Multiple operating systems to enhance security

Discussion in 'other software & services' started by Wai_Wai, Sep 11, 2008.

Thread Status:
Not open for further replies.
  1. jrmhng

    jrmhng Registered Member

    Joined:
    Nov 4, 2007
    Posts:
    1,268
    Location:
    Australia
    The difference is that because each VM is separated from your host and each other. Also having VMs mean that they are much easier to maintain and image etc.
     
  2. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    9,597
    Hi,

    First, are we talking here HOME environment or CORPORATE / BUSINESS environment?

    That said, I have never heard of an "office" where a "clueless" clerk runs multiple operating systems - for that matter, have never heard of anyone running multiple operating systems in a typical office scenario.

    Second, your example is not good enough. Here's why:

    Office: Accept attachments from digitally signed third-party domains only, problem solved. Keep "Windows" up to date, problem solved. Take into account that the specific vulerability you talk about goes back to 2002, plus do read more about it to understand what and how it worked, problem solved.

    Then, personalized, customized trojans are something else entirely from a general infection risk - and it's far, far less than 1%.

    And lastly, "common security" is NOT to open files from "someone" asking for help. Who this someone is? Do you know him/her?

    The other things you have mentioned have nothing to do with multiple OS for security. Because if you decide to run a file, you will.

    As to website hacking thingie, please run a quick list and see how many sites you download executables from have been hacked in the last 10 years. I guess you'll come up with 0.

    And why would you talk to strangers?

    Still, if you MUST, again the answer is a single operating system: Windows with LUA / SRP, Linux ... very simple.

    Do not bundle the entire corporate / business environment policy into a single desktop. It won't work.

    Mrk
     
  3. blacknight

    blacknight Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    2,964
    Location:
    Europe, UE citizen

    Yes, it is.
     
  4. Wai_Wai

    Wai_Wai Registered Member

    Joined:
    Dec 28, 2004
    Posts:
    556
    It holds true only if the exploit only exists in Day Zero and Microsoft is able to fix the exploit in Day Zero. What if the hacker finds the exploit before MS fixed it? The exploit can exist for quite some time without being discovered. What makes you think MS (or the security experts) are always the first who find the exploit and fix them first before a hacker has a chance to make use of it?

    When a hacker is exploiting your system, he won't issue a notice to tell the world that he is exploiting your system through this-and-that vulnerability. Some exploits may take a long time undiscovered. Some may take months to fix even if Micrsoft realises it.

    Would you say a malware is able to hide itself completely when you were a few years ago? When the word "rootkit" was unpopular at that time, you may think such a concept was absurd.

    There could be an undiscovered exploit. It can make Windows report the wrong extension. So when you think it is a picture, it is really an executable malware. You click to run it. It shows as a normal picture but a trojan is actually dropped via the new exploit that no one knows so far.


    It appears you think it is impossible to hack a server if it is properly configured. Server is not hacker-proof even though it's much much harder. I know It did happen in the past even it's uncommon. You didn't encounter this =/= Everyone in the world didn't and would not encounter this.


    Hackers never tells you the exact statistics as to how many customized/rare trojans are spreading in the world. Maybe 1%, maybe 0.1%, matbe 0.01%. Who knows?

    I saw a trojan which was only discovered after years. It is definitely possible that a trojan hasn't been discovered yet.


    Well no. I believe I didn't say the setup in the first post is being used by some corporations. I created this post because I want to know/confirm about the validility and effectiveness of this security setup.

    You said: "Master the knowledge and it won't matter what you use, how many, how often, and to what purpose. It is perfectly reasonable to use a single operating system for anything you may need, without any special extras."

    I simply pointed out "one size doesn't fit all" / "everyone's mileage are different".

    Different people use the computers for different purposes. If they need to do a lot of financial critical tasks, they may want to do more special extras (I'm not saying they must setup multiple OSes!!) to keep the risks as low as possible. Your abovesaid method can't eliminate all the risks involved so there are still room to do soemthing to further lower the risks.

    You said:
    You assume *everyone* doesn't need to receive email or accept files from a stranger. Let me give you one scene. You will go to some websites to buy and sell stuff. Then you would need to read and send emails from strangers. Common sense says you just don't run any executables. It's okay to open non-executables like graphics, text files. But who knows when a graphic file or a text file can be dangerous too?

    Even if you know him/her, it deson't mean the files sent by him/her will become safe. His/her computer may get infected. When he sends the image file to you, a virus is silently attached to it.

    For some people, they need talk to strangers due to job, work, hobby or whatever.
     
  5. Wai_Wai

    Wai_Wai Registered Member

    Joined:
    Dec 28, 2004
    Posts:
    556
    I know a virus is able to see all drive windows and destroy them. What if it is a trojan/keylogger? How can it activate and steal my accounts if I am booted from a clean Windows?

