About virtualization - how safe?

system · January 27, 2011, 9:24am

I just want to know how safe it is to run and malware on my system using virtualization feature.
Can i run malware virtualized without worrying for my system?

system · January 27, 2011, 9:42am

Why do you want to run malware? If you want to see what a malware will cause, I’d suggest to use a virtual machine. Sandbox should block any attempts to destroy/infect your system.

system · January 27, 2011, 9:49am

I have my reasons to run some malware on my physical system, so i just wanted to know if it’s safe.

Lisandro · January 27, 2011, 10:02am

Yes, it’s safe if you’re run malware virtualized.

system · January 27, 2011, 10:23am

Thanks.

Lisandro · January 27, 2011, 10:26am

You’re welcome. Feel free to come back any time you need help or just to change experiences 8)

DavidR · January 27, 2011, 3:47pm

I would say that if you aren’t taking additional protection you are crazy.

If you are testing malware for a legitimate purpose you should be running it on a test system and not a live system and you should ideally be running it in a VM area also and when you are done testing you discard the VM image and you have a clean test bed again.

Why do I say this, whilst virtualisation isolates your system the user can make changes to the settings and do things that might breach the virtualisation. You are using it for a purpose that it wasn’t really designed, not running it as a normal user that might encounter malware during the course of their browsing, etc.

system · January 27, 2011, 4:43pm

Virtualization settings do not allow the user to reduce protection, only increase (sandbox additional things, i.e cookies). And yes, it was designed to run malware deliberately:

Lisandro · January 27, 2011, 4:50pm

+1
Although, if the user is making tests, the virtual machine will make the work easier.
Into the sandbox, for instance, you can’t install software for instance.

DavidR · January 27, 2011, 5:29pm

CBell post:8:

DavidR post:7:

Why do I say this, whilst virtualisation isolates your system the user can make changes to the settings and do things that might breach the virtualisation. You are using it for a purpose that it wasn’t really designed, not running it as a normal user that might encounter malware during the course of their browsing, etc.

Virtualization settings do not allow the user to reduce protection, only increase (sandbox additional things, i.e cookies). And yes, it was designed to run malware deliberately:

avast! 5.x: FAQ - General:

This is a completely new feature in avast! Pro Antivirus 5.x and avast! Internet Security 5.x which allows you to browse the web or run another application in a completely safe environment. This is especially useful when visiting high-risk web sites, whether accidentally or deliberately, as the browser will be completely contained within the avast! Sandbox, preventing any damage to your computer.

Sorry but we have absolutely no idea what the OP is intending to do and what malware they are intending to run; so no way can it be said they will be safe, regardless of what the FAQ says.

If you are going to run malware intentionally it should be done in a test environment, you really can’t take this risks in a live system with 100% confidence. So you have to enhance your protection, especially having a robust backup and recovery strategy.

I though that you can reduce the protection, although it isn’t a positive intent, but can’t you allow browsers to cross the virtualisation boundary, by saving to the live system, browser cache, bookmarks, saving downloads, etc.

system · January 27, 2011, 6:20pm

Google “Break out of sandbox”, for example. A good way to discover the vulnerabilities of your virtualization-and most have some that are continually being eliminated by upgrades.

About virtualization - how safe?

Announcements