On Sat, 5 Jul 2014 10:05:10 -0700 Bobby Brewster <bobbybrewster203@xxxxxxxxx> wrote: > >>>if your non-VM host system has been compromised, there is absolutely no > >>>notable advantage to using a vm. your vm will be affected by the > >>>malware that sits on the host system. > > > I don't understand this. If my Ubuntu system has a virus / rootkit / whatever then what I do on it is compromised. > > The VM is, in effect, a seperate OS. How would it be affected by the malware on the non-VM system? First of all, malware at the host OS can capture and log all keypresses you do in the VM system; can also make screenshots or video capture of what you do in it, can also capture network traffic or even read memory of the guest VM. Second, there is the issue of trust; your host system has unrestricted access to the entire disk of all guest VMs it runs. If your host executes malicious code, you can't be sure that your guest VMs haven't been accessed and tampered with in some way. On the contrary, you should assume they HAVE been compromised by the infected host. -- With respect, Roman
Attachment:
signature.asc
Description: PGP signature
-- tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk