[ale] what happens to vm if host reboots

Phil Turmel philip at turmel.org
Mon Feb 18 11:51:09 EST 2013


Trimmed/more comments inline:

On 02/16/2013 10:46 PM, Ron Frazier (ALE) wrote:

> So, ALE people are not normal humans.  8-) No one ever accused the 
> group of being the Friendly Atlanta Linux Enthusiasts.  8-)

No, we aren't normal.  Oh well.

> It has bearing on my motives to run Windows.  It also has bearing on 
> the fact that, until about 2006, there were no really viable Linux 
> Desktop alternatives, in my opinion.

I beg to differ.  KDE has been a superset of Windows
functionality since the early v3 days.  KDE v3 was the Red Hat standard
for a while (circa 2004) due to its easy adoption by Windows users.

I think you are conflating graphics driver support and desktop
environments.  Graphics card selection has been a serious issue until
the widespread introduction of Kernel Modesetting a couple years ago.

Prior to that, a pleasant experience with the Linux Desktop depended on
a bit of product research before buying hardware.  Not a problem with
the desktop environments themselves.

>>> The fact is, Windows 7 does 100% of what I want a PC to do,
>>> since everything out there is designed to be compatible with it.
>>> My Linux situation is in flux, since I'm in the process of
>>> firing Ubuntu and moving to Mint.  Yes, I know it's Ubuntu under
>>> the covers.  Anyway, my experience with Ubuntu 11.04 and with
>>> the Mint Live DVD's indicates that Linux does about 85% - 90% of
>>> what I want a PC to do.
>> 
>> But you admit below that security concerns are bothering you--so 
>> Windows is *not* doing 100% of what you want.  You are separating 
>> "security" from the tasks you are using the PC to accomplish.  In 
>> my opinion, if the task isn't being conducted securely, it cannot 
>> be considered 100% satisfactory.
> 
> Everything I do is as secure as it can be under the circumstances. 
> Whether I'm running Linux or Windows, I keep the OS patched.  I run
> a software firewall.  And, I'm sitting behind 2 hardware firewalls.
> If I'm in public, I'm running a VPN.  My main security concerns do
> not relate to the fact that I'm running Windows, and, in fact, I
> would have most of the same concerns if running Linux.  Let's
> compare. Almost every primary attack vector nowdays is related to
> things you potentially invite into the computer via the web browser
> or email or a website or a document.  The attacks that can
> spontaneously penetrate a firewalled and patched computer remotely
> without some invitation in the door are more rare now.

Again, I beg to differ.  You hear the the term "zero-day" exploits
because they successfully attack *fully-patched* computers.  What
happens after that depends on the system's natural structure of
privilege separation, and the opportunities for privilege escalation.

In Linux, if your browser, browser plug-in, email client, or any other
user application are compromised under normal use, your exposure is
generally confined to your home directory and any thumb drives or
similar unsecured storage you may have plugged in.  On Windows, not so much.

Although there have been privilege escalation attacks on Linux, they
have always been tailored to specific kernel releases in specific
distributions.  Unlike Windows, which has millions upon millions of
*identical* OS kernels scattered around the world, Linux has numerous
unique distributions, with unique kernel patches and configurations,
compiled by numerous versions of GCC.  Even confined to the most popular
binary distros, targeting the Linux kernel is absurdly difficult.

If you are even slightly adventurous, you can compile your own kernel,
tailored to your hardware and usage, making your install impervious to
generic kernel attacks.

> As I quickly learned at a DC404 meeting today, I will stipulate that 
> if the cracker has physical access to your PC, you're toast.  So, 
> let's assume he doesn't have that access.

Granted.

> Concern 1: Java - Applies to Windows and Linux. Windows Solution: 
> Deinstall it, although I'm considering running a VM just for a
> couple of things that have to have it. Linux Solution: Haven't
> figured out how to deinstall it.  Control it best I can with
> NoScript. Winner: Windows

Your lack of knowledge how to uninstall Java on your Linux distro hardly
makes Windows a winner here.  And on either platform, you can simply
disable the Java Plugin.

