wcLEX - New NNTP Proxy for MS Forums
in [MFC]
|
Prev: RS232 Interface - Serial Port - VS2008, C++
Next: wcLEX - New NNTP Proxy for MS Forums - crashes
From: Giovanni Dicanio on 8 Jun 2010 13:38 On 08/06/2010 19:03, Joseph M. Newcomer wrote: > I really don't want to have to deal with the security issues, and a VM is just a > vulnerable as a real machine. And if my VM gets corrupted, I have to be able to restore > it to a clean state, so I haven't won anything. Hmm... I'm not sure, I mean: you can just have a copy of a "clean state VM" (it's just a file or two on the hard-disk), and if you have a corruption, you just delete the corrupted VM files and restore the old one. This is one of the advantages of VMs over real hardware :) Giovanni
From: Hans-J. Ude on 8 Jun 2010 13:39 Giovanni Dicanio schrieb: > >On 08/06/2010 17:28, Joseph M. Newcomer wrote: >> The Web site requires that I enable JavaVirus to effect a download. JavaVirus is an >> attempt to run unconstrained and unverifiable code on my machine, and is therefore by >> definition an attack. JavaVirus is one of the most popular malware vectors, second only >> to ActiveVirus controls. >> >> Bottom line: if you've been taken out once by a JavaVirus attack, you will disable it from >> all sites. I was taken out twice. There will not be a third time. > >Joe: what about building a virtual machine just to access JavaScript web >sites? Yes, and after having done that, he can also download the source code to see what it does. Unfortunately I can't compile it since the .sln file isn't compatible with my VS 2005. Jochen is a honest guy, I don't believe he wants to attack anybody. Hans
From: Pete Delgado on 8 Jun 2010 14:00 "Joseph M. Newcomer" <newcomer(a)flounder.com> wrote in message news:1sts06lel9g5t77aoc2bgmrc6pt053t3qm(a)4ax.com... >I really don't want to have to deal with the security issues, and a VM is >just a > vulnerable as a real machine. >And if my VM gets corrupted, I have to be able to restore > it to a clean state, so I haven't won anything. Most VM solutions have a feature called "snapshots" which allow you to save configurations at points in time. For example, for my product testing we start with clean VMs of all supported operating systems and then add the desired software in order to be able to perform the tests using actual "real-world" customer environments. It takes seconds to revert a particular environment back to the clean "snapshot". This allows us to work more efficiently than having to manually install or use a product like ghost to install directly onto the physical machine. If you have the available disk space, this solution works nicely. With 1.5TB hard drives under $100 at NewEgg, disk space is very cheap nowadays. As far as VMs being vulnerable, they are just as vulnerable as physical machines, but at least if you are simply using the VM to access the internet and not file sharing, you can easily control and limit any infection to the particular node. >Overall, it doesn't give me anything that > using a separate machine doesn't already give me (which is my current > solution) but > ultimately, the best security is not allowing unconstrained code to run on > the client > machine. It allows you access to sites and code that you do not have access to with your current configuration. Whether it is worth the additional hassle to you is debatable... -Pete
From: Pete Delgado on 8 Jun 2010 14:29 "Hans-J. Ude" <news(a)s237965939.online.de> wrote in message news:p5vs0699ja2pdv2of4n2pvltt7glej0pkd(a)4ax.com... > Yes, and after having done that, he can also download the source code > to see what it does. Unfortunately I can't compile it since the .sln > file isn't compatible with my VS 2005. Jochen is a honest guy, I don't > believe he wants to attack anybody. > > Hans > Maybe he just hasn't found anyone worth attacking yet! ;-) -Pete
From: Hans-J. Ude on 8 Jun 2010 15:22
Joseph M. Newcomer schrieb: >I really don't want to have to deal with the security issues, and a VM is just a >vulnerable as a real machine. And if my VM gets corrupted, I have to be able to restore >it to a clean state, so I haven't won anything. Overall, it doesn't give me anything that >using a separate machine doesn't already give me (which is my current solution) but >ultimately, the best security is not allowing unconstrained code to run on the client >machine. Or just take one of these Linux trial boot CDs. Ubuntu 10 is doing a good job here. If you want it runs out of the box with firefox webbrowser, ftp, anything. I've just tried it out to verify what I'm talking about, it runs even without a HD attached. I know you dont like Linux, you deliberately refer to it as "linux" but c'm on... No joke. Hans |