Using Virtual Machines for Privacy and Security - Rob Braxman Tech
video description
Date: 2022-03-20
Related videos
Comments and reviews: 10
Jeff
Hi Rob, back in the early 90's I set up single floppy machines for publishing companies. The PC would boot from the floppy, which was set to read-only. It would set the environment size and create a RAM disk using a preset amount of extended RAM. The floppy would create command. com and other OS files to C: \DOS or to a RAM drive if there was enough space, and transfer control to that command. com. All the programs and configurations were compressed on the floppy using ARJ and LHARC. These would be decompressed to the RAM disk on the fly if the user requested them. The coolest part was that it allowed multiple users, but they didn't have to sign in. The system was smart enough to sign in for the user based on the user's habits, such as typing style and which directories they accessed, etc, and it would decompress and install the proper configuration files and printer drivers for that user's office. If they tried to access someone else's files, it would not allow them access. It worked with many DOSes, not just MSDOS, and you could add any programs you wanted, but most of the DOS executables were written by me in Assembly to make the distribution as small as possible. A standard distribution included WordPerfect, a stripped-down version of Norton Commander, and lots of useful utilities. When they shut down the machine, it would copy any modified files to a dated folder on a second disk which I would use to analyze the user's habits. Any files that had not been accessed for 30 days were archived and copied to a 100M Zip Disk. Doing this solved a lot of issues, such as people who would write large files to the hard drive and never delete them, which would fill the drive and prevent printing from working because there was not enough space to create the output file, and it prevented malware infections, because every time you rebooted, the executables were deleted and recreated from the read-only floppy. After implementing this system, service calls went from several per day to almost none. Most people liked it because running programs from a RAM disk was much faster than running things from a floppy or hard drive. In some ways, computing was a lot easier back then. The program would capture all the user's keystrokes, with the timing between keystrokes, and I used that data to train it to recognize people by their keystrokes, which was pretty accurate, especially when you used other indicators such as which file they opened, which folder they accessed, etc. I guess you could not get away with that these days.
reply
Hi Rob, back in the early 90's I set up single floppy machines for publishing companies. The PC would boot from the floppy, which was set to read-only. It would set the environment size and create a RAM disk using a preset amount of extended RAM. The floppy would create command. com and other OS files to C: \DOS or to a RAM drive if there was enough space, and transfer control to that command. com. All the programs and configurations were compressed on the floppy using ARJ and LHARC. These would be decompressed to the RAM disk on the fly if the user requested them. The coolest part was that it allowed multiple users, but they didn't have to sign in. The system was smart enough to sign in for the user based on the user's habits, such as typing style and which directories they accessed, etc, and it would decompress and install the proper configuration files and printer drivers for that user's office. If they tried to access someone else's files, it would not allow them access. It worked with many DOSes, not just MSDOS, and you could add any programs you wanted, but most of the DOS executables were written by me in Assembly to make the distribution as small as possible. A standard distribution included WordPerfect, a stripped-down version of Norton Commander, and lots of useful utilities. When they shut down the machine, it would copy any modified files to a dated folder on a second disk which I would use to analyze the user's habits. Any files that had not been accessed for 30 days were archived and copied to a 100M Zip Disk. Doing this solved a lot of issues, such as people who would write large files to the hard drive and never delete them, which would fill the drive and prevent printing from working because there was not enough space to create the output file, and it prevented malware infections, because every time you rebooted, the executables were deleted and recreated from the read-only floppy. After implementing this system, service calls went from several per day to almost none. Most people liked it because running programs from a RAM disk was much faster than running things from a floppy or hard drive. In some ways, computing was a lot easier back then. The program would capture all the user's keystrokes, with the timing between keystrokes, and I used that data to train it to recognize people by their keystrokes, which was pretty accurate, especially when you used other indicators such as which file they opened, which folder they accessed, etc. I guess you could not get away with that these days.
reply
Rory
I am trying to figure out a system which will allow for anonymity + hardware security while also doing daily normal surfing. I'm unaware of the security implications of different setups, thinking along the lines of linux operating system such as arch while running a security based distro in a VM saved on an encrypted SD with associated files for hardware security. Could you please make a video on establishing a good all round system that covers as many bases as possible? It would be really appreciated, as i'm unaware if there would be safety implications to running tails in windows 10 in a VM for example, is this compromised & why? Thanks, great content BTW!
reply
I am trying to figure out a system which will allow for anonymity + hardware security while also doing daily normal surfing. I'm unaware of the security implications of different setups, thinking along the lines of linux operating system such as arch while running a security based distro in a VM saved on an encrypted SD with associated files for hardware security. Could you please make a video on establishing a good all round system that covers as many bases as possible? It would be really appreciated, as i'm unaware if there would be safety implications to running tails in windows 10 in a VM for example, is this compromised & why? Thanks, great content BTW!
reply
True
20: 29 I wonder how many people realise why the sheep appears in the cloning dialog?