> Concern 2: Javascript - Applies to Windows and Linux. Windows 
> Solution: Control with NoScript - except sites that have to have it, 
> like the bank. Linux Solution: Control with NoScript. Winner: Tie

Once you factor in relative protection against privilege escalation,
there's no contest.

> Concern 3: Malicious Flash - Applies to Windows and Linux. Windows 
> Solution: Keep flash up to date.  Selectively trust sites with 
> NoScript. Linux Solution: Keep flash up to date.  Selectively trust 
> sites with NoScript. Not using flash is not a very viable option, 
> since too many sites depend on it. Winner: Tie

Again, not a tie once you factor in privilege escalation hazards.

> Concern 4: Malicious PDF - Applies to Windows and Linux. Windows 
> Solution: Keep reader up to date.  Disable java in reader and enable 
> enhanced security and protected mode.  Possibly switch to alternate 
> reader. Linux Solution: Keep reader up to date.  Disable java in 
> reader and enable enhanced security and protected mode.  Possibly 
> switch to alternate reader. Winner: Tie

Many distros, Ubuntu included, don't even install Acrobat Reader by
default.  KDE distros use Okular by default.  So the flaw is not exposed
at all in Linux, unless you choose to add Adobe's product.

> Concern 5: Malicious DOC - Applies to Windows and Linux. Windows 
> Solution: Disable Java and Visual Basic in LibreOffice.  Set Macro 
> Security to high. Linux Solution: Disable Java and Visual Basic in 
> LibreOffice.  Set Macro Security to high. Winner: Tie

The malicious DOCs I've encountered and read about have all used
ActiveX/COM objects to gain access to low level system calls.  Such
objects won't run at all in Linux, regardless of your script settings.

> Concern 6: Malicious HTML, HTML5 - Applies to Windows and Linux. 
> Windows Solution: Keep Firefox up to date.  Control with NoScript. 
> Linux Solution: Keep Firefox up to date.  Control with NoScript. 
> Winner: Tie

Uhm, privilege escalation?  Not a tie.

> Concern 7: Inserting a contaminated USB, CD, DVD - Applies to
> Windows and Linux. Windows Solution: Tell PC not to ever do anything 
> automatically when media is inserted.  Be very careful about what 
> media you insert. Linux Solution: Tell PC not to ever do anything 
> automatically when media is inserted.  Be very careful about what 
> media you insert. Winner: Tie

No version of Linux has autorun enabled by default.  And if your copy of
linux lets you run any *.exe file therein, it will do it with Wine,
which confines all of that app's OS infection attempts to your home
directory.

> Concern 8: Clicking links in email acts as a vector for nasties. - 
> Applies to Windows and Linux Windows Solution: Verify trustworthy 
> source before clicking links in email.  Verify the destination of
> the link.  Be very reluctant to click such things.  Don't click 
> executables.  Turn off automation in email client. Linux Solution: 
> Verify trustworthy source before clicking links in email.  Verify
> the destination of the link.  Be very reluctant to click such
> things. Don't click executables.  Turn off automation in email
> client. Winner: Tie

You keep claiming ties for good computing habits, which if broken
supposedly cause the same grief on both platforms.  It is simply not true.

> Concern 9: Playing malicious media files. - Applies to Windows and 
> Linux. Windows Solution: Be very particular about where you get your 
> LEGAL and reputable media files. Linux Solution: Be very particular 
> about where you get your LEGAL and reputable media files. Winner: 
> Tie

And again.

> Concern 10: Executable viruses - Could apply to Windows or Linux,
> but I will admit they are far more pervasive on Windows. Windows 
> Solution: Don't do things that let questionable EXE's in the system. 
> Have batch virus scanners and real time virus scanners.  Keep the 
> system updated and the virus scanner updated.  Windows virus
> scanners are much more sophisticated than Linux ones. Linux Solution:
> Don't do things that let questionable EXE's in the system.  Have
> batch virus scanners and real time virus scanners.  Keep the system
> updated and the virus scanner updated.  Linux virus scanners are much
> less sophisticated than Windows ones.  It is PROBABLE that, if a
> virus is encountered, that it was designed for Windows; and it is
> POSSIBLE, but far from guaranteed, that it will not run on Linux.
> Linux is not immune to viruses.  No OS is.  As it becomes more
> popular, it will become a much bigger target. Winner: Linux

The linux virus scanners are scanning for *windows* virii because there
isn't anything to scan for that targets Linux.  Their purpose is to
allow Linux file servers to interact with Windows machines with
transferring virii to them.  The Linux machines are not at risk
themselves from those virus payloads.

> Concern 11: Patches to the system are not kept up to date, or 
> components are not kept up to date. - Applies to Windows and Linux. 
> Windows Solution: Patch Windows and system components every month 
> minimally, or every week preferably, or whenever a critical patch is 
> released. Linux Solution: Patch Linux and system components every 
> month minimally, or every week preferably, or whenever a critical 
> patch is released.  Because, in most cases, all system applications 
> are updated automatically, patching is easier in Linux.  This is a 
> mixed bag of pros and cons.  I've had patches break things 
> automatically on a few occasions.  That can happen on Windows too. 
> Sometimes, for example, waiting on the Firefox updates from the 
> Ubuntu repositories, you don't get the latest stuff for quite a 
> while.  In my experience, Linux patches occur with equal volume and 
> more frequency than Windows.   Installing patches every day, should
> I choose to do so, can be quite a bother. Winner: Linux

You missed a key item here:  Linux software repositories combine OS and
utility software and thousands of user apps into a unified update
mechanism.  Any app you install via your distros app manager will be
kept up to date with little user effort (if any).  In windows, each
application is responsible for notifying the user of updates, if it does
so at all.

*Huge* win for Linux.

> Concern 12: Need a software firewall.  Need a VPN if in public.  - 
> Applies to Windows or Linux. Windows Solution: Configure and
> activate the Windows Firewall.  Configuration is much easier on
> Windows. Linux Solution: Configure and activate a Linux Firewall.
> Example: use FireStarter to configure iptables. Winner: Tie

As has been explained elsewhere, Windows can't be trusted to actually
close all the ports and APIs that it claims to when using any software
firewall.  Linux does, and the code that does it is open to public
inspection to verify it does.

> As you can see, all 12 concerns I have related to security are 
> applicable to both Windows and Linux.  I feel slightly safer with 
> Linux, but only slightly.  I have slightly less work to do to be
> safe under Linux, but only slightly.

I think you have rationalized away the hazards due to a desire to
minimized your personal hassles.

> I am about as safe running Windows, the way I do so, as I would be 
> running Linux.  In order to use safety as a justification for 
> switching everything I do primarily to Linux, the benefits must 
> outweigh the hassles of doing so.  At this moment, they do not.

Cost-benefit analyses are absolutely appropriate, and there's no
question that Linux has its hassles.  But I don't believe you have
properly assessed the hazards of using Windows, and you seem to be
ignorant of core architectural security advantages of Linux.

>> As for hardware drivers, I think Linux has far surpassed all other
>>  platforms.  There are a few holdouts, like Nvidia, but the vast 
>> majority of new devices in this world get linux support 
>> first--especially anything from Intel with server applications.
>> 
> 
> Here's the deal.  As a consumer, I'm not too radically different
> from most.  I go into Fry's, Best Buy, Target, whatever.  I find a 
> printer, a scanner, a video card, a router, etc. that has the 
> features I like.  I read the box.  If it works with Linux AND it has 
> the features and the value that I want, I buy it.  If it doesn't 
> mention Linux AND it has the features and the value that I want, I 
> may buy it anyway and just reconcile myself to use it on Windows.
> If Linux wants to be a contender for the masses, which proponents say
> it does, it needs to be compatible in the box at the place where I'm 
> shopping.  I shouldn't have to go hunting for special gadgets so 
> they'll work.  Note that saying "works with Linux" is not the same
> as saying "supported on Linux".

Ok, so you are an impulse buyer and/or otherwise averse to insisting on
Linux support in the hardware you buy.  Linux doesn't have the market
share on the desktop to demand support from hardware vendors.  Your
unwillingness to discriminate in favor of hardware with Linux support
perpetuates the problem.

Personally, I insist on hardware with Linux drivers, even to paying
modest price premiums, because the platform as a whole has saved me
*thousands* of dollars in software and support expenses over the years.

>> If you have professional versions of Windows, you have the 
>> licenses. Any bare-metal install of Win XP Pro or Win7 Pro may
>> also be installed in a VM on under any other OS, even without 
>> uninstalling the bare-metal copy.  (So long as you can only run
>> one copy of each license at any time.)
> 
> Home versions.
> 
>> Anyways, I think you are crazy, and your arguments are strawmen or
>>  otherwise unserious.
> 
> Assuming you meant that the way you said it, I think that's a cheap 
> and insulting shot.  Comments like that do not welcome newbie and 
> less experienced Linux users into the group, they drive them away. 
> The group should welcome me as a new enthusiast if I am a user of 
> Linux AT ALL.  What I've done thus far is far beyond what many 
> Windows users would put up with just to learn something new when
> they have no compelling reason to switch.

Hmm. Yes, looking back at this, it could be taken as insulting.  That
was not intended.  Please accept my apology.

Perhaps if "uninformed" were substituted for "unserious", my meaning
would be more clear.  I was, and still am, trying to express my
exasperation that you defend day-to-day Windows security as even
remotely close to Linux security.

>>> I will say this, with all the exploits being revealed in
>>> Windows, Adobe, Java, etc., I am becoming more motivated to try
>>> to move to a Linux primary and Windows secondary environment.
>> 
>> Numerous exploits have been exposed in Windows since its earliest 
>> days. You claim to have been running it since then, but you are 
>> only *now* becoming concerned?  Either you aren't the above
>> average technology enthusiast you claim to be, or you have been 
>> rationalizing away your concerns for years.  (I'm guessing the 
>> latter, since you seem to be otherwise well informed.)
> 
> I've been concerned since I plugged in the first network cable.  I 
> don't believe going all Linux would make me substantially safer.
> See extensive discussion above.

I believe you are shockingly wrong here.  On the scale of driving around
Atlanta without seat belt or airbag.  :-)

(Many people still drive without seat belts, and I pray for their
families, as the odds for them are poor.)

>> If you wait, you'll keep making lame excuses.
> 
> I'm not making excuses, and I don't need excuses.  I'm doing what 
> works for me in the way that it works for me to meet my computing 
> needs.  I have no intention, at this moment in time, of making Linux 
> my primary system.  I do intend to keep running it as a secondary 
> system, testing it, learning it, and may convert to it once my 
> concerns about usability and compatibility with the things I do are 
> solved; or if the other concerns related to security become so large 
> as to make me make the switch prior to the time I might have 
> otherwise.

Hmm.  Another case of poor phrasing.  I'm sure you are confident in your
arguments.  To me, based upon my long experience with low-level
programming (C, assembler), in-depth readings on virii design, and prior
experience with CPU architectures (metal-programmable gate arrays in
particular), they *sound* like lame excuses.

(I know that sounds like an appeal to authority, but this is my personal
technical knowledge.)

>> Oh, and when the time comes to upgrade your hardware, and you need 
>> to move your setup to another machine, you'll think you've died
>> and gone to heaven.  Moving a VM from one box to another is so
>> trivial, it is the only Turmel-approved way to migrate Windows.
> 
> That concept does sound interesting.

Putting Kubuntu on bare hardware, *with apps*, takes a couple hours.
Mostly spent selecting the apps you want.  Moving a VM is dominated by
the transfer time of a multiple Gig image file.

With the numerous industrial apps I use in Windows, plus the CAD
software and generic apps, a fresh, complete Windows install costs me
10-12 hours of near constant supervision.

Phil


More information about the Ale mailing list