I am thinking of switching to Ubuntu as a way of making web browsing more secure. So, suppose I will go the easy route and run Ubuntu as an app inside Windows and then run Firefox inside of that. What will this do to the security given the current threat environment? E.g. do most online threats nowadays target the browser and flash (which presumably would be safely sandboxed inside easy to wipe Ubuntu environment) or do they target the Windows TCP-IP stack where Ubuntu would give no protection? Well, most likely the above question does not come near to covering all the security implications of this setup :-), so please do discuss whatever other issues that may be relevant here.
Asked
Active
Viewed 530 times
2 Answers
3
Majority of things attacking your browser target problems with browser or API of underlying OS, for example image drawing functions. Also, as a security model, there is two way security: from host to virtual machine and from virtual machine to host.
Virtual machine to host
Virtual machine is sandbox for guest operating system. Breaking it is very difficult, but not impossible. For casual use, you don't have to care about that at all.
If your virtual machine is contamined by some malware/virus, easiest path to host machine is through network. Usually host machine trusts traffic coming from virtual machine, and for example Windows virus using remotely exploitable (but blockable by firewall) hole, it have much better chances from virtual machine.
From host to virtual machine
Normal viruses do not try to infect virtual machines, but it's possible, as host operating system (in your case Windows) can do whatever it wants to virtual machines and to virtual machine disks.
Security in your case
As already said, majority of threats during normal web browsing target to your browser. That include also some operating system functions, like drawing, image rendering, filesystem handling and so on. In that sense Ubuntu (and Firefox) are much safer than Windows (and Internet Explorer). This is not necessarily because it's better (more secure), but there is much lesser number of viruses for Linux, as it's very marginal operating system.
When connecting to your virtual machine, it is possible to exploit bug in Windows TCP/IP stack, but that's highly unlikely. Also, there isn't many (known) bugs in Windows 7 networking.
Using virtual machine for web browsing is good idea, because then you can take advantage of snapshots for example: if something goes wrong (and you know why), you can just restore previous snapshot. For example native Windows Recovery is not good enough for that, because many viruses infect old versions too, as those are accessible inside operating system.
Olli
- 7,739
0
None.
The virtual machine acts as a sandbox so no threats can damage the host machine. Even more secure is your setup, as Ubuntu performs much better than Windows in terms of security.
bbonamin
- 887