... that contained in the virtualbox extension pack? My host 's LAN is not connected to anything, so to air gap my host. But I do want to browse the www (yeah, paradoxal and controversal). My plan is install vbox without any bridge or host-only network, but install the vbox extension pack (close source), and thus bypass the usb3-lan card into the guest. only the guest have the driver for the usb lan card. It sounds good IF the vbox extension pack is open source, but in reality it's close source. Can I trust my life with that vbox extension pack? thank you. And... the FOSS community can do nothing .
That would be unwise I do use VBox Extension Pack. Mostly to get larger displays. And sometimes I do mount shared folders. But I never pass-through USB, or clipboard. Also, my privacy-focused VBox hosts contain no information about my meatspace persona. The low-security one does have a direct Internet connection, I admit, and runs a VPN client. So an adversary could exploit the VBox Extension Pack to get my ISP-assigned IP address. But my high-security VBox hosts can't see the Internet directly, but only through VPNs running on other machines.