|
A Virtual Machine, as name indicates, is special software layer which behaves
almost like a independent PC running on top of operating system. This Virtual PC can support another operating system.
For safe browsing, it is good idea to access internet on virtual
machines because there is layer between host operating system and guest operating system. A virtual machine can be used for unsafe browsing
as this machine can be destroyed without harming personal data. Of
course, data on virtual machine will be lost.
Another way is to use a virtual machine to access financial or sensitive
information. Virtualization layer between Host OS and Guest OS render
most of the hacking techniques ineffective. However, this technique
does not protect against key loggers as keyboard (or any computer
peripheral) is still controlled by Host OS. To prevent key loggers to
have access to personal information, a password manager can be used.
Please note, these machines are as effective as the user so always be
cautious regardless.
There are bunch of virtual machines available for free and few of them are listed here.
-
VMware: Browser Appliance
VMware is market leader in virtualization market. VMware Player and
VMware Server are available for free download. VMware also hosts
virtual machines, called Virtual Appliance. One can download different
"Appliances" and try them out. Browser Appliance is Virtual Machine for
casual browsing as it does not have powerful mechanism to protect
sensitive data.
Also VMware is not portable i.e. can not be carried on USB drive
Metropipe offers VM for private access and provide somewhat
protection and anonymity. However, their free offering is not powerful
enough. Paid service do provide better protection. This system is build
using Damn Small Linux! (DSL) and Qemu and reasonably fast and can be
carried on USB drive.
This is VMware based portable system. Moka5 provides interface to
manage various Moka5 based Virtual Machines. Fearless browser is one of the Moka5 VM which is combination of
Linux+Firefox+Tor.
Tor network is very interesting technology to provide users reasonable
anonymity for free.
This is VMware appliance in development. It is little slow. However, xB
Machine does provide user data encryption and is more secure compared
to above VMs.
This is one of the most comprehensive secure system, I could find (See Anonymity Anyware also). Incognito is Gentoo
Linux based LiveCD. One can boot this live CD or run this live CD as virtual
machine in Qemu.
Please note that Incognito authors does not recommend
running Incognito inside virtual machine and rightfully so as VMs does not
provide protection against Key loggers. However, problem with booting from LiveCD
is that it does not preserve user data.
Incognito does provide
mechanism to create bootable USB drive and store
user data on USB drive. Incognito comes in two flavors, tiny edition
(50MB) and full edition (350MB).
I modified Incognito to meet following
-
A system which can be carried on USB drive and as well have on home machine with ease of use.
-
Data must persist on USB drive and on home machine.
- No home machine reboot for accessing internet, it creates adaptation barrier.
- Not USB bootable - Old machines does not have USB boot capabilities or not enabled in BIOS.
Keyloggers can be defeated even if Incognito is running
inside VM. If passwords are stored in firefox built in password manager
then it will never be typed and then password is safe. Login password
or password for password manager may still be available to key loggers
however these passords are for your local VM machine.
Custom Incognito
Incognito liveCD is hacked to make user data persist while running it under Qemu. Modified Tiny Incognito can be
downloaded from download section.
Size of download is ~100MB (= 50MB
(Incognito HD) + 30 MB (User Data) + Qemu + Incognito Boot ISO).
Full version of Incognito is also available, however, I am not able to
find a place to host such a large file (400 MB). If you are interested,
please email me .
Custom PVPM
Incognito system is too resource intensive for old machines. A custom PVPM is available for download . This is based on Damn Small Linux! and idea is copied from Metropipe PVPM.
|