    While I don't think such a complicated setup is so effective, it appears it can defend very well against the trojan- and keylogger-type of malware.


    How do we use the host computer?

    There are 2 types of activities: mission-critical or financial-related tasks, all other normal usage. The purpose is to lower the risk as much as possible, even if the risk is already small.

    If you perform all the normal activities in the host computer, eg install and try programs, visit websites, check emails, instant messaging; your exposure is increased, and so the risks.

    The risk of infection of the host computer is even higher than the virtual desktop (sine you only use this virtual desktop to do mission-critical tasks).

    I don't see how such a virtual desktop setup help to lower the risk of infection or account stealing.


    No. Instead of justifying such a setup, I would like to hear people to comment on this setup. That's why "this post".
     
  6. Wai_Wai

    Wai_Wai Registered Member

    Joined:
    Dec 28, 2004
    Posts:
    556
    How is the VMWare or virtual OS valid in the above case?

    Where are we going to perform all those normal activities (which are higher risks)? Host or virtual?

    Where are we going to perform all those mission-critical tasks? Host or virtual?

    Isn't it weird and problematic if we are going to use the virtual Windows for the normal activities (95-99%), and use the host computer only for mission-critical tasks (1-5%)?
     
  7. Wai_Wai

    Wai_Wai Registered Member

    Joined:
    Dec 28, 2004
    Posts:
    556
    That seems logical. We don't need to keep the OS so updated when it's read-only. However what if you want to use some software which aren't included in the LiveCD (eg a financial software to perform mission-critical tasks)?

    What is the best way to update or bundle some software into the LiveCD?

    What virtualization software are you using? What would you recommend?

    Yes they are pretty secure. Security researchers like to use it too. So it seems there are already more and more malware who will try to identify the virtual desktop and spoil it.
     
  8. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    The whole point in using a VM for this purpose is to use it for those risky activities. It's not to stay idle doing nothing.

    "Mission critical" would likely be on the host.
     
  9. Wai_Wai

    Wai_Wai Registered Member

    Joined:
    Dec 28, 2004
    Posts:
    556
    Some of the ideas were proposed because the clients want to be very very certain that there is no risk of infection (past, current and forseeable future). They want to keep the risk as negiglible as possible.

    VM case: All the normal activities (95%) are considered to be risky in client eyes. If we use VM, we are virtually doing everything on the VM except mission critical stuff. The host will stay idle for 95% of the time. Is it really ok if we use it in this way?

    After all VM has a weakness. It's possible that a virus is able to identify the VM and the host, breaking through it, infecting the host.
     
  10. Wai_Wai

    Wai_Wai Registered Member

    Joined:
    Dec 28, 2004
    Posts:
    556
    Very interesting contest:
    "A laptop running a fully patched version of Microsoft's Vista operating system was the second and final machine to fall in a hacking contest that pitted the security of Windows, OS X and Ubuntu Linux. With both a Windows and Mac machine felled, only the Linux box remained standing following the three-day competition."

    ...

    "The better take-away is that exploits like these are a fact of life for everyone no matter what kind of machine they choose (are you listening, Mac Guy?). Another lesson: just as quickly as Microsoft or any other developer adds new measures like page protection to their code base, hackers, ethical and otherwise, are find ways to work around them.

    "Nobody can do anything about it, because you're always going to be installing something" that will bypass security, Macaulay, who wore torn blue jeans and a Puma jogging jacket, said with a shrug. "If it's not Java, it'll be something else.""

    It took such little time for a fully patched MS Vista to fail. :(

    Source - http://www.securityfocus.com/news/11512
     
    Last edited: Sep 12, 2008
  11. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    9,597
    Hello,

    Aids and Ebola are very serious infections - that does not mean you'll be getting them any time soon.

    I understand the need for drama and suspense - but there's no reason for any. Software is just software, not something out of Tom Clancy's book.

    A hacking content has absolutely nothing to do with the problem you try to solve. Read the articles you link to, or ideas you link to, before you use them as a weapon.

    It was a contest, with professionals having LOCAL access to the machines being hacked ... hardly the common scenario where someone downloads a file called crack.exe for his brand new edition of payware XYZ and then complains in a hijackthis forum.

    And the "Mac guy" has nothing to fear - just like Windows guy has nothing to fear. Being safe is a matter of a few very simple concepts, no different than anything else we do in life.

    I hate to be a drama-killer, but that's the way it is. There is no Matrix, no Skynet, no "invisible" malware. There's only fear and lack of education, which once led people to believe in imaginary things, like deities, and now make people believe in Neoism.

    When you break it down into most basic machine commands, it's all pure text...

