After spending time researching and figuring out how to pass through a device on KVM Whonix I have come to learn that this can be dangerous.
Device Passthrough is on the list of things not to do but is necessary for some. I want to compare this to Tails and hear what someone more experienced has to say.
On Tails mounting removable media is native and does not require extra configuration. Simply plug in the device and mount it. Is there a difference in security implications to this and to passing it through on a Virtual Machine? *
Can the device mounted on the VM place malware on the host even if it is never mounted there or does it remain isolated in the VM? *
Info: on Tails the media would be removed before booting back to the main OS, on Whonix it would never be accessed on the Host.
Potentially a privilege escalation exploit could be used to access the internal drives on the Host or in this case other OS on Tails. In Whonix, could malware with or without root privileges access the host because of the Device Passthrough or only that device? *
Would malware created for the general population be an issue with Device Passthrough, or only targeted malware for Whonix or VM users? *
In short is Device Passthrough more harmful than mounting a device on Tails.
If I have said something that does not apply please tell me so.