VM Page #1064
@ -53,6 +53,8 @@
|
||||
<a class="dropdown-item" href="/software/networks/"><i class="fas fa-user-secret fa-fw"></i> Self-contained Networks</a>
|
||||
<a class="dropdown-item" href="/software/cloud/"><i class="fas fa-hdd fa-fw"></i> Self-Hosted Cloud Server</a>
|
||||
<a class="dropdown-item" href="/software/voip/"><i class="fas fa-phone fa-fw"></i> Video & Voice Messenger</a>
|
||||
<a class="dropdown-item" href="/vm"><i class="fas fa-phone fa-fw"></i> Virtual Machines</a>
|
||||
|
|
||||
|
||||
</div>
|
||||
</li>
|
||||
<li class="nav-item dropdown">
|
||||
|
||||
24
_includes/sections/vm.html
Normal file
@ -0,0 +1,24 @@
|
||||
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
||||
<h1 id="win10" class="anchor"><a href="#vm"><i class="fas fa-link anchor-icon"></i></a> Use VMs for isolation.</h1>
|
||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
I've noticed that headers on this site tend summarize the content, but the content currently is more about how to get started with VMs. Also, the headers on PTIO don't end with periods. ```suggestion
<h1 id="win10" class="anchor"><a href="#vm"><i class="fas fa-link anchor-icon"></i></a> Getting started with VMs</h1>
```
I've noticed that headers on this site tend summarize the content, but the content currently is more about how to get started with VMs. Also, the headers on PTIO don't end with periods.
|
||||
|
||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
||||
<div class="alert alert-warning" role="alert">
|
||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
||||
<strong> When opening up insecure applications use a VM!</strong>
|
||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
```suggestion
<strong> When opening up insecure applications, use a VM!</strong>
```
|
||||
</div>
|
||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
||||
|
||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
||||
<img src="/assets/img/layout/desktop-solid.svg" width="367" height="369" class="img-fluid float-right" alt="desktop-icon" style="margin-left:10px;">
|
||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
||||
|
||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
||||
<ol>
|
||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
||||
<li><strong>Choosing a strong hyperviser.</strong>
|
||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
```suggestion
<li><strong>Choosing a strong hypervisor</strong>
```
|
||||
<ul>
|
||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
||||
<li>Use one that is <a href="https://www.wikipedia.org/wiki/Free_software">free software</a> like QEMU</li>
|
||||
|
There is a dot missing in the end while other lines end to a dot. There is a dot missing in the end while other lines end to a dot.
How about Virtualbox OSE/CE? I don't remember which name it is. I haven't used QEMU personally that I remember of. How about Virtualbox OSE/CE? I don't remember which name it is. I haven't used QEMU personally that I remember of.
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If I remember properly, Virtual box uses non-free code for GPU exceleration. I've looked at others too, like GNOME (Linux) boxes and VMM (OpenBSD and UNIX-based OSes) but they only support a few platforms. XEN also looked promising, but if I remember properly they don't work on any LIbreboot laptop and many Coreboot machines as they require non-free code for the CPU. QEMU-kvm may require non-free code as well. If I remember properly, Virtual box uses non-free code for GPU exceleration.
I've looked at others too, like GNOME (Linux) boxes and VMM (OpenBSD and UNIX-based OSes) but they only support a few platforms.
XEN also looked promising, but if I remember properly they don't work on any LIbreboot laptop and many Coreboot machines as they require non-free code for the CPU.
QEMU-kvm may require non-free code as well.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
```suggestion
<li>Use one that is <a href="https://www.wikipedia.org/wiki/Free_software">free software</a> like QEMU.</li>
```
|
||||
<li>Stay wary of KVM as it can be a security risk (accesses kernel).</li>
|
||||
|
Citation needed? Citation needed?
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
KVM's in general widen your attack surface. For more info just look up the micro vs monolithic kernel debate. KVM's in general widen your attack surface.
For more info just look up the micro vs monolithic kernel debate.
Gives you plenty of information and instances.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
||||
<li>Choose one with managable settings like shared clipboard.</li>
|
||||
|
Is shared clipboard a secure setting? What if untrusted application from the VM copies a malicious script to your clipboard and you accidentally paste it to your root terminal or it includes Is shared clipboard a secure setting? What if untrusted application from the VM copies a malicious script to your clipboard and you accidentally paste it to your root terminal or it includes `sudo` while your sudo cooke is still in force? What do you mean with manageable settings here?
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
It is handy, but it generally should be turned off.
I mean that you (the user) should be able to control it. Not sure what edit your recommending (if any) :) > Is shared clipboard a secure setting?
It is handy, but it generally should be turned off.
> manageable settings
I mean that you (the user) should be able to control it.
__________
Not sure what edit your recommending (if any) :)
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
```suggestion
<li>Choose one with manageable settings like shared clipboard.</li>
```
|
||||
</ul>
|
||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
||||
</li>
|
||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
||||
|
||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
||||
<li><strong>Choosing an OS.</strong>
|
||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
```suggestion
<li><strong>Choosing an operating system</strong>
```
|
||||
<ul>
|
||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
||||
<li>View our <a href="https://www.privacytools.io/operating-systems/">OS section</a> for information on OSes that respect your privacy.</li>
|
||||
|
I wonder if this should directly tell hardware users to use Qubes and for VMs to pick Tails and then mention our OS section for other options? I wonder if this should directly tell hardware users to use Qubes and for VMs to pick Tails and then mention our OS section for other options?
