[nSLUG] Security in virtual machines

Dave Graham dave.graham at solutioninc.com
Mon Sep 15 17:22:08 ADT 2014


Going to disagree a bit here, I wouldn't say a rooted machine is EVER 
'safe'. A Key Logger / Screen logger can potentially record anything 
you're typing or doing in the VM session. Network configuration (NIC 
settings, not addressing) of the VM is done from the host OS, which can 
be comprised. Even sharing a network with a rooted machine is risky.

I agree with the other recommendations i've seen in reply to this 
inquiry - that if you're going so far as to have a clean environment 
solely for banking, then keep the host OS as untouched as possible (i.e. 
not using it to browse the internet etc) - use a second VM for that.

<grabs tin foil hat>

On 09/11/2014 09:14 PM, Stephen Yorke wrote:
> Even a rooted machine is pretty safe unless the program can inject into
> the VHD, VHDX, VMDK, etc disk image file. The worse you really have to
> worry about is shares through the add-on tools.


More information about the nSLUG mailing list