i would like to know if this installation is foolproof against malware/rootkit/trojan…
here is the installation
on a usb stick that have 2 partition (1 encrypted and hidden and 1 clear)
i install Debian/Gentoo liveusb on the clear partition
on the encrypted partition i install whonix
whonix will be used with virtualbox
the internal hdd and wifi module will be physically removed so that only the virtual machine with whonix will be able to use an external usb wifi module and not the host machine
so even if a malware can manage get out the virtualbox he wouldn’t be able to communicate with the outside since there is no wifi available on the host system
the usb stick have a physical write protection lock so there is no way a malware can write anything on it
but i still have a few questions
1)if a malware get out of the virtualbox can he manage to infect the bios ? if yes what can i do about it ?
2)If a malware get out of the virtuabox is there a way he can communicate with the outside even when the host have no connexion to the internet ?
3)now let’s say my bios is already infected with this configuration can a malware do harm ? i think not since bios malware still need to connect to the “command and control” which will be impossible since the host has no connexion, only the virtualbox
is there a way to protect yourself against virtualbox exploit?