The only safe way to run windows is on top of Parallels or other VMs

Discussion in 'Parallels Desktop for Mac' started by rinconj, Oct 8, 2006.

  1. rinconj

    rinconj

    Messages:
    37
    I have a company XP VM with the latest Viruscan and security agent installed, so I thought it would be safe to install a new video codec that the Viruscan said is clean. Surprise surprise that I woke up this morning to find lots of windows with naked women in them and the security agent said that windows was infected with a virus.

    Since I always clone my XP VMS whenever I install something new. I simply deleted that infected VM and go back to the one right before it was infected.


    Another lesson learned and it reconfirms my belief that windows can't possibly be safe if you install anything you're not 100% certain it's safe, even if all the viruscan software say it's clean.
     
  2. BenInBlack

    BenInBlack

    Messages:
    372
    Just a small comment, this is not the fault of Windows, it is the fault of the Virus Scanner.
    Windows can be safe.
    I have found that if you use the big name Virus Scanners, they have been sued by a bunch of the spyware/malware companies, so they are gun shy and let lots of things thru that you and I would consider needing blocked.

    I have found in my experience of working with, supporting and selling PC's. that the free AVG virus scanner from grissoft is the best out there. Of course remember, when they get big enuf to be sued, then I will have to find another.
     
  3. MarkHolbrook

    MarkHolbrook

    Messages:
    350
    I agree pretty much with Ben... Windows can be safe... For example if you don't do a darned thing like enabling any networking, filesharing, shared drives or use internet explorer or Outlook both express and pro then it can be very safe.

    We run medical devices on Embedded XP and they run for months without a single problem.

    The issue is what I consider to be one of numbers. The world is LOADED with Windows PCs and behind many of them are some very bright but misguided and bored programmers that just need to prove themselves... Hence virus and worms abound.

    Mac OS X is not as heavily targeted and probably the same goes for linux although it's low cost and easy availability make it a cool target for these folks.

    The ability to copy/backup VMs is one of the major reasons I love this solution over something like bootcamp. True my 20gb Windows VM takes a bout 7 minutes to copy but that is well worth it. Like above I copy my VM before doing ANYTHING new either in Mac OS X or in Windows. That way I can restore and be "back in time" to the point before bad stuff happened.

    I also have been cloning my entire MBP disk before any and all major upgrades. Did this before 10.4.8. I did it before installing the latest build of Parallels. It just gives me something to fall back on.

    M
     
  4. BlueSkyISdotCOM

    BlueSkyISdotCOM Bit Poster

    Messages:
    68
    Not only is OS X less targeted, it is also less vulnerable.
     
  5. constant

    constant

    Messages:
    1,010
    Actually, share holders are to blame. They want their company's systems protected at any cost. The company execs not being silly, realise that the people who write viruses, are the best people to protect them from the viruses. Programmers not being silly either, do it for notoriety, to gain these very highly paid possitions. Remember, the share holders want protection at any cost. Plus it is just so easy to propogate viruses on win32 machines.

    The biggest deterent to virus writers on both these OS's is the extreme difficulty to propogate. The system provides installed programs with an access code. So virus writers have to "trick" people into doing an install, or crack the code of an already installed program.

    After all that, this is still very good advise.
    .
     
  6. Scott Willsey

    Scott Willsey

    Messages:
    174
    Yes, as you and constant point out, the "security through obscurity" myth is just that, witnessed by the experience of linux users in particular. Sure, Windows has a much huger market share, but a secure OS is secure regardless. The unix based OSes have thus far proven to be more secure in general, and windows has in general proven to be a gaping security hole.

    I ran windows for years with no problems but I'm also not a typical user. The thought of what's on my mom's computer, for example, makes me cringe. Windows is not family friendly.
     
  7. joem

    joem

    Messages:
    1,247
    This is news to me. Can you point me to an explanation of how this works? What is this access code? How does a program get one? From where? What does it do?

    I've been developing software for a few decades, and haven't seen anything like this described anywhere yet. What am I missing?
     
  8. BenInBlack

    BenInBlack

    Messages:
    372
    I'm pretty sure what Constant meant was that when you install a program locally it is assumed by the os, (Win that is) should be granted the access level of the installer. So on Mac they have to trick you into thinking good software so you will enter the password to let it install.
     
  9. constant

    constant

    Messages:
    1,010
    .
    Linux has many different levels of security. The kernel is protected from user processes; a user can only affect his own processes; and user processes are protected from each other. This security model requires that you must specifically allow users and processes to interact, otherwise there is no avenue for interaction and thus no avenue for attack.
    .
     
  10. joem

    joem

    Messages:
    1,247
    Windows has similar capability. Perhaps the primary difference is that the Windows default is open and the mac / Unix default is more closed. Vista is purported to change that model.

    Even on the Mac, any application you install is executable by anyone. In Windows, if it's set up according to best practices, users cannot install applications without an administrator password.

    I think the Apple default of requiring admin permission even from an admin account is better, but Windows can be set up the same way if one wishes.

    In any case, running untrusted software in a Parallels sandbox is considerably safer than running it on a system you don't want trashed.
     
  11. BenInBlack

    BenInBlack

    Messages:
    372
    Yes, Vista has changed to this new closed model, I have seen it first hand in Vista.

    But as Constant said the issue still is knowing when to accept and when not to accept software installation. You could have the best locked down system and then install something that has a hidden payload and your toast.

    The certificate system is not working out very well because you have legitamate good software makers that find it more trouble to go thru all the red tape just to get acknowledged by what ever certifying agency thats is out there.

    There have been attempts to create don't use lists, but they have been sued out of existance.

    XP attempted to do a snap-shot of the OS periodically, but the flaw in that systems is it is automated, so since it was automated, malware could automate itself into hiding themselves in those snap-shots away from Virus Scan and Spyware Scans.

    Word of mouth and training seems to be the only methods that the malware writers have not been able to defeat. So open forums, where you can say "hey this software tanked me" are really our only defense. But even now this is under attack, there is a fight in congress right now on free internet goto http://www.askaninja.com for a link to this fight. (oh and this guy is hillarious ;-)

    I have found that http://www.grc.com has been a good source for keeping word flowing. you can use their free shieldsup scan to help you lock down any open ports.

    And as Scott says, I cringe when i think of my parents systems and those who dont have the time to stay informed.

    So good luck and make backups :)
     

Share This Page