    Mrk
     
  12. virtumonde

    virtumonde Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    504
    Nice post.This is my belive also but i don't know the english to write such phrases.
    It is a mad world only if u want to make it.
    Most of the infections are huge users mistakes which can easely be avoided with basic Pc knowledge or guides.
     
  13. jrmhng

    jrmhng Registered Member

    Joined:
    Nov 4, 2007
    Posts:
    1,268
    Location:
    Australia
    There is nothing wrong with that model. In fact farmerlee here uses that setup. In any case, how is this time allocation going to be any different under your model? You will have one for normal activities that you will spend 95% of the time. Then you use your other partition 5% of the time for mission critical activities.

    It doesnt have to be a virus that is trying to destroy your drives. If it can see your drive, it can install itself on it.

    We have been commenting and pointing out that it is ineffective and there are better solutions out there.
     
  14. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    Well you sure are aggressive to peeps who are just giving you thier feedback. Not like I am trying to screw you or anything.

    Your post is asking whether multiple OS setup would enhance security. The answer is no. Plain and simple. If the OS 1 is used, it can be compromised. If you then use OS 2, it too can be compromised. Sure, you can have an 'extra' OS to boot into to fix the compromised OS, but still, whichever OS you use has the chance to be compromised.

    So, you need to decide which method of protecting the OS in current use you wish to use. Booting into a live cd seems like more effort than either going virtual or just running different security apps. Maybe USB boot would do, but cd would seem slow to me.

    Have you thought about terminals? Maybe that would be your answer.

    And as far as using a virtual OS, what does it matter if the host is not really being used? If you spend the most time online in your use and worry that your machine will be infected, then stay in the virtual OS most of the time. If your online use is minimal, then only use the virtual OS at those times. It need not be complicated as to which the host or virtual OS is used most. The goal is to CONTAIN possible problems to the virtual OS.

    If you must perform critical tasks while being online in the host OS, you had better start using LUA or equivilent, plug as many holes as you can, educate the user and maybe pick some good utilities to help you.

    I understand that you may not agree with other peeps opinions, but you were the one who asked the question and this is a public forum, so maybe you should just consider all the responses as other peoples opinions that are different from your own, but not necessarily wrong.

    Hope you find a great solution that fits your needs.

    Sul.
     
  15. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,487
    Actually if you have two OS's on board, and something compromises one of them, it can get both of them at the same time.

    Whoever said two OS's is no better protection then one is absolutely right.
     
  16. jrmhng

    jrmhng Registered Member

    Joined:
    Nov 4, 2007
    Posts:
    1,268
    Location:
    Australia
    I humbly take credit for that :D
     
  17. Brian K

    Brian K Imaging Specialist

    Joined:
    Jan 28, 2005
    Posts:
    10,241
    Location:
    NSW, Australia
    I guess it depends on how you are multi-booting. Using BING you can exclude each OS from the MBR of the other. You can also exclude several or all data partitions from the MBR of the booting OS. So the booting OS knows nothing about any of the other partitions. If you look in Disk Management there are no other partitions apart from the booting OS partition.

    I don't use this method to enhance security but it sounds reasonable if you want to live dangerously without a firewall or anti-virus software.
     
  18. raakii

    raakii Registered Member

    Joined:
    Sep 1, 2008
    Posts:
    593
    According to me using two oses , if u cant boot in one os you will boot in another and rectify the faulty os, but that is for normal problem due to testing of applications .

    If u are going to go for mission critical applications , i dont think that would be a solution.

    please tell me if this concept is completely wrong....
     
  19. jrmhng

    jrmhng Registered Member

    Joined:
    Nov 4, 2007
    Posts:
    1,268
    Location:
    Australia
    How is this implemented? Is BING acting as a hypervisor? Is it just virtualizing the disk?
     
  20. Wai_Wai

    Wai_Wai Registered Member

    Joined:
    Dec 28, 2004
    Posts:
    556
    So far the only problem I can think of is performance penalty. It's because you have to run two OSs (the host + the virtual OS) 95-99% of the time.
    I don't think if there is any other problem. That's why I asked.

    Yes true. But as far as I know, so far a trojan/keylogger will only try to implant itself to the active OS.
    Of course a malware writer can rewrite it so the trojan/keylogger will search for all OSs and plant itself into all of them.
    However very few users will have such a weird setup so they won't do it.
    That's why I say a trojan/keylogger won't work in this setup. It's because they can't be activated when I am booting from the clean OS (be it from a CD or USB or whatever).

    After all, in case if someone doesn't know, I do see the problems of this multi-OS setup.
    I asked in the public forum because I'm doubtful about this setup too. If I was so confident about this setup, I wouldn't ask at all.
     
    Last edited: Sep 13, 2008
  21. Wai_Wai

    Wai_Wai Registered Member

    Joined:
    Dec 28, 2004
    Posts:
    556
    What is an analogy? They share some common points, and it is those points that you should pay attention to. It doesn't mean you should blindly apply Case A to Case B.

    You once said "a fully patched Windows, problems solved". This clearly shows a fully patched Windows doesn't mean it is really fully patched. A fully patched Windows still have many (known and unknown) vulnerabilities. It is only less risky than a unpatched Windows.

    How much is the difference? If he is able to execute the codes by whatever means (eg lure you to run something which seems to be innocent like a picture file) and gain local access, he could do what the contest does.

    What's more, human is not perfect. Common sense doesn't help you to avoid making any mistakes. Not all mistakes are so obvious. Some can be pretty tricky and easier to fall into. Hackers are always trying new ways to lure you into the traps. It doesn't mean as long as you don't run any executable, or use Firefox to browse websites, you will always be safe.

    The contest also points out that the more you do on your system, the more likely you have done something which will bypass security.


    If that were the cases, tell me why business and government servers will still be hacked. Why could a trojan successfully implanted in financial firms, cost the firms millions of dollars lost. If simple concepts and common sense help so much, how come the government, big firms and financial firms can't help losing much money due to hacking, malware and infection?

    A wide range of software kept being cracked day after day. Nothing could be done to stop them. Even the security products themselves have been cracked and pirated.

    I did see someone who has above-average computer knowledge. Its computer is properly configured with common security software installed. Still his PC got infected in some way (we still don't know why he got infected in the first place). That malware was very hidden. We only see the sign of this malware when we look at the network logs. There was a mysterious connection to somewhere.

    Corporate environment and individual environment are not exactly the same. But if a corporate security setup can fail, it is not surprising our little individual security setup can fail too.

    All horrible facts aside, I'm not trying to say the Internet is so dangerous. A normal person is still pretty safe if you are willing to do all the security measures the community suggest. However the risk doesn't eliminate. It's still here. Depending on how you use your computer, how often you perform mission-critical tasks, how valuable your assets are, you would like to do extras to further reduce the risks.

    True. A malware is only a program but it's a program with bad intention.
    A program which runs "reformat all drives without prompt" is a simple command. Still it is frightening if used in a bad way.
     
  22. Wai_Wai

    Wai_Wai Registered Member

    Joined:
    Dec 28, 2004
    Posts:
    556
    I believe the concept itself is actually good. The problem is how we should implement it.

    There are roughly 2 kinds of activities - the normal (but risky) activities, and the mission critical activities. The concept tells you to separate those activities to different isolated setups (not OS!!). One shouldn't be able to affect another.

    Carry out all those normal (risky) activities in Setup A.

    Restrict yourself to highly trusted and highly secure activities in Setup B.

    Both Setup A and Setup B are isolated.

    ------------------------

    The simplest way to apply this concept is to purchase two computers.

    The first computer is for all those normal (risky) activities. Even if you make a mistake in your lifetime or the malware writer finds a new way to infect you, you won't be affected. This computer (OS) is ready for (data) disposal. ;)

    The second computer is strictly for mission critical activities. You don't use it to do anything else except tasks which are really necessary or 99.99% secure. Install as few software as possible. Use as little as possible.
     
  23. Wai_Wai

    Wai_Wai Registered Member

    Joined:
    Dec 28, 2004
    Posts:
    556
    One quick question: what about hidden partition? Can it be used as a way to remedy some of the problems mentioned in some of the posts?
     
  24. raakii

    raakii Registered Member

    Joined:
    Sep 1, 2008
    Posts:
    593
    one thing is hidden partition and another fact i need to know is partition with no drive letter . how would these things help?
     
  25. Brian K

    Brian K Imaging Specialist

    Joined:
    Jan 28, 2005
    Posts:
    10,241
    Location:
    NSW, Australia
    huangker,

    When you setup a boot item in BING you can choose which partitions you want in the master partition table when that item is booted.

    Let's say you have three Operating systems, A, B and C. You also have an Extended partition, D. A typical boot item for A could have A, B, C, D in the partition table with B and C being hidden partitions. When A is booted only A and D are seen in Windows Explorer but all partitions are present in Disk Management.

    Another way to boot A is to only have A in the partition table. So when A is booted, B, C and D don't appear in Windows Explorer or Disk Management.

    I'm not suggesting you would have these two scenarios for booting A but the second could be your "danger-man" method. When A becomes infected, restore its image. A never sees the other 3 partitions. The other 3 partitions never see A.

    Your other boot items could be B, C, D or C, B, D. A is only used for the "danger-man" method.
     
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.