(( carmen )) said:I'm looking to install Virtual PC (XP Pro) on my window which is also XP
Pro.
If I was to get some spyware, malware, or a virus on the virtual pc, is
there a risk of that infection spreading to the primary OS?
I'm looking to install Virtual PC (XP Pro) on my window which is
also XP Pro.
If I was to get some spyware, malware, or a virus on the virtual pc,
is there a risk of that infection spreading to the primary OS?
(( carmen )) said:I'm looking to install Virtual PC (XP Pro) on my window which is
also XP Pro.
If I was to get some spyware, malware, or a virus on the virtual pc,
is there a risk of that infection spreading to the primary OS?
Thank you
VanguardLH said:(( carmen )) said:I'm looking to install Virtual PC (XP Pro) on my window which is also XP
Pro.
If I was to get some spyware, malware, or a virus on the virtual pc, is
there a risk of that infection spreading to the primary OS?
Thank you
***** Original post:
The vast majority of software will be isolated when installed in a VM.
However, software can always detect that it is running within a VM. I
attended a short seminar (4 hours) on this and was surprised at how
easy it is for any software to detect it is running within a VM. Some
VMs deliberately try to hide that it is a VM but more sophisticated
mechanisms can be used to determine if software is running within a
VM, like how many instructions cycles are executed in the processor
(more in a VM). If the malware knows it is in a VM, it could, for
example, decide to be quiescent under that environment. So you don't
know it has nasty effects because it remains dormant under a VM. Your
VM should contain all the normal anti-virus, anti-spyware,
anti-malware, and other security software that you would use in a
layered approach to detect pests. Then make sure to scan the trial
software with all your security software to provide some non-absolute
assurance that it doesn't contain a pest. Once you install the trial
software, make sure to change the date to some far distant time in the
future to see if it might trigger on a date (plus it is also a good
way to see if that so-called "free" version is actually a
time-expiring version that cripples or disables itself).
Virtual PC is handy but it lacks one important feature: the ability to
save a snapshot and return to it after trialing some software. You
can elect to discard all changes when the VM restarts but many
installs require an OS reboot so discarding those install changes
means you can't install the product. If you allow VPC to save the
changes then you alter your VM from its base or clean state and will
have to do the OS reinstall to get a clean copy. VMWare Server is
also free and includes a snapshot feature (but only 1 snapshot so you
might want to lock it after setting up your base VM to prevent your
accidental pollution of it). You could unlock the snapshot to apply
updates to Windows or your known good apps and then save another
snapshot (you would override the one you get in the free version) and
then lock that one to prevent accidental pollution. There is a way to
somewhat do the same in VPC: after creating your VM in whatever base
state you want to start with, copy the VM directory to a backup path.
Then you can delete the current VM directory and copy the backup back
to get back to that state. Of course, if you do system/data backups
of your host then you could just restore the VM's directory from your
backups. After all, if you don't backup your host then you have
deemed your files to be trivial or reproducible.
So do you actually have a 2nd license of Windows XP (either a full
version or an upgrade that is traceable to a full version that is NOT
is inuse) to install in a VM? Since you are running the operating
systems concurrently, and because you have to pay Microsoft to use a
legitimate copy of Windows, you must have a legit license for Windows
on which you run VPC or VMWare Server (i.e., the host OS) plus you
need to have a legit license for each instance of Windows that you
will be running in a VM (i.e., guest OS). This means you need at
least 1 additional license for Windows since to use VPC or VMWare
Server to run Windows in a VM means that guest OS is running
concurrently with your host OS. However, the Microsoft Police aren't
not of sufficient size and force to concern themself with someone who
is using a "blue" version of Windows in a VM which is used merely to
test new software, windows updates, or other very temporary usage. It
is not strictly adhering to their EULA but then few drive under the
speed limit on the highways, either.
Otherwise, rather than use a VM to test new software, you could
pollute your current production environment with the new software and
use something like ShadowSurfer to return the system back to its prior
state but that occurs after a reboot and, as I mentioned, many
installs require rebooting the OS which means the system state gets
restored and you lose the [partial] install. I used to use
ShadowSurfer but gave up on it because: (1) It used to be free but
isn't anymore (I still have the same 2.5 version but from when it was
free); and, (2) Restores the prior system state after a reboot which
interferes with installs that require a reboot. ShadowUser is its big
brother and was always commercialware. Considering the limitations of
ShadowSurfer, it is surprising that they think anyone would pay for
it. Microsoft has something very similar called SteadyState
(http://www.microsoft.com/protect/products/family/steadystate.mspx).
I gave up it very quickly because it was clumsy, poorly documented,
and I no longer have it in my download directory to look it up to know
its name (but then I already had the free version of ShadowSurfer that
did the same thing so I wasn't really motivated to find an alternate
free "partition virtualizer"
(http://wiki.castlecops.com/System_Partition_Virtualization_-_Comparison).
While using a VM as a guest OS helps isolate new software install in
it from polluting your host OS, you are basically letting your working
or production OS get polluted and hope that these products remember
all the changes and can back them all out. Under VMs, you get an very
restricted and antiquated set of emulated hardware. However, when
using partition virtualization (i.e., save state), you get to use the
full hardware capabilities of your host, like decent video and audio,
USB devices, installing drivers to support your [new] hardware, etc.
So with a VM, you get safety at the cost of getting stuck with old
[emulated] hardware, and with save-state you get to use all of your
current hardware's features but risk not being to [exactly] restore to
the prior state. So you could start with a VM to trial new software
in a guest OS, run all the security scans against it, and, if it is
okay there, then reinstall it in your host OS while under the
protection of save-state software to see if it behaves any differently
there. That is, you graduate out the unknown new software.
You might just go get an disk/partition imaging program and save an
image before testing new software. Then when you are done, restore
the image to return the system back to the same prior state. As
stated, some malware will quiesce when ran under a VM because they
know they would get caught there and probably would never get out to
your host OS. And how well-layered is your security software that you
also put in the VM will determine if it detects if the new software is
a pest - but some pests still get by all that security software, even
if you use HIPS. Since the PC is a *general* purpose machine, it can
never be made absolutely safe for any OS that is ran on it. Not many
PC users would want the OS to be in firmware for a single-purpose host
that cannot be burned while inside the host and requires removal to
use special equipment to alter its code. Users want to install
software, not buy and replace chips.
***** Update:
By the way, Virtual PC has its own newsgroup for you to ask questions
about it.
microsoft.public.virtualpc
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.