[clug] Whom could I approach to answer a Security question... How safe are Virtual M/c on

steve jenkin sjenkin at canb.auug.org.au
Fri Oct 12 01:53:07 MDT 2012


Alex Satrapa wrote on 12/10/12 5:15 PM:

> The safest option for your purposes would be a bootable CD which
> includes a minimal OS with a browser. This assumes that the host is
> not compromised at the BIOS level.
> 
> A VM is itself vulnerable to attack from the host (OS and other
> software running on the host) and from software running inside the
> VM: it is less secure than simply running a different web browser.
> 
> Running a different web browser (e.g.: Firefox) addresses the risk of
> a site being built specifically to attack Internet Explorer. Thus the
> assumption is made that the host OS is trusted, but IE is not.
> 
> Alex Satrapa | web.mac.com/alexsatrapa | Ph: 0407 705 332

Alex,

Thanks for the response.

You're dead right, when administrative control of a system is lost, you
cannot guarantee *anything*, VM or not :-(

Running Anything But Outlook/Explorer is the first, most beneficial
thing for any home user to do.

But Alt.Browser is not a complete solution - good to 80%?

I'll keep rummaging around for ideas, let you know what I come up with.

I have good friends (age 65+) up in Sydney who are "non-technical" but
quite switched-on when it comes to security and safety. Luckily their
"IT Dept" is very smart and quite expansive - but not always responsive
or available. What you get for free :-)

I got them to buy a 2nd computer and run it "air-gapped" for the
professional practice software supporting their business. They
understood the idea and embraced it. Also bought a KVM, made life a lot
easier and things all fitted on a small desk.

The Sacrificial Internet Machine (Ubuntu) died a while back and they
swapped to using a Winders Laptop.
The IT Dept hasn't given them a great solution for Internet Banking.

Currently they have a dedicated 2nd-hand/old laptop (Ubuntu?) that they
fire up just for Banking. Normally off and disconnected - hard to
compromise. But if anything goes wrong, they are at the mercy of Friends
and Family... Which has led to periods of great angst in the past.
[Who'd have thought - parents and grown kids with the odd problem?!?!]

But I'd like to come up with a simpler solution for them, *if* it
exists, that they understand and can manage themselves and will
withstand the variety of problems.

First cut, run a Linux VM on Winders, isn't good enough :-(

Thanks to everyone who's responded and given me good feedback. Much
appreciated.

cheers
steve

-- 
Steve Jenkin, Info Tech, Systems and Design Specialist.
0412 786 915 (+61 412 786 915)
PO Box 48, Kippax ACT 2615, AUSTRALIA

sjenkin at canb.auug.org.au http://members.tip.net.au/~sjenkin


More information about the linux mailing list