[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Thu, 8 Aug 2013, Simon Avery wrote:
Running either Windows or Linux in a VM is not inherently more secure than running it on your main machine. I suppose you might argue that you have less software installed so it's more secure, but that could be counter-argued with "one more system to keep up to date" - or rather, "One more system to forget to keep up to date"
Of course, running something inside a VM isn't more secure*. What would be more secure, and what I believe was being referred to, is setting up your OS once, taking a snapshot and then using that snapshot every time for online banking. Unless you managed to get yourself infected before you took the snapshot of course, but that's quite unlikely.
There's still a chance of malware running on the host system, or malware on another system that has managed to modify the router, performing some kind of man-in-the-middle attack, but using HTTPS properly makes this a pretty small risk.
As for anti-virus solutions, there are a handful of options. I don't know enough about this particular threat to be able to say whether they would have prevented it and I don't know about their effectiveness in general to make any recommendations.
* to hinder researchers, a lot of malware won't run if it detects it's being run inside a virtual environment. So in practise, running your OS inside a virtual environment makes you a little more secure. But you shouldn't assume it does.
Martijn. -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq