FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 10-04-2010, 08:39 AM
Lisi
 
Default Security and dual booting/running in VM Windows and Linux

I have no metrics myself against which to measure this. I have Googled, but
have found it difficult to distinguish the FUD and biased/inaccurate
information from the "real" - and reliable - information. I would be glad of
some opinions from the list.

If I set up a computer to dual boot Windows and Linux (specifically Debian
Lenny) does the fact that Windows is sharing the computer in any way
jeopardise the security of the Linux installation?

Does it make any difference whether they are in separate partitions on the
same disk or on separate HDDs?

Would running Windows in a VM from Linux make the Linux host less secure than
dual booting, or more so? Would the Linux host in fact be more/less/equally
secure than/as it would be if Windows were not on the box at all?

Thanks,
Lisi


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 201010040939.01084.lisi.reisz@gmail.com">http://lists.debian.org/201010040939.01084.lisi.reisz@gmail.com
 
Old 10-04-2010, 08:56 AM
Klistvud
 
Default Security and dual booting/running in VM Windows and Linux

Dne, 04. 10. 2010 10:39:00 je Lisi napisal(a):
I have no metrics myself against which to measure this. I have
Googled, but

have found it difficult to distinguish the FUD and biased/inaccurate
information from the "real" - and reliable - information. I would be
glad of

some opinions from the list.

If I set up a computer to dual boot Windows and Linux (specifically
Debian

Lenny) does the fact that Windows is sharing the computer in any way
jeopardise the security of the Linux installation?


In the very least, a Windows rootkit or virus could potentially mess up
your partition table, or the master boot record; but there are
certainly other equally risky scenarious that other list memebers will
most certainly come up with. So the answer to your question is
definitely "yes".


Does it make any difference whether they are in separate partitions
on the

same disk or on separate HDDs?


For the above scenario, hardly.

Would running Windows in a VM from Linux make the Linux host less
secure than

dual booting, or more so?


Depends on the virtual technology used. Depends on how well is the
particular virtual environment isolated from your host OS and the "bare
metal" on which it is running. In this regard, I'd say that XEN is not
equal to kvm (which uses a kernel driver), and kvm is, in turn, not
equal to qemu (which runs entirely in userspace, IIRC).



Would the Linux host in fact be more/less/equally
secure than/as it would be if Windows were not on the box at all?


Is this meant as a joke or as a genuine question?

;P

--
Regards,

Klistvud
Certifiable Loonix User #481801
http://bufferoverflow.tiddlyspot.com

Please reply to the list, not to me.


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 1286182581.27059.2@compax">http://lists.debian.org/1286182581.27059.2@compax
 
Old 10-04-2010, 09:01 AM
Angus Hedger
 
Default Security and dual booting/running in VM Windows and Linux

On Mon, 4 Oct 2010 09:39:00 +0100
Lisi <lisi.reisz@gmail.com> wrote:

> I have no metrics myself against which to measure this. I have
> Googled, but have found it difficult to distinguish the FUD and
> biased/inaccurate information from the "real" - and reliable -
> information. I would be glad of some opinions from the list.
>
> If I set up a computer to dual boot Windows and Linux (specifically
> Debian Lenny) does the fact that Windows is sharing the computer in
> any way jeopardise the security of the Linux installation?

Highly unlikely, windows viruses generally dont run under wine,
and windows cant even read linux partitions unless you install a driver.

And even then, there are very few linux viruses/Trojans in the wild.

> Does it make any difference whether they are in separate partitions
> on the same disk or on separate HDDs?

Not really.

> Would running Windows in a VM from Linux make the Linux host less
> secure than dual booting, or more so? Would the Linux host in fact
> be more/less/equally secure than/as it would be if Windows were not
> on the box at all?

You can get exploits aimed at virtual machines which aim to infect the
host, but again, rare and not normally aimed at someone running Windows
via virtual box or the like.

In general, when dual booting, what happens to one OS only happens to
that OS (unless you mess up the partition record or something).

If the worst happens, you can just whip out the windows partition and
reinstall.

The main headaches with dual booting are, having to reboot (obviously),
bootloader issues (windows overwriting grub, other iffy drm overwriting
grub, see adobe stuff), but you gain all the advantages of running the
OS on the metal.

VM's are nice for running one or two programs from within the host OS,
but if your application needs high performance 3D, you will find using
a VM lacking, also, on a lower power system, running windows on-top of
linux can leave you running into ram and cpu limitations.

Sorry if this ramble about general VM stuff is unneeded!

