I have gotten to like Ubuntu even though I realize the learning curve is
going to be rather long. One of the things I do is help poor people acquire
computers and Ubuntu is perfect if all they need is an office program, internet
browsing and email .
I have started to learn wine but I think a VM might be a good idea as well.
I am limited to 4 gigs but I don’t game so speed is not that important.
My question is if I run XP PRO on a VM inside of my Linux box will I still
retain the advantage of virus resistance? And will I be able to save data on
the drive when using the VM. Also would using Win98 be just as well as some of
the older people I help have games that they are convinced will only run on 98
even when I show them the compatibility mode.
Yes and no.
Virtual machines, or VMs for short, are one of the coolest technologies I’ve
seen come along for some time. They’re still pretty geeky, but as you can tell
– I’m impressed.
Before relying on VMs for security purposes, though, we need to understand
exactly what they are, and of course, what they are not.
A virtual machine is, to put it simply, a program that you run on your computer that creates a simulation of a “machine within a machine”.
For example, I’ll run Windows 7, and within Windows 7 I’ll run a virtual machine that will start with it’s own virtual BIOS and boot (from a CD or an iso image or its own virtual hard disk) into a completely different operating system. Within that VM the operating system behaves as if it’s on its own dedicated computer, because that’s all it sees. It has no knowledge of the fact that it’s actually running within a VM.
I regularly run Windows XP, Windows Vista and even Ubuntu Linux within VMs.
It’s kind of like running those operating systems as if they were standalone programs themselves. Of course they are not; they assume that they’re installed on a computer, and that’s where virtualization comes in: it simulates a computer on which they can install and run.
When it comes to security, the best way to think about a VM is as if it were a separate physical machine. All the rules, techniques and cautions that you might apply to a separate physical machine apply to a virtual machine.
So, let’s say you’re running a Windows XP VM within a actual machine also running Windows XP. With the exception of networking, which I’ll speak to in a moment, any viral infection that happens on one installation will be limited to that one installation – just like separate physical machines. So if the VM gets an infection, the physical machine will not necessarily.
That fact VMs are isolated this way from their host machine and from other VMs is one of the biggest reasons security folks like them. You can do something “risky” in a VM without putting the actual host computer at as great a risk. If the VM becomes infected, you discard it.
But before we get to complacent with that scenario, we need to understand some of the ramifications.
As I said, a VM is best thought of as “just another physical machine”, so “discarding it” means discarding the VM and recreating it from scratch – i.e. the virtual equivalent of a reformat and reinstall. Fortunately, many VM tools provide the ability to “snapshot” or “clone” VMs, so that you can very easily perform the virtual equivalent of an image backup. Rather than reformat and reinstall, then, “discarding it” simply means reverting to that prior VM snapshot, clone or backup.
If you plan to use a VM long term, as in your scenario, running a Windows XP VM on an Ubuntu machine, then you need to treat it exactly as you would any other Windows XP installation. While your Ubuntu machine itself is protected two ways: by XP being isolated in a VM, and by Ubuntu being Ubuntu and not Windows, that Windows VM itself can most certainly become infected if normal security advice is not followed.
The only time it’s “kind of” OK not to follow that security advice is when a VM lives only a relatively short time – say you create a VM simply to test out some feature of the operating system, or install some test version of a program, after which you destroy the VM.
Now, I spoke of networking above; there are both security issues to be aware of and an answer to your second question as well: how do we share data between the VM and and host machine.
VMs are typically set up with networking enabled, and even some default network shares that make the host machine’s hard drive appear as a connected network drive and potentially vice versa. This makes sharing files between the host and VM simple: just use the appropriately connected drives.
But it also opens up another potential vulnerability: networking.
Your host and your VMs are networked. There’s no network cable, or even network hardware perhaps, but they are connected via Windows (or other OS) networking support. And that means that they may be vulnerable to network based threats from each other. And again, the best way to think of this is simply as if they were two physical computers connected to the same network.
Depending on how you use your machines and VMs, and the various operating systems involved, that means you may want to enable software firewalls as appropriate, and of course keep those Windows VMs up-to-date on their assorted updates that often correct network based vulnerabilities.
The important thing to realize is that even without a network, there’s a network.
And finally, sure – go ahead and throw Windows 98 in a VM. That’s another of the really nice aspects of virtual machine technologies – you don’t need to dedicate a machine to the various oddball scenarios you might come up with. Be it Windows 98, MS-DOS itself, or any of a number of other PC-compatible operating systems, virtual machines allow you to install and run them fairly easily.