0

Can an expert please explain me which of following three methods working with an OS is technically considered more "secure" - and why (pros/cons)?

Security I mean aspects like: -preventing any malware to "swap" over to the other drives of the computer -web browsing -preventing traces of data from being read by the other OS drives of the computer

  1. Booting Linux from Live USB
  2. Dual-Booting - two OS systems on the same computer
  3. One Main OS on the computer, but using other OS via VirtualBox (or any other provider of virtual drives)

btw-can virtual drive software like virtualbox theoretically monitor everything you do? is it just our trust in the provider, or is there solid "evidence"?

Thanks.

johnsmiththelird
  • 483
  • 7
  • 16
  • 1
    Secure against what? Hardware is untrusted, or network, or user,application, site? – ThoriumBR May 08 '20 at 00:28
  • i clarified above @ThoriumBR – johnsmiththelird May 08 '20 at 00:35
  • You're using terminology strangely which suggests you may be confused about what VirtualBox actually provides. It's not "provider of virtual drives"/"virtual drive software" other than in the sense of the virtual drives presented to the complete virtual machine. – mlp May 08 '20 at 13:53

1 Answers1

1

The 3 scenarios are

1. Live USB 
2. Dual-Booting 
3. One Main OS on the computer + One Virtual OS

Live USB can be run with or without persistent storage. Let me suppose you refer to those with no persistent storage. The yes it is fairly safe.

Malware/viruses - only those that attaches to hardware - typically writes into your ROM.

Web browsing - Nothing much to say. All data wiped when reboot.

Dual Boot Systems security is as it is.

Malware/viruses - most types of viruses since the storage is persistent. Once it integrates into one of the running processes that is run on reboot you have an APT. Thus vulnerable to both software and hardware malwares.

Web browsing - Both OS will keep their records of your web browsing data probably depending on your Browser and its configuration.

Swapping over drives - This is possible if both drives are mounted. Since it is mounted then any process can access it irregardless of which OS you use. Unless you unmount according to which OS you boot on.

One Main OS on the computer + One Virtual OS is probably more secure than a dual boot.

Malware/viruses - only those that are capable of exploiting hypervisor vulnerabilities to allow interaction between the VM and its hosts. An example of such is Cloudburst created by Immunity Inc against Vmware. There exist but it is not as common since it takes quite a bit of technical knowledge to develop exploits of such. See hyperjacking

Web browsing - Likewise web browsing data probably stored depending on your Browser and its configuration.

Swapping over drives - Unlikely unless specified by the user. This is dependent on your configuration once again.

Back to Basics

The end of story is how much usability are you willing to give up for security.

Live USB and Virtual OS is definitely more secure but a great hassle.

Live USB with no persistent storage means you cannot store any of your data and softwares you need daily. Very secure but every time you log on you will need to reinstall all the softwares.

Virtual OS probably also relatively secure in the sense you can always wipe the virtualbox and reset as and when you find something is wrong. However since it still possess storage to softwares and their configuration it is still possible to attract software exploits within the VM. Its harm is USUALLY limited to the VM though as mentioned above.

Jackson
  • 151
  • 1
  • hi @jackson, thx excellent reply! Can you quickly link me to a useful source which describes how to adjust Virtualbox settings in order to prevent this big 0-day vulnerability? Or is that 0-day already patched by now? github.com/MorteNoir1/virtualbox_e1000_0day – johnsmiththelird May 08 '20 at 14:11
  • 1
    @johnsmiththelird that 0-day link you shared says its for version 5.2.20 and below. As of writing this, VirtualBox is now at version 6.1.6 – iraleigh May 08 '20 at 17:42
  • @johnsmiththelird If you like to see more bugs of such you can visit https://github.com/xairy/vmware-exploitation whom has nicely compiled a list of vmware related bugs. Interesting read if you are really interested in hyperjacking/vm-escape – Jackson May 08 '20 at 20:54