The short version is, the risks with dual booting or using a self
contained vm (eg not a vm which shares the hosts kernel) are minimal
and not worth worrying about.

> Thanks,
> Lisi

------
Regards,

Angus Hedger

Debian GNU/Linux User PGP Public Key 0xEE6A4B97
 
Old 10-04-2010, 09:04 AM
Camaleón
 
Default Security and dual booting/running in VM Windows and Linux

On Mon, 04 Oct 2010 09:39:00 +0100, Lisi wrote:

(...)

> If I set up a computer to dual boot Windows and Linux (specifically
> Debian Lenny) does the fact that Windows is sharing the computer in any
> way jeopardise the security of the Linux installation?

No, unless you are runing WINE inside Linux.

> Does it make any difference whether they are in separate partitions on
> the same disk or on separate HDDs?

It does not matter.

> Would running Windows in a VM from Linux make the Linux host less secure
> than dual booting, or more so? Would the Linux host in fact be
> more/less/equally secure than/as it would be if Windows were not on the
> box at all?

Linux is not less secure by having to share the computer with Windows.

Having a VM will allow you to run your Windows system inside Linux but it
has pros and cons. If your main concern is about Linux security, this
won't decrease by having a Windows system as an OS "partner" :-)

Stored data is another thing. When running Windows just take the
recommended steps to avoid your system from being "infected". Data is "OS-
agnostic".

Greetings,

--
Camaleón


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: pan.2010.10.04.09.04.32@gmail.com">http://lists.debian.org/pan.2010.10.04.09.04.32@gmail.com
 
Old 10-04-2010, 10:07 AM
Lisi
 
Default Security and dual booting/running in VM Windows and Linux

I have no metrics myself against which to measure this. I have Googled, but
have found it difficult to distinguish the FUD and biased/inaccurate
information from the "real" - and reliable - information. I would be glad of
some opinions from the list.

If I set up a computer to dual boot Windows and Linux (specifically Debian
Lenny) does the fact that Windows is sharing the computer in any way
jeopardise the security of the Linux installation?

Does it make any difference whether they are in separate partitions on the
same disk or on separate HDDs?

Would running Windows in a VM from Linux make the Linux host less secure than
dual booting, or more so? Would the Linux host in fact be more/less/equally
secure than/as it would be if Windows were not on the box at all?

Thanks,
Lisi

Sorry if my last attempt to send this eventually turns up, so you get 2. :-(


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 201010041107.01732.lisi.reisz@gmail.com">http://lists.debian.org/201010041107.01732.lisi.reisz@gmail.com
 
Old 10-04-2010, 10:14 AM
Jan Ingvoldstad
 
Default Security and dual booting/running in VM Windows and Linux

On Mon, Oct 4, 2010 at 12:07, Lisi <lisi.reisz@gmail.com> wrote:

I have no metrics myself against which to measure this. *I have Googled, but

have found it difficult to distinguish the FUD and biased/inaccurate

information from the "real" - and reliable - information. *I would be glad of

some opinions from the list.



If I set up a computer to dual boot Windows and Linux (specifically Debian

Lenny) does the fact that Windows is sharing the computer in any way

jeopardise the security of the Linux installation?

If your basic assumption is that your Windows system is less secure than your Debian system, then yes, it might.

Even though Windows itself doesn't understand filesystem information etc. for Linux, Linux is open source, so it's hardly a secret how that works. There is userspace software for this.


It is, however, extremely unlikely that someone will attempt to break into a Linux partition on a Windows box through an automated process: there are so few people doing this compared to the mass of Windows boxes, that there is little "profit" in it for script kiddies and crackers.


So, yes, it does jeopardise the security, but not significantly, and probably less so than the Linux installation jeopardises the Windows installation.



Does it make any difference whether they are in separate partitions on the

same disk or on separate HDDs?

No.


Would running Windows in a VM from Linux make the Linux host less secure than

dual booting, or more so? *Would the Linux host in fact be more/less/equally

secure than/as it would be if Windows were not on the box at all?
I think you may be approaching this the wrong way, and that you instead should ask yourself:

How can I secure my system(s) in the best possible way?


If your main fear is that a Windows security vulnerability might screw up your Linux data, use encryption for your Linux partition, e.g. with dm-crypt (http://www.saout.de/misc/dm-crypt/), and _do not store the password in a file_.

