Re: Security and dual booting/running in VM Windows and Linux

[Klistvud <quotations@aliceadsl.fr>]

Dne, 04. 10. 2010 10:39:00 je Lisi napisal(a):
> I have no metrics myself against which to measure this.  I have  
> Googled, but
> have found it difficult to distinguish the FUD and biased/inaccurate
> information from the "real" - and reliable - information.  I would be  
> glad of
> some opinions from the list.
>
> If I set up a computer to dual boot Windows and Linux (specifically  
> Debian
> Lenny) does the fact that Windows is sharing the computer in any way
> jeopardise the security of the Linux installation?

In the very least, a Windows rootkit or virus could potentially mess up  
your partition table, or the master boot record; but there are  
certainly other equally risky scenarious that other list memebers will  
most certainly come up with. So the answer to your question is  
definitely "yes".

> Does it make any difference whether they are in separate partitions  
> on the
> same disk or on separate HDDs?

For the above scenario, hardly.

> Would running Windows in a VM from Linux make the Linux host less  
> secure than
> dual booting, or more so?

Depends on the virtual technology used. Depends on how well is the  
particular virtual environment isolated from your host OS and the "bare  
metal" on which it is running. In this regard, I'd say that XEN is not  
equal to kvm (which uses a kernel driver), and kvm is, in turn, not  
equal to qemu (which runs entirely in userspace, IIRC).

>  Would the Linux host in fact be more/less/equally
> secure than/as it would be if Windows were not on the box at all?

Is this meant as a joke or as a genuine question?

;P

--
Regards,

Klistvud
Certifiable Loonix User #481801
http://bufferoverflow.tiddlyspot.com

Please reply to the list, not to me.