Virtualbox effective isolation

Hiberts · 2016-01-31 16:07:59 UTC

Hi,
I have this question, how much is it safe to use virtualbox with isolation in mind ?
In my situation, I have to trust in Virtualbox for good isolation from my MAC and Serials, am I protected ? Up to where ?

I saw KVM like alternative, but I don’t know how much it’s complicated or if it’s safer .

Ego · 2016-01-31 16:20:10 UTC

Good day,

both the MAC adress and your serial number should be kept away from the guest OS, simply by the design of VBox.

KVM is (in my opinion) actually easier to use. The advantages here are not so much security based though, but rather speed and licensing wise.

Have a nice day,

Ego

Hiberts · 2016-01-31 17:41:25 UTC

What’s problem about licensing ? My interest is only for security .
However, I should read the documentation here, i just asked here because the documentation is very long .
Thanks for the answer .

Ego · 2016-01-31 17:49:14 UTC

Good day,

well, projects like Whonix heavily relie on licenses like GPL 2.0, which allows a modification of code for anyone, including improving security aspects. VBox doesn’t complie to these standards in some aspects.

If you really want to get the most security though, Qubes can’t be beaten: https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers

Have a nice day,

Ego

Hiberts · 2016-01-31 17:57:19 UTC

I saw QubeOS, but I don’t know if my laptop is sufficient for this OS …
I have an I7 processor and a good HDD USB3, it’s enough ? I red people about 32 GB of Ram, are they crazy ?

Ego · 2016-01-31 18:01:10 UTC

Good day,

4GB of RAM should suffice. Of course, the old rule applies, the more VMs you run, the more you’ll need, though 4GB usually gets you about 4 VMs in Qubes at least.

Have a nice day,

Ego

Hiberts · 2016-01-31 18:04:44 UTC

Yeah the Ram it doesn’t seem a problem, but the CPU ? However I will try QubeOS, but KVM is another thing ?

Hiberts · 2016-01-31 18:08:30 UTC

I’ve another question, QubeOS is based on Xen and Fedora, is it so different from Debian OS ?

Ego · 2016-01-31 18:13:44 UTC

Good day,

the CPU shouldn’t be limiting either.

KVM is a different solution, which may be used on any Linux, like Debian or Fedora.

Yes, Qubes is based on Fedora and XEN as the virtualizer. XEN is rather similar to KVM, though Qubes improves upon it in a multitude of ways, like isolating network cards from the rest of the host, not just the guests.

Have a nice day,

Ego

Hiberts · 2016-01-31 18:28:16 UTC

Mmm, the problem I think is Fedora, new OS, yes it’s based on Linux but … The security it’s an heavy world , always new technologies .

Ego · 2016-01-31 19:02:50 UTC

Good day,

Not sure what you mean. The first version of Fedora was released in 2003, so calling it new really is an understatement by a huge margin. Furthermore, security is one of the things Fedora does better than anyone else, because with Redhat, they have a company focused on improving this aspect more than any other.

Have a nice day,

Ego

Hiberts · 2016-01-31 21:40:55 UTC

Nothing special, I mean that I know Debian but not Fedora, I hope the mitigation will be funny .