Yes, it’s still true: a VM doesn’t get you any additional privacy from your ISP.
I do need to clarify exactly what “everything you do” means. I’ll also revisit what you need to do to avoid ISP monitoring. Hint: a VM isn’t the solution, but might be a convenient part.
Become a Patron of Ask Leo! and go ad-free!
To refresh: a virtual machine, commonly referred to as a “VM”, is software you run on one machine in which you create a simulated environment of another.
The best way to conceptualize that is with a picture. Here’s a snapshot of my Mac Pro’s desktop.
You’ll see that in addition to the Mac “Dock” (an equivalent to the Windows taskbar) across the bottom, and Chrome — the browser in which I’m writing this article — there are three additional windows, each running what looks like a completely different operating system:
- In the upper left is Windows 10
- In the lower left is Windows 7
- In the upper right is Debian Linux
Each of these systems believes it’s running on dedicated hardware, but in fact is running in a software simulation of a PC. As you can see, it’s possible to run several such simulations simultaneously with different operating systems in each.1
What your ISP doesn’t see
Your ISP only sees the connections your computer makes to the internet. That means it has no concept of what software is making those connections, outside of anything those connections imply.
So when my browser makes a connection to askleo.com, my ISP can see it, regardless of whether I do it in the native browser — Chrome, in the example above — or in a browser within one of the virtual machines. My ISP just sees there’s a connection being made to askleo.com by some machine at my IP address.
This is very similar to what happens if you have more than one physical computer: your ISP cannot generally tell which is making the connection. The rule of thumb is that virtual machines behave just as if you had multiple, different, real computers.
What your ISP might see
I said your ISP has no idea what software you’re running outside of what the connections you make imply. For example:
- If you connect to askleo.com, your ISP can tell you’re probably running a web browser.
- If your connection is unencrypted, and your browser includes information that says “Hi! I’m Google Chrome” as part of the conversation, your ISP might see that.
- In fact, any information in an unencrypted connection could be seen by your ISP and used to infer what software you’re running to create that connection, and what that connection is used for.
More interestingly, though, it’s the services we connect to that expose some of what you’re doing.
- If you connect to a file-sharing service, your ISP can infer you’re running file-sharing software. However, if the connection is encrypted (as most are), your ISP can’t see what files are being shared.2
- If you connect to a VPN (virtual private network) service, your ISP can see that you’ve done so, but cannot see beyond that.
- If you connect to a TOR (The Onion Router) anonymization server, your ISP can see that you’ve done so, but cannot see beyond that.
But it doesn’t matter where those connections originate on your machine: from the programs you run directly, or from programs run within a VM; to the ISP, they all just look like connections and data transferring to and from your internet connection.
The best hiding you can hope for
If you don’t trust your ISP, things get difficult.
Honestly, the best privacy solution is to use a VPN. As long as it’s correctly configured, your ISP will still see that you are using a VPN, but they are not able to see what sites or services you are connecting to, or what data you’re exchanging with those sites.
The next level would be to run a dedicated TOR browsing session. It’s slower, and it’s easy to leak information if you’re not careful, but it can be done. (TOR focuses more on end-to-end privacy and traceability than a VPN, whose primary job is to protect your connection to the internet from eavesdropping.)
Finally, one approach that might be convenient, if you’re so inclined, is to set up a virtual machine that uses one of these technologies. That’s nothing more than a convenience, though, and doesn’t increase your privacy. All it does is make it easier to run a virtual machine that’s pre-configured with your favorite VPN or TOR — exactly as if it were a different always-ready physical machine at your location.
If you found this article helpful, I'm sure you'll also love Confident Computing! My weekly email newsletter is full of articles that help you solve problems, stay safe, and give you more confidence with technology. Subscribe now and I'll see you there soon,