--
Jan
 
Old 10-04-2010, 10:46 AM
godo
 
Default Security and dual booting/running in VM Windows and Linux

On 10/04/2010 10:39 AM, Lisi wrote:

I have no metrics myself against which to measure this. I have Googled, but
have found it difficult to distinguish the FUD and biased/inaccurate
information from the "real" - and reliable - information. I would be glad of
some opinions from the list.

If I set up a computer to dual boot Windows and Linux (specifically Debian
Lenny) does the fact that Windows is sharing the computer in any way
jeopardise the security of the Linux installation?

Does it make any difference whether they are in separate partitions on the
same disk or on separate HDDs?

Would running Windows in a VM from Linux make the Linux host less secure than
dual booting, or more so? Would the Linux host in fact be more/less/equally
secure than/as it would be if Windows were not on the box at all?

Thanks,
Lisi



I think that running Windows inside Linux (VM) is best option.
You can "forbid" Windows through VM to connect to the internet. If I
remember correctly you can disable also that guest (Windows) connect to
host (Linux).

Running Windows in VM also save you from rebooting.

--
Bye,
Goran Dobosevic
Hrvatski: www.dobosevic.com
English: www.dobosevic.com/en/
Registered Linux User #503414


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Archive: 4CA9B06B.40303@dobosevic.com">http://lists.debian.org/4CA9B06B.40303@dobosevic.com
 
Old 10-04-2010, 04:59 PM
Simon Brandmair
 
Default Security and dual booting/running in VM Windows and Linux

On Mon, 04 Oct 2010 11:00:02 +0200 Klistvud wrote:

> Dne, 04. 10. 2010 10:39:00 je Lisi napisal(a):
[...]
>>
>> If I set up a computer to dual boot Windows and Linux (specifically
>> Debian
>> Lenny) does the fact that Windows is sharing the computer in any way
>> jeopardise the security of the Linux installation?
>
> In the very least, a Windows rootkit or virus could potentially mess up
> your partition table, or the master boot record; but there are certainly
> other equally risky scenarious that other list memebers will most
> certainly come up with. So the answer to your question is definitely
> "yes".

Other scenario: Windows rootkit -> mount linux partitions -> replace some
binaries/kernel/libs of your Linux installation -> compromised Linux
system

Cheers,
Simon


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: i8d15o$bao$00$1@news.t-online.com">http://lists.debian.org/i8d15o$bao$00$1@news.t-online.com
 
Old 10-04-2010, 05:41 PM
Angus Hedger
 
Default Security and dual booting/running in VM Windows and Linux

On Mon, 4 Oct 2010 18:59:36 +0200
Simon Brandmair <sbrandmair@gmx.net> wrote:

> > In the very least, a Windows rootkit or virus could potentially
> > mess up your partition table, or the master boot record; but there
> > are certainly other equally risky scenarious that other list
> > memebers will most certainly come up with. So the answer to your
> > question is definitely "yes".
>
> Other scenario: Windows rootkit -> mount linux partitions -> replace
> some binaries/kernel/libs of your Linux installation -> compromised
> Linux system
>
> Cheers,
> Simon

Well, as I agree that the scenario you describe could happen, the
likelihood is very low.

Most malware these days is out to make money, in some shape or form,
mostly via copying/keyloging passwords et al or blackmailware (eg, some
stuff will lock/encrypt your data and make you pay to get it back - I
have heard of at least one piece of software that will do this), or
scamware (eg, fake anti virus applications).

And for the most part, targeting linux with these kinds of malware,
would be a waste of time, mostly due to a limited end user market, in
comparison with windows (Most stuff is social engineering these days,
with limited numbers of real remote or local exploits, it would be no
more difficult to make someone download and click on a rouge .deb
compared to a rouge .exe).

Having Windows on a computer and using due care and diligence with
booted into it, or in a VM does not make a computer any more or less
safe for the most part.

I suppose having more than one OS does increase the attack surface of a
machine, but with restrictive firewalls, and a good hosts file [1], and
a decent anti virus on the windows side (booo hiss) [2] you can be just
as secure.

If you can avoid using windows, it helps, sure, but at the same time,
for home use, if someone is computer literate enough to understand the
idea of dual booting or using a VM, I am sure they would understand
basic browsing safety precautions.

I apologise for the wall of text, I have spent the day doing
paperwork, so have found myself in a verbose mood.

[1] http://www.mvps.org/winhelp2002/hosts.htm

[2] http://www.avast.com/en-gb/index or
http://www.microsoft.com/security_essentials/

------
Regards,

Angus Hedger

Debian GNU/Linux User PGP Public Key 0xEE6A4B97
 

Thread Tools




All times are GMT. The time now is 03:26 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org