Virtualization for desktop security?

Posted on

QUESTION :

I am frustrated with windows and the whole pay $60 per year for security products. Seriously, its too much now. I want to use virtualization for desktop security because I think (not sure) that it will make me almost immune to malware. I could use sandboxing (returnil, sandboxie, threat buffer etc), but I want to avoid running windows outside a VM.

I am looking for guidelines, recommendations on the tools to use for this purpose.

Is this an fine approach – get a virtualization software which sits directly over hardware and then install any OS on that OR,

Get some product like vmware or parallels FOR Linux and install windows as a guest OS. If windows gets infected, then no problem. Simply revert to an older snapshot. The downside is that I might have to get a laptop with high-end config – 8+gig RAM, 300+gb @ 10K RPM HDD etc.

I am not sure if virtualization is the way to go. I need help to decide that.
I cannot bear this windows anymore. The OS is so expensive ($100+) and the security
is $50+ per year…more if you buy other security products.

ANSWER :

Lets slow this down, and look at it bit by bit:

A virtualized OS is no more secure than the same OS on physical hardware. If it is Windows XP, pre SP1 with no firewall or AV and you are using it for a desktop environment, it will still catch malware within minutes of going online.

A VM does isolate it from the host OS, which is why it is often used for security stuff. You can run an application and if the application is a virus you reset the VM and your good. Notice it did catch malware the same as the physical machine would have performing the same actions? But the host is safe, while the VM caught the virus.

As for cost, if you don’t want to pay for something, don’t. If the Windows license is a problem, then you are going the wrong route. If you install Windows on the PM and the VM you will need to pay more, not less. If you use something like ESXi to host Windows, ESXi is much more costly than Windows.

If you don’t want to buy an operating System, run Linux.

If you want Windows, but not to pay for a AV / firewall then look for a good freeware for your personal use, Avira and Comodo come to mind…

In the end though, using a VM as a workstation full time is not a great experience, even on a top end system. Most the time its fine, but it gets tedious and weird at weird times. I would rather find good software that is more affordable than whatever you are buying now (Firewall and anti-mal-ware) and use whatever operating system you like the best, and runs what you need to run with the least hassle.

Here is a better suggestion. Since virtualizing will likely kill your GPU performance try this instead.

Either get 2 hard drives or partition your hard drive.
Partition 1  Format 
             load windows
             load drivers
             updates
             programs
             etc
Partition 2 For your data.

set all programs to save there data on partition 2 (drive d: for example)

Use imaging software to make a copy of partition 1 to USB/DVD/external hdd or whatever


Surf the web 
get a virus
re-image and virus is gone.

scan d: for viruses from virus free image if nothing is found your good.

All your data is safe on the D: drive.

99+% viruses/rootkits can not survive this procedure. The only place left for it to hide is the MBR and spare sectors between the mbr and the first partition. A quick 0’ing of these sectors can kill those viruses. (don’t 0 the mbr (Sector 0) of course).

The first option sounds like a bare metal hypervisor – as far as I know, in that case, you won’t be able to use the system directly, but will have to connect to it remotely, so that’s likely not an option. On the ESXi systems I’ve worked with, all that you can access from the system itself is a few management options, none of the guest OSes. To access the guests, you need to use remote desktop, shell into them, etc.

The second option you describe is likely the way you’ll need to go, though the performance will suffer from standard visualization issues. You may also encounter issues if you want to use USB devices, as the pass through of devices can be flaky and a pain to configure.

Virtualization sounds like overkill for the problem you’re trying to address – better user habits, free anti-virus solutions, etc might work better. Another alternative might be ChromeOS.

Leave a Reply

Your email address will not be published.