Multiple operating systems to enhance security

Compare what you have said here

To what you have said here

Both types of scenarios can. Yet you seem extremely worried about the zero days and percieve it as a threat where as you dont seem to care about the customized keylogger where in fact you have no idea how often either is used to exploit machines.

Because none of the computer users in these agencies exercise good practices. People are the weakest link, not security systems.

Then why are you defending your position?

So is it still possible for programs with low disk access to see these partitions?

 

Cleverness comes by experience and plenty of testing by malware makers.

I agree with Pete, a troj/keylog "can be" stealthy landed or implanted as you say to the other system without activity, but log into that system and it can suddenly begin it's chore, whatever that may be.

 

When A is booted there are no other partitions. After using A and then shutting down the computer there is still only one partition in the master partition table. So if you use a DOS boot disk only one partition will be present. The A partition.

The other partitions don't enter the partition table until B or C is booted.

 

So it is actively re-writing the partition table?

 

Use portable apps from a USB flash drive in conjunction with Ultimate Boot CD for Windows or similar. Use a USB flash drive with hardware write lock. Alternately, Ultimate Boot CD for Windows has the ability to add plugins during the build process, but I have no experience personally with doing such.

 

Correct. You get a different partition table in LBA-0 for each boot item. BING of course knows about all partitions and this information is stored in the Extended MBR (LBA-1 to LBA-7). BING puts the partitions that you desire into the partition table (in LBA-0) for your chosen boot item.

 

Yeh there is a performance hit when running virtual machines however i simply pause the vm when its not in use so all its uses is ram which i have plenty of anyway.

 

In some cases yes. Some not.

Well, good question. It's hard to say especially I'm not a native English speaker. Roughly speaking it is a way to see and learn the other side of the argument. I don't believe this setup is 99.99% secure either. But I know to see how limited this setup is. I see it is more limited than what I initially thought. I learned something new after the discussion after all. That's great.

 

Anything else, especially from the security point of view?

What's the PC requirement of running such a setup? The host will actually be idle most of the time, so most work are done in the virtual machine. How much RAM is required? How fast the CPU is required? What about 4GB & dual-core CPU, more than enough?

A new problem that I can think of is a malware is able to detect the virtual machine. It may either stop working (preventing researchers from identify it), or simply break out of the virtual machine and infect the host.

 

Some only?! Why? It appears it can keep a vast majority of malware to infect other partitions.

The MBR problem can be solved if it is being protected by another security software.

 

I have 2 laptops which i run vm's on. One is a core 2 duo T7700 @ 2.4ghz, 3gb ram running windows xp. The other is a core 2 duo X9000 @ 2.8ghz, 4 gb ram running windows vista 64bit. Both can run multiple virtual machines with good performance as the core duo cpu has hardware virtualization support. How much ram is required depends on what OS you are running in the VM. I usually give about 512mb for XP or a linux distro and a gig or more for vista although you can run vista on 512mb depending on what you gonna do with it.
Yeh theres malware that won't execute in a virtual machine, thats a reality. However malware thats able to break out of a VM i have yet to see. I guess if its able to take advantage of an exploit in the VM software then it might be able to do that but i'd say it highly unlikely as the developers are usually quick to patch vulnerabilities. I'd say the main way malware is gonna get out of a vm is through file sharing between the vm and host.

 

farmerlee,

It sounds good that such a PC configuration can run the virtualization software and the virtual machine smoothly.

Does the virtualization work as expected? Does it emulate so well? Do all software work a virtual machine?

What virtulaization software do you use or recommend? Why?

 

Virtualization works far better than i ever thought possible. I've run up to 4 OS's simultaneously and my laptop still performs well. Amazingly my windows xp & server 2003 virtual machines actually boot faster than my host system. The only software you can't yet run properly in a vm is anything to do with 3D graphics. 3D graphics card emulation is still in the experimental stage as far as i know.

I use both vmware workstation and virtualbox. Vmware is great yet its very expensive, i'd only recommend it to those serious about virtualization. It has a lot of advanced features not found in other programs. For the average user virtualbox is fine, its free and is sufficient for most. The reason i use both programs is i've found certain linux distros don't always install that well. Some work better with virtualbox some with vmware, i'm no linux guru so i'll use the easiest option available.