[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Fri, 9 Aug 2013, Tom Brough wrote:
I may be missing the point here but if the snapshot has a security defect embedded in it (known or more likely unknown at present) then surely you are loading the same defect every time you boot the VM snapshot. So eventually someone will discover said defect and exploit it and your snapshot. IMO the older the snapshot the more vulnerable it becomes.True the trojan dies when the machine is switched off, but it can be re-installed the second the machine is turned on again using the exact same security hole, given that the snapshot faithfully reproduces good and bad code alike every time its started.
This is true, but for this to happen the trojan needs to already be sitting somewhere from where it can access your VM, so that would have to be on the host machine, or somewhere else on the local network. It also needs to find a way to make it to the VM and once there to interact with your network traffic. And all this within the five minutes you're using the system.
That makes the possibility of something going on pretty small. Martijn.
-- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq