Being virtual and secure

You will never, ever, be able to outwit a true hacker. No antivirus will save you. Antivirus will not find those govt programs lurking on your phone and TV and your Windows workstation.

Every place you go is rife will vulnerability. I remember one case where there was an alert went out from I think the NSA to us about how foreign actors had found out where some contractors where going, which hotel, and had changed the firmware in the hotel routers to inject code into their web traffic to infect them. Everything you pull across the network is a chance to be infected or hijacked.

But, there is a pretty good solution. Virtualization. You can download and install Virtualbox on your computer if you have 8 gigs or so of ram and a quad core processor. There are other "desktop" virtualization solutions (I'm a vmware vsphere guy myself) but virtualbox is nice in that it'll run on Windows, Mac, and Linux. More on that later.

What makes it so good for security is snapshots. So you build your computer the way you want, add your user accounts, and the programs. Then you snapshot it creating a point in time to restore to. Go surf the web. Go to the nastiest porn sites and virus infested hacker sites. When you are done and have had your fix just roll back to the snapshot. Just using this as an example, I'm not that freaky.

What I do is install my virtual machines onto a portable USB drive and either create an encrypted volume via veracrypt to store the virtual machines into or just encrypt the virtual machines themselves, which you can easily do with Virtualbox. This way I can carry a Windows 10, Windows 7, Centos (Linux), etc machines with me always. If I misplace the drive (old age is making this easier every day) or it's stolen and I don't have to panic about what is stored on the machines.

I also keep a few flavors of Virtualbox installers on the portable drive as well. The installers and veracrypt are encrypted with 7zip using zipcrypto. Zipcrypto isn't that great of an encryption but in this case I'm just trying to protect the installers and exe files from being modified by viruses, etc. The Virutalbox machines get AES256. With the installers and veracrypt I can have my computers up and running on pretty much any computer I can get access to.

So about it running on just about any OS. How cool is that. You can have your windows 10 computer in your pocket and take it to grandmas mac and run it. Bring it back and run it on your Windows 7 computer or Linux computer. You can even put your computer (or computers) onto a flash drive on your keychain. Always protected and always available. And almost never worry about viruses ever again.

Just be sure to back those files up every now and then. They'll be big files so you need an equivalent sized drive to back them up to.

Thanks for reminding us of the virtues of Virtualbox. I wish I could take it for a spin now. But thing is, what if my system is already rooted? Not much good to me then, is it? I'd have to start with a fresh *nix install first... Been streaming too many TV episodes from South of the Border and from Behind the (Former) Iron Curtain.

Anyway I am selecting, pasting and saving this to my HOWTO folder...thx again

and here I am just running sandboxie..

8 gigs for vbox? I'm not going to be running a server. and if it's dedicated, it doesn't need 8 gigs for a mere os.

originally posted by: Namdru
Thanks for reminding us of the virtues of Virtualbox. I wish I could take it for a spin now. But thing is, what if my system is already rooted? Not much good to me then, is it? I'd have to start with a fresh *nix install first... Been streaming too many TV episodes from South of the Border and from Behind the (Former) Iron Curtain.

Anyway I am selecting, pasting and saving this to my HOWTO folder...thx again

What if your system is rooted? the entire concept of a virtual machine is it is separate. Makes no difference if your machine is administrator or root. or rooted if you mean android?

everything is contained, unless you allow unrestricted access to your host machine. and even still, none of that matters if you use a vm as your main machine, and use it for normal things, if you are unaware you're infected by something and provide details to servers, whatever would happen on your host machine will happen there. the difference is, you can just go back to an earlier state. or delete the infected vm files. which, if you're using it as your main machine, is no different than canning your current host machine and reinstalling.

sandboxie for me is enough for now, as anything I download in a sandboxed browser is only in that sandbox. and no overhead on cpu or ram.

idk..

Does the VirtualBox require a cloud account? Does it check automatically for "updates"? That makes me suspicious of any piece of kit these days.

Running wireshark regularly (or constantly as I do) is a good idea. Just by watching the stream of data going by, you get a feel of what is normal and what is suspicious.

a great waste of time for the paranoid.
i havent updated my pc for over five years and havent used antivirus for the same number of years,
guess how many problems ive had?
thats right , none.

No cloud account. You can download along with extension packs without ever logging in. See the bolded quote below.

Not only is VirtualBox an extremely feature rich, high performance product for enterprise customers, it is also the only professional solution that is freely available as Open Source Software under the terms of the GNU General Public License (GPL) version 2

What I was talking about is trying to keep it free from viruses and malware. "That" is something you can accomplish via what I mentioned.

As far as your input being captured. Well, it's hard for me to think otherwise. From what I've seen wikilieaks is spot on. People and companies have long since caved and just about anything computer is an unbeknownst trojan. In a covert secenario case I'd steal some drunk college kids nice laptop and still virtualize in encrypted containers. Would I have sympathy for the college kid? If I were in a point where I "needed" to do that sympathy would not be high on my list.

##########################

I use Netflow to examine the traffic with. Currently I'm doing this via an Opnsense virtual appliance both locally and to a separate netflow collector. This way I get host to host ip, host name, ports, and volume of traffic between two endpoints. I use wireshark and love it. But I need to see things like where did my stereo and smart tv go to last night? Where is my smartphone going? Or more importantly who is stealing the company's bandwidth at 2 am and what kind of financial liability could company xyz face by keeping Joe Schmoe employed.

An interesting story. Imho. This ummmm, military contractor I shall not name due to NDA had not caught malicious traffic that had probably been happening for years. But when I implemented Netflow in the switches and routers, vpn equipment I cought it. Tracked it back to the equipment and application that it was originating from. Now "no" tool is a save your ass in every situation. You have to have the intelligence to make sense of what the tool is telling you or it's wasted data.

Wireshark is a great tool and I always have it available but you can packet capture in Cisco equipment, and Linux servers via tcpdump or the like. But when you are dealing with a larger network you need some way to aggregate a lot of data. Now there are many "tools" (applications, sometimes disguised as firmware) for this. Smart tools though often miss something important that human eyeballs are needed for.

originally posted by: stormcell
Does the VirtualBox require a cloud account? Does it check automatically for "updates"? That makes me suspicious of any piece of kit these days.

Running wireshark regularly (or constantly as I do) is a good idea. Just by watching the stream of data going by, you get a feel of what is normal and what is suspicious.