[nSLUG] Security in virtual machines
Chris R. Thompson
chris.thompson at solutioninc.com
Tue Sep 16 09:48:10 ADT 2014
yah.. a lack of transparency != security
furthermore what type of a metric is "pretty safe"?
I wouldn't say I'm a security expert, but certainly not daft enough to think that a VM is "safe"
On 09/15/2014 05:22 PM, Dave Graham wrote:
Going to disagree a bit here, I wouldn't say a rooted machine is EVER
'safe'. A Key Logger / Screen logger can potentially record anything
you're typing or doing in the VM session. Network configuration (NIC
settings, not addressing) of the VM is done from the host OS, which can
be comprised. Even sharing a network with a rooted machine is risky.
I agree with the other recommendations i've seen in reply to this
inquiry - that if you're going so far as to have a clean environment
solely for banking, then keep the host OS as untouched as possible (i.e.
not using it to browse the internet etc) - use a second VM for that.
<grabs tin foil hat>
On 09/11/2014 09:14 PM, Stephen Yorke wrote:
> Even a rooted machine is pretty safe unless the program can inject into
> the VHD, VHDX, VMDK, etc disk image file. The worse you really have to
> worry about is shares through the add-on tools.
nSLUG mailing list
nSLUG at nslug.ns.ca
Christopher Thompson | Client Care | SolutionInc Limited
Office: +1.902.420-0077 | Fax: +1.902.420.0233
Email: chris.thompson at solutioninc.com
Website: www.solutioninc.com <http://www.solutioninc.com/>
SolutionInc Limited - Simplifying Internet Access
SolutionInc Limited – Simplifying Internet Access With operations in more than 45 countries worldwide, SolutionInc is an established global leader in
Internet, centralized hotspot connectivity, billing and management solutions. SolutionInc provides software and services to the hospitality and
telecommunications industries through its award-winning, patented technology software products: SolutionIP™ and SolutionIP™ Enterprise.
Through 700,000+ touch points, SolutionIP™ allows people to easily and securely connect to the Internet from locations such as hotel rooms, convention
centres, universities, restaurants and airports. Patent Information <http://www.solutioninc.com/patents/>
If you have received this e-mail in error, please notify me immediately at 902 420 0077 or reply by e-mail to the sender and destroy the original communication.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the nSLUG