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
Tails is proprietary, not generally a good OS for stuff like this (uses Debian
Qubes OS is iffy, it doesn't support most privacy focused hardware (Libreboot). It has non-free dependencies: https://github.com/QubesOS/qubes-issues/issues/5163 Tails is proprietary, not generally a good OS for stuff like this (uses Debian `non-free`).
- Whonix might be a good choice.
Qubes OS is iffy, it doesn't support most privacy focused hardware (Libreboot). It has non-free dependencies: https://github.com/QubesOS/qubes-issues/issues/5163
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
||||
</ul>
|
||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
||||
</li>
|
||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
||||
|
||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
||||
</ol>
|
||||
|
I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse. I am not sure if this is so useful link, it's possible to break out into vulnerable virtual machine, so it's important to keep it up-to-date and it's also easier to do the reverse.
If this is the general consensus, I'll remove it. If this is the general consensus, I'll remove it.
|
||||
1
assets/img/layout/cubes-solid.svg
Normal file
@ -0,0 +1 @@
|
||||
<svg aria-hidden="true" focusable="false" data-prefix="fas" data-icon="cubes" class="svg-inline--fa fa-cubes fa-w-16" role="img" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path fill="currentColor" d="M488.6 250.2L392 214V105.5c0-15-9.3-28.4-23.4-33.7l-100-37.5c-8.1-3.1-17.1-3.1-25.3 0l-100 37.5c-14.1 5.3-23.4 18.7-23.4 33.7V214l-96.6 36.2C9.3 255.5 0 268.9 0 283.9V394c0 13.6 7.7 26.1 19.9 32.2l100 50c10.1 5.1 22.1 5.1 32.2 0l103.9-52 103.9 52c10.1 5.1 22.1 5.1 32.2 0l100-50c12.2-6.1 19.9-18.6 19.9-32.2V283.9c0-15-9.3-28.4-23.4-33.7zM358 214.8l-85 31.9v-68.2l85-37v73.3zM154 104.1l102-38.2 102 38.2v.6l-102 41.4-102-41.4v-.6zm84 291.1l-85 42.5v-79.1l85-38.8v75.4zm0-112l-102 41.4-102-41.4v-.6l102-38.2 102 38.2v.6zm240 112l-85 42.5v-79.1l85-38.8v75.4zm0-112l-102 41.4-102-41.4v-.6l102-38.2 102 38.2v.6z"></path></svg>
|
||||
|
After Width: | Height: | Size: 837 B |
1
assets/img/layout/desktop-solid.png
Normal file
@ -0,0 +1 @@
|
||||
<svg aria-hidden="true" focusable="false" data-prefix="fas" data-icon="desktop" class="svg-inline--fa fa-desktop fa-w-18" role="img" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 576 512"><path fill="currentColor" d="M528 0H48C21.5 0 0 21.5 0 48v320c0 26.5 21.5 48 48 48h192l-16 48h-72c-13.3 0-24 10.7-24 24s10.7 24 24 24h272c13.3 0 24-10.7 24-24s-10.7-24-24-24h-72l-16-48h192c26.5 0 48-21.5 48-48V48c0-26.5-21.5-48-48-48zm-16 352H64V64h448v288z"></path></svg>
|
||||
|
After Width: | Height: | Size: 462 B |
1
assets/img/layout/desktop-solid.svg
Normal file
@ -0,0 +1 @@
|
||||
<svg aria-hidden="true" focusable="false" data-prefix="fas" data-icon="desktop" class="svg-inline--fa fa-desktop fa-w-18" role="img" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 576 512"><path fill="currentColor" d="M528 0H48C21.5 0 0 21.5 0 48v320c0 26.5 21.5 48 48 48h192l-16 48h-72c-13.3 0-24 10.7-24 24s10.7 24 24 24h272c13.3 0 24-10.7 24-24s-10.7-24-24-24h-72l-16-48h192c26.5 0 48-21.5 48-48V48c0-26.5-21.5-48-48-48zm-16 352H64V64h448v288z"></path></svg>
|
||||
|
After Width: | Height: | Size: 462 B |
8
pages/vm.html
Normal file
@ -0,0 +1,8 @@
|
||||
---
|
||||
layout: page
|
||||
permalink: /vm/
|
||||
title: "Virtual Machine"
|
||||
```suggestion
title: "Virtual Machines"
```
|
||||
description: "Use a VM for insecure applications"
|
||||
```suggestion
description: "Use a VM for isolating insecure applications."
```
|
||||
---
|
||||
|
||||
{% include sections/vm.html %}
|
||||
I think you might want to take a different icon here.
I thought it was Wikipedia which is generall licensed under CC.
However, I cannot refind it.
You may want to purge it before merging.
I'll try to add a new logo. How do I edit the color? All I get is this hot pink. XD
Edit: Super cool tool BTW. Thanks for sharing!
As for the nav, I'm thinking cubes:
https://fontawesome.com/icons/cubes?style=solid
As cubes has now become a method to explain isolation.
How do I add images to nav?
The
<i class="fas fa-phone fa-fw"></i>is the icon, which you would want to change to<i class="fas fa-cubes fa-fw"></i>