8

Can using a VM help to protect my passwords or other data?

I'm asking this because I'm using a PC that others have access to, so there is possibly of some malware. I don't want to login to my web accounts, assuming malware can "steal" passwords, packets, etc. So, I wonder whether using a VM for accessing web accounts makes more sense.

An additional question: does a VM help web anonymity? I'm guessing the server will still see the host's address, right?

I don't know much about how stuff like TCP/IP works, so please inform me if my assumptions are wrong. I think VM's are usually used the other way, i.e. doing the "dangerous" stuff in VM, to keep the host clean. But in my case, I do not have an option not to share the host, so I wonder what can I do to make it safer.

schroeder
  • 123,438
  • 55
  • 284
  • 319
jeff
  • 191
  • 5
  • Are you concerned about having data stored on the disk stolen by other users? – Neil Smithline Oct 24 '15 at 21:50
  • Do the other users have admin access to the computer? Can someone open the case if they want to? – Neil Smithline Oct 24 '15 at 21:52
  • @NeilSmithline Yes to your 1st question. Also yes to the second one, there are multiple admin accounts running on Windows 7. For opening the case, I don't think so, the PC is in a public area, but not impossible too :D I wonder what can they do with opening the case though? – jeff Oct 24 '15 at 22:20
  • For example they could install a *hardware keylogger*, capable of intercepting whatever you write on the keyboard. That would defeat most available defenses, *including* the ones in my answer. – LSerni Oct 24 '15 at 22:31
  • I see. Wow, there is much to be done :) I'm not expecting such professional attacks but it might be possible that someone downloads some stuff from internet and infecting the computer by mistake. Or some student trying to have fun can install a keylogger or something. Thanks to all the answerers though, I learned a lot. – jeff Oct 24 '15 at 22:54
  • 1
    Possible duplicate of [How secure are virtual machines really? False sense of security?](http://security.stackexchange.com/questions/3056/how-secure-are-virtual-machines-really-false-sense-of-security) – Brad Werth Oct 25 '15 at 02:57

3 Answers3

9

The VM approach helps in that "what happens in the VM stays in the VM".

You would do your things in the VM and then reinstantiate it every time (there was, perhaps there still is, a Windows helper app called SteadyState that allowed a sort-of-VM to continuously be recreated while still being kept updated).

The essential thing is that the VM have no access except to the Web. Your personal documents, etc., would stay outside the VM. If you need to download a file, you would download it in a "shared folder" and then run a virus scan from the guest operating system once the VM is down.

This way, in theory, no virus or malware can infect the guest operating system unbeknownst to the user.

Your sequence of operation would be:

  • keep the "pristine" virtual machine somewhere (say C:/VM/Pristine).
  • copy the VM into C:/VM/Dirty
  • fire up Dirty and use it to your heart's content
  • copy any files you need from Dirty to C:/VM/SuspiciousFiles
  • power down Dirty
  • delete it. Any virus, malware, etc. is thereby destroyed.
  • virus-scan the contents of SuspiciousFiles

Occasionally, you would fire up Pristine, run Windows Update or zypper update or apt-get update or whatever, then power it down again, ready to be cloned into a new Dirty.

As for anonymity, your IP address would be still visible, but you could configure your VM to be a "stock" machine with all default options, in no way different from millions of others. Even frameworks such as Panopticlick would be hard pressed to reliably recognize it.

UPDATE: reverse protection

A similar level of isolation, but lower, exists between the outer machine and the VM (i.e. you want to use a clean VM on a possibly dirty machine). What happens is that a virus or malware in the outer machine has full access to the files constituting the virtual machine, but normally and as far as I know, it would be too complex for a malware to try to influence the virtual machine through the virtualization layer. Even so, protection against the hosting machine is less reliable, and the VM's very existence may be jeopardized (for example by some ransomware such as Cryptolocker, deciding to encrypt all large files in the hypothesis that they must be valuable).

In such cases it is best to employ a different approach, that of a portable machine on a bootable USB device. There are many such; this is one. The idea is that when you need to perform some sensitive operation, you reboot the machine and boot it from the USB device. The machine will restart (should restart, if the USB application is well built) with no connection to the outside except basic networking, and no knowledge it even has a hard disk. Everything you do will only exist on the USB which will then be put back in your pocket when you finish. There's still a remote risk of so-called bluepilling rootkits having rogue access to the USB while it's plugged in, but as far as I know it's (for now at least) more theoretical than realistic.

LSerni
  • 22,521
  • 4
  • 51
  • 60
  • portable machines sound like a nice solution. But it would probably be difficult, like I have choose the boot device from BIOS settings menu etc, right? So it might not work on some computers? And if it does, can it use the RAM, displays etc. of host? – jeff Oct 24 '15 at 22:58
  • Yes, they can use all of that, possibly not optimally (e.g. they won't be able to leverage the full acceleration of nVidia cards). But, yes, the host machine has to be reconfigured. Most modern machines have a "temporary boot settings" - on my Dell that's the F12 key. – LSerni Oct 24 '15 at 23:20
  • Like the bootable USB idea. – Neil Smithline Oct 25 '15 at 00:53
  • It's mentioned in the article you linked to, but please note, that Tails is automatically configured to use Tor. That's great for anonymity, but some *"sensitive operations"* (to use @iserni's words) might require connections to systems that block Tor traffic. Nonetheless, I carry a copy of Tails and a copy of Kali Linux with a VPN on it on USB drives in my bag :P – Spencer D Oct 25 '15 at 06:26
8

Can using a VM help to protect my passwords or other data?

I'm actually asking this because I'm using a PC that has access to others too, so there is possibly some malware. So I don't want to login to my web accounts, assuming some software can "steal" passwords, packets, etc. (right?) So I wonder whether using a VM for accessing web accounts make more sense.

Software on the host can see i/o from the VM.

An additional question: does a VM help web anonymity? I'm guessing the server > will still see the host's address, right?

The remote host will still see the host's IP address (unless your VM has a special network configuration.) It does hide other frivolous information about your system.

VM's are generally used to protect the host. Arguably, it's just a little bit more difficult for an attacker to extract data from a VM. It's not worth the inconvenience.

Ammar Bandukwala
  • 454
  • 2
  • 4
  • Ammar, thanks for your answer. So can we assume if there were a keylogger on the computer, then it will also see what I type into the VM? – jeff Oct 24 '15 at 22:22
  • No problem. Keyloggers may operate on many levels, although most will capture input to the VM. – Ammar Bandukwala Oct 24 '15 at 22:23
  • @halilpazarlama Right there ^^ is the answer to your question. A VM offers you no protection from malware on the host. – Carey Gregory Oct 25 '15 at 05:49
0

I think you meant to use a VM yourself to access web accounts, while other users have access to the host system. In this case, no.

You can't stop other users from installing keyloggers or programs taking screenshots in the host system, intended or carelessly being infected. It almost has the same effect as installing them in the VM. And you can't prevent other users from analyzing the VM image file, unless you delete it every time, which is no better than just using private browsing or whatever-named mode.

For the anonymity part, if you install the same operating system and the same browser in the VM, it's very likely not better than just using the private browsing mode. If you don't, it's still not different enough from just using another browser, or even just modifying configurations like the agent string.

user23013
  • 660
  • 5
  • 11