So, I've recently installed XP in a VM on my laptop. Which is great in a geeky way, but... What do I actually do with the XP install? The way I see it, I have a "free" extra computer which I have no use for except to:
- Run old games on
- Let it get infected with every virus evar and see what happens just for giggles
Can anyone suggest random things to do with/ways to abuse a VM?
That's an interesting point. I thought because a certain portion of my RAM was dedicated to the VM, the real system couldn't access it and that portion was cleared before being returned to the physical machine at the end of the VM session? Depends who you ask I guess.
That actually happens... sort of. Got my PC back from a tech place a few years ago, fresh install of XP... Typed something into Google and the history thing that popped up suggested "escort services in the local area" and various other things
If you mean the printer, I suppose... but it might be a bit problematic, it's a color laser and the cartridges cost 60-70€ each and there's 4 of them so they cost the same as a new printer. I know there's plenty of life left in them but the customer might not believe me
Viruses can't pass out of the virtual machine, unless they somehow manage to take advantage of an exploit in the vm. Remember that although the VM uses physical RAM, what happens inside the VM does not get executed the same way as real code - it gets executed through the VM, and does not have access or knowledge of anything outside this.
If you manage to build that xkcd network, that is f'in awesome
The VMM runs in protected and isolated memory space, the two 'machines' do not share RAM at the same time and virus' in one machine cannot find their way to the other simply because they share RAM.
Virus' can however cross over between the two machines if they are locally networked, or if you use USB devices or other devices shared between the machines. This is down to the specifics of the virus itself.
But as a guideline to how secure they are, I happen to know a few developers in the banking industry who setup 1 VMM for browsing the web and another for developing in, so that they have multiple isolated VMM's with no local network connection setup between (as the development VMM is disconnected from local network during normal use).
So yeah, they're not immune to virus', but it is by all accounts no more likely for a virus to spread between them than it is for any other computer in the house to be infected by a virus on 1 machine.
...let's face it. You can't simply say that a virus can't place itself outside the predefined 'space' allocated to the VM because as we all know(or should know by now)that any system can be exploited.
A slightly ignorant statement imo, because I feel that to put as you say a banking system in place and becoming contempt that it just can't happen is ignorant...
i'm no uber viri hacking geek wielding ten thousand VM exploiting scripts, i just know it can be done is all.
Well we can talk about banking security but it would be boring, or we can talk about the Security of virtual hardware...
For a virus or indeed anything to move between 1 point and another there needs to be a route available to it. There is no route through the allocated memory of a virtual machine to the memory of the main computer on Vista, OSX or any current Linux build using any of the current virtual machines that I've seen or used, and if there was there is still no meens to hook into the parent computer to execute it - infact the latter is the bigger problem, because you could deep scan from the parent computer (if you've already infected it- although in the case scenario that's not the case).
Far easier to use a shared resource such as a USB stick (which are banned in most blue chip and IT sensitive companies) or the network bridge (hense hose using VMMs as an extra level of security turn this off).
I don't know enough to think I know what I'm doing, I know enough to do it...
For example, Microsoft VirtualPC shares some system drivers by default, VirtualBox shares optical drives and floppy by default, VMware Workstation or VMware Player ask you what to share on creation of virtual machine.