Fellow boomers will remember that the first successful clone of a mammal was a sheep. This technology dates back to that time: and when the effigy of Dolly the sheep was first used in that dialog box it would have been obvious to any user with any interest in science.
Just a reminder to you younger folk that so much of the tech you love was created by us boomers; )
reply
20: 29 I wonder how many people realise why the sheep appears in the cloning dialog?
Fellow boomers will remember that the first successful clone of a mammal was a sheep. This technology dates back to that time: and when the effigy of Dolly the sheep was first used in that dialog box it would have been obvious to any user with any interest in science.
Just a reminder to you younger folk that so much of the tech you love was created by us boomers; )
reply
Knut
Is there an option to shut down the ability to screen cap a VM? Also is there a keyboard which sends encrypted code to a VM which decodes the encrypted keyboard input. Ideal is to prevent a compromised host OS from keylogging input or screen capping data from the VM. If these capablities exist then the next question would be what is the most secure LINUX OS when it comes to preventing the capturing and sending off to a HACKER keylogs and screencaps.
reply
Is there an option to shut down the ability to screen cap a VM? Also is there a keyboard which sends encrypted code to a VM which decodes the encrypted keyboard input. Ideal is to prevent a compromised host OS from keylogging input or screen capping data from the VM. If these capablities exist then the next question would be what is the most secure LINUX OS when it comes to preventing the capturing and sending off to a HACKER keylogs and screencaps.
reply
Wayne
You are spot on about using VM's but I will add one thing that adds another 2 blankets of protection is running a VPN on the host system then running a VPN to a different server in the VM of course there are always risks even with VPN's but it doubles your encryption a native OS VPN with a VM VPN so you further protect both machines so to speak hope that helps. Some data centers do this technique with their VM's to protect sensitive data further.
reply
You are spot on about using VM's but I will add one thing that adds another 2 blankets of protection is running a VPN on the host system then running a VPN to a different server in the VM of course there are always risks even with VPN's but it doubles your encryption a native OS VPN with a VM VPN so you further protect both machines so to speak hope that helps. Some data centers do this technique with their VM's to protect sensitive data further.
reply
61spindrift
I understand this is a year old video but, do you still believe using an email client is more secure than using a web based service that requires a password (2-step verification) in a secure browser? The way I understand email clients is the download the email as an attachment and store this information on your desktop for anyone to see or has the ability to hack your computer (gov. agency, thieves etc.
reply
I understand this is a year old video but, do you still believe using an email client is more secure than using a web based service that requires a password (2-step verification) in a secure browser? The way I understand email clients is the download the email as an attachment and store this information on your desktop for anyone to see or has the ability to hack your computer (gov. agency, thieves etc.
reply
WALKAWAY
1-I have ubunu/linux on a bootable thumb drive. (For banking). Is that like a VM?
2-And when trying to load Virtualbox it fails to load and said I need system admin.
I am the admin.
3-Have I already been hacked? What the best way to scan my PC and who do I use?
ROB you have walked talked me down the -rabbit hole- thats worse than the tunnels in chu chi.
reply
1-I have ubunu/linux on a bootable thumb drive. (For banking). Is that like a VM?
2-And when trying to load Virtualbox it fails to load and said I need system admin.
I am the admin.
3-Have I already been hacked? What the best way to scan my PC and who do I use?
ROB you have walked talked me down the -rabbit hole- thats worse than the tunnels in chu chi.
reply
Anon
The thing is to install Windows in a virtual machine from the beginning. When u install windows the very first time. I saw a bunch of videos when the pc was restarted, the virtual machine showed up first for a few seconds. This is the way I-d like to install windows, the way u do it is good for Linux n Mac users. Not what I need.
reply
The thing is to install Windows in a virtual machine from the beginning. When u install windows the very first time. I saw a bunch of videos when the pc was restarted, the virtual machine showed up first for a few seconds. This is the way I-d like to install windows, the way u do it is good for Linux n Mac users. Not what I need.
reply
Jamie
Yes yes thankyou. I am so grateful for your expertise. I am new to PC world and want to begin trading. safest n discrete way possible. I'm understanding mostly and am trying to make sure I cover all bases, considering 1 weak point n well there'd be no point in any. thanks a lot. I'm in the UK.
reply
Yes yes thankyou. I am so grateful for your expertise. I am new to PC world and want to begin trading. safest n discrete way possible. I'm understanding mostly and am trying to make sure I cover all bases, considering 1 weak point n well there'd be no point in any. thanks a lot. I'm in the UK.
reply
Ananthakrishnan
I have been using VirtualBox and VMWare Virtual machines for over 8 years. I used to install Windows 10 virtual machine on Debian 10. Your machine is so safe you can be free from worries of virus, malware attacks and be safe
reply
I have been using VirtualBox and VMWare Virtual machines for over 8 years. I used to install Windows 10 virtual machine on Debian 10. Your machine is so safe you can be free from worries of virus, malware attacks and be safe
reply
Add a review, comment
Other channel videos
