Is an XP guest safer from malware?

[AndrzejL]

Ok it looks like this:

A) XP in virtualbox is browsing internet without any av / fw software.
B) Some normally safe site has been hacked and script on that site was altered to do something bad.
C) XP visits the site with the attitude "I know the site - I am allowing the scripts as You told me to do so in the past..."
D) Script is being fired up and causes Your XP to request a virus / malware download and installation.

This way its XP that initiates the dodgy program to be installed. Its like "I am inviting this guy for dinner tonight... You don't know him. He is new in town. He comes from Transylvania and His name is Dracula."

Andy

[j-retired]

Thanks.
So if I see this right: I can browse but might pick up that specific browser based type of problem.
It may wreck my XP install (so I need to replace it with a pre-stored clone) but the security of the PCLOS system is safe?

j

I NEVER EVER do anything on XP for which security matters!

[T6]

the virtual machine is contained an there is not yet a way of take advantage of the host, the guest os remains encapsulated

what could be accessed by a virus is files you share between the virtual machine and pclinux by creating a shared folder or by another way

the virus is ineffective in linux(you need wine for that and even then it is not very effective) but you can copy it to another machine and let it live happy there, instead of leave it die on linux

don't be cruel, let the virus live!!!

[pags]

the virtual machine is contained an there is not yet a way of take advantage of the host, the guest os remains encapsulated

what could be accessed by a virus is files you share between the virtual machine and pclinux by creating a shared folder or by another way

the virus is ineffective in linux(you need wine for that and even then it is not very effective) but you can copy it to another machine and let it live happy there, instead of leave it die on linux

don't be cruel, let the virus live!!!

Techinically, it not impossible (http://www.zdnetasia.com/virtual-machine-exploit-lets-attackers-take-over-host-62054876.htm), although this is an older article, and the specific exploit is corrected, it doesn't mean that couldn't be future ones found.

There just has to be a balance between awareness and paranoia

[Rudge]

Thanks.
So if I see this right: I can browse but might pick up that specific browser based type of problem.
It may wreck my XP install (so I need to replace it with a pre-stored clone) but the security of the PCLOS system is safe?

j

I NEVER EVER do anything on XP for which security matters!

You can basically think of your virtual machine as just what the name suggests. It is its own, separate computer that your VM software has set up to run.

All the hardware and programs run and act "as if" they are the only thing in existence. They are all totally unaware of the linux environment in which they exist.

Any virus that may be running in your VB is under the same constrictions. It only knows about the small virtual "computer" that it is running on and when you shut down your VB computer, you will shut down any viruses running on it.

Any damage that it may inflict is only to the VB computer. Keep in mind however, that if that virus is of the type that emails all your friends, it will still do so while you are running the VB computer.  

[j-retired]

Thanks everyone.
As I said I don't use the VB XP for ANYTHING that might involve security.  It doesn't even get to know my email address, much less any passwords!
It actually seems to me that IF I am about to enter a site that might be compromised, there is an argument for using the encapsulated VB/XP, since although it could then pick up unwanted crud, I can throw it away and replace it completely in about 30 seconds!
Hmmm... just a thought - I'm not sure I really mean that!
 
j

[AndrzejL]

Problem with XP in VBox guest machine is that if You have 10 computers running linux they are hard to compromise from outside the network. If one of them is running xp in the vbox and the xp gets compromised - this means that now they can attack the linux machines from inside the LAN rather then from outside the WAN.

This may be dangerous.

Andy

[pags]

Problem with XP in VBox guest machine is that if You have 10 computers running linux they are hard to compromise from outside the network. If one of them is running xp in the vbox and the xp gets compromised - this means that now they can attack the linux machines from inside the LAN rather then from outside the WAN.

This may be dangerous.

Andy

Yes, this is a possibility.  I stated earlier there is even the possibility of exploiting the the host directly through the VM (although I'm not currently aware of any open issues, of the top of my head).
The real point (IMHO) is to balance awareness with paranoia, and I'll add to that functionality vs protection (by which, I mean, if you AV solution makes you working environment non-productive, you have a choice to make -- stay protected and less productive/find an alternative, or risk infection and continue your current usage patterns).

Choices, choices...

There are, ultimately, no easy or right/wrong ones; and they need to be made individually...