends (age 65+) up in Sydney who are "non-technical" but
quite switched-on when it comes to security and safety. Luckily their
"IT Dept" is very smart and quite expansive - but not always responsive
or available. What you get for free :-)
I got them to buy a 2nd computer and run it "air-gapped" for the
professional practice software supporting their business. They
understood the idea and embraced it. Also bought a KVM, made life a lot
easier and things all fitted on a small desk.
The Sacrificial Internet Machine (Ubuntu) died a while back and they
swapped to using a Winders Laptop.
The IT Dept hasn't given them a great solution for Internet Banking.
Currently they have a dedicated 2nd-hand/old laptop (Ubuntu?) that they
fire up just for Banking. Normally off and disconnected - hard to
compromise. But if anything goes wrong, they are at the mercy of Friends
and Family... Which has led to periods of great angst in the past.
[Who'd have thought - parents and grown kids with the odd problem?!?!]
But I'd like to come up with a simpler solution for them, *if* it
exists, that they understand and can manage themselves and will
withstand the variety of problems.
First cut, run a Linux VM on Winders, isn't good enough :-(
Thanks to everyone who's responded and given me good feedback. Much
appreciated.
cheers
steve
--
Steve Jenkin, Info Tech, Systems and Design Specialist.
0412 786 915 (+61 412 786 915)
PO Box 48, Kippax ACT 2615, AUSTRALIA
sjenkin at canb.auug.org.au http://members.tip.net.au/~sjenkin
More information about the linux
mailing list