VM Page #1064
30
_includes/sections/vm.html
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
|
|||||||
|
<h1 id="win10" class="anchor"><a href="#vm"><i class="fas fa-link anchor-icon"></i></a> Use VMs for isolation.</h1>
|
||||||
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
I've noticed that headers on this site tend summarize the content, but the content currently is more about how to get started with VMs. Also, the headers on PTIO don't end with periods. ```suggestion
<h1 id="win10" class="anchor"><a href="#vm"><i class="fas fa-link anchor-icon"></i></a> Getting started with VMs</h1>
```
I've noticed that headers on this site tend summarize the content, but the content currently is more about how to get started with VMs. Also, the headers on PTIO don't end with periods.
|
|||||||
|
|
||||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
|||||||
|
<div class="alert alert-warning" role="alert">
|
||||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
|||||||
|
<strong> When opening up insecure applications use a VPN!</strong>
|
||||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
```suggestion
<strong> When opening up insecure applications, use a VM!</strong>
```
|
|||||||
|
</div>
|
||||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
|||||||
|
|
||||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
|||||||
|
<img src="/assets/img/layout/vm.jpg" width="367" height="369" class="img-fluid float-right" alt="virtual-machine-logo" style="margin-left:10px;">
|
||||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
|||||||
|
|
||||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
|||||||
|
<ol>
|
||||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
|||||||
|
<li><strong>Choosing a strong hyperviser.</strong>
|
||||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
```suggestion
<li><strong>Choosing a strong hypervisor</strong>
```
|
|||||||
|
<ul>
|
||||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
|||||||
|
<li>Use one that is [free software](https://www.wikipedia.org/wiki/Free_software) like QEMU</li>
|
||||||
|
There is a dot missing in the end while other lines end to a dot. There is a dot missing in the end while other lines end to a dot.
How about Virtualbox OSE/CE? I don't remember which name it is. I haven't used QEMU personally that I remember of. How about Virtualbox OSE/CE? I don't remember which name it is. I haven't used QEMU personally that I remember of.
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If I remember properly, Virtual box uses non-free code for GPU exceleration. I've looked at others too, like GNOME (Linux) boxes and VMM (OpenBSD and UNIX-based OSes) but they only support a few platforms. XEN also looked promising, but if I remember properly they don't work on any LIbreboot laptop and many Coreboot machines as they require non-free code for the CPU. QEMU-kvm may require non-free code as well. If I remember properly, Virtual box uses non-free code for GPU exceleration.
I've looked at others too, like GNOME (Linux) boxes and VMM (OpenBSD and UNIX-based OSes) but they only support a few platforms.
XEN also looked promising, but if I remember properly they don't work on any LIbreboot laptop and many Coreboot machines as they require non-free code for the CPU.
QEMU-kvm may require non-free code as well.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
```suggestion
<li>Use one that is <a href="https://www.wikipedia.org/wiki/Free_software">free software</a> like QEMU.</li>
```
|
|||||||
|
<li>Stay wary of KVM as it can be a security flaw.</li>
|
||||||
|
Citation needed? Citation needed?
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
KVM's in general widen your attack surface. For more info just look up the micro vs monolithic kernel debate. KVM's in general widen your attack surface.
For more info just look up the micro vs monolithic kernel debate.
Gives you plenty of information and instances.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
|||||||
|
<li>Choose one with managable settings like shared clipboard.</li>
|
||||||
|
Is shared clipboard a secure setting? What if untrusted application from the VM copies a malicious script to your clipboard and you accidentally paste it to your root terminal or it includes Is shared clipboard a secure setting? What if untrusted application from the VM copies a malicious script to your clipboard and you accidentally paste it to your root terminal or it includes `sudo` while your sudo cooke is still in force? What do you mean with manageable settings here?
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
It is handy, but it generally should be turned off.
I mean that you (the user) should be able to control it. Not sure what edit your recommending (if any) :) > Is shared clipboard a secure setting?
It is handy, but it generally should be turned off.
> manageable settings
I mean that you (the user) should be able to control it.
__________
Not sure what edit your recommending (if any) :)
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
```suggestion
<li>Choose one with manageable settings like shared clipboard.</li>
```
|
|||||||
|
</ul>
|
||||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
|||||||
|
</li>
|
||||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
|||||||
|
|
||||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
|||||||
|
<li><strong>Choosing an OS.</strong>
|
||||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
```suggestion
<li><strong>Choosing an operating system</strong>
```
|
|||||||
|
<ul>
|
||||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
|||||||
|
<li>View our [OS section](https://www.privacytools.io/operating-systems/) for information on OSes that respect your privacy.</li>
|
||||||
|
I wonder if this should directly tell hardware users to use Qubes and for VMs to pick Tails and then mention our OS section for other options? I wonder if this should directly tell hardware users to use Qubes and for VMs to pick Tails and then mention our OS section for other options?
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
Tails is proprietary, not generally a good OS for stuff like this (uses Debian
Qubes OS is iffy, it doesn't support most privacy focused hardware (Libreboot). It has non-free dependencies: https://github.com/QubesOS/qubes-issues/issues/5163 Tails is proprietary, not generally a good OS for stuff like this (uses Debian `non-free`).
- Whonix might be a good choice.
Qubes OS is iffy, it doesn't support most privacy focused hardware (Libreboot). It has non-free dependencies: https://github.com/QubesOS/qubes-issues/issues/5163
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
|||||||
|
</ul>
|
||||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
|||||||
|
</li>
|
||||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
|||||||
|
|
||||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
|||||||
|
</ol>
|
||||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
|||||||
|
|
||||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
|||||||
|
<h3>Related Information</h3>
|
||||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
|||||||
|
|
||||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
|||||||
|
<ul>
|
||||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
|||||||
|
<li><a href="https://security.stackexchange.com/questions/73338/can-virtual-machines-be-used-to-isolate-vulnerable-software">VMs Have Flaws</a> - Security Stack Echange question "Can virtual machines be used to isolate vulnerable software?".</li>
|
||||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
|||||||
|
</ul>
|
||||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
|||||||
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it.
If this is the general consensus, I'll remove it.