[nSLUG] Security in virtual machines
dave.graham at solutioninc.com
Mon Sep 15 17:22:08 ADT 2014
Going to disagree a bit here, I wouldn't say a rooted machine is EVER
'safe'. A Key Logger / Screen logger can potentially record anything
you're typing or doing in the VM session. Network configuration (NIC
settings, not addressing) of the VM is done from the host OS, which can
be comprised. Even sharing a network with a rooted machine is risky.
I agree with the other recommendations i've seen in reply to this
inquiry - that if you're going so far as to have a clean environment
solely for banking, then keep the host OS as untouched as possible (i.e.
not using it to browse the internet etc) - use a second VM for that.
<grabs tin foil hat>
On 09/11/2014 09:14 PM, Stephen Yorke wrote:
> Even a rooted machine is pretty safe unless the program can inject into
> the VHD, VHDX, VMDK, etc disk image file. The worse you really have to
> worry about is shares through the add-on tools.
More information about the nSLUG