Browser for sensitive information in a virtual machine, does it make sense?

L

losrogaty2020-01-28 07:46:33

Browsers

losrogaty, 2020-01-28 07:46:33

I would like to hear about the best way to work with sensitive information on the Internet (online purchases, banking transactions, work accounts). I finally got my sight on the topic of the possibility of injecting into executable code after reading blogs about disassembling, decompiling and further modification of almost any system files.
It seems like the most reliable way is 2 separate machines, one for work/daily routine, the other for chuv.inf., with different connection points. Even if it is, it's not an option for me.
Now I am considering a variant with a virtual machine: there is Windows on the host, I can run a gray file on it (it will not work to run a gray file on the guest, it is heavy, let's say it's photoshop), which is not recognized by an unambiguous virus on https://www.hybrid-analysis .com/, but also not 100% certain. Then, on the guest machine, I start ubuntu and in it from the browser I sit in the Internet stores, work sites, etc.
1) Question: if a gray file hacks some network files / services on the host, will it have access to all the information transferred through the guest to the Internet? How can you protect yourself?
2) All information transmitted via the keyboard is also compromised, and are there any programs that prevent this (for example, generating garbage input)?
3) Other ways to securely browse using a virtual machine? So that the host cannot spy, steal from the guest the information transmitted over the network.
Your thoughts, reasoning, links are only welcome!

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

H

hint000, 2020-01-28
@losrogaty

If the host is compromised, then we can assume that the guest is also compromised.
1) The guest's network can be protected with a VPN, but with a lot of caveats, ie. in general, you can't.
2) Keyboard input cannot be secured if the keyboard is connected to the host. Where will the garbage generator be run? On the host? But what prevents the host from ignoring the garbage that it itself generates? Nothing interferes. There is an option with an on-screen keyboard on the guest. But what prevents the host from intercepting mouse events? There is an option with an on-screen keyboard, on which the letters are mixed or even randomly jump. This will make it terribly difficult for a person to enter, but what prevents the host from intercepting a picture from a guest? Nothing. In short, the guest's keyboard, mouse, and screen are defenseless against the host.
3) Have an additional computer from which you can connect to the guest via RDP (+VPN) so as not to use the keyboard, mouse and host screen. Here it was possible to return to point 1) ... But if there is an additional clean (not compromised) computer, then the whole idea loses its meaning, just use this computer to work with sensitive information.
In short: if you want to work with unverified executables, then this work should be on the guest, not on the host. And even so, there are still things like Meltdown and Specter and a bunch more found after them. It is very difficult to exploit these vulnerabilities, but theoretically they allow breaking through from the guest, intercepting host information. And also the Rowhammer vulnerability (and related ones), which allows you to change data in RAM at the physical level... And also... Well, you understand.

V

Vladimir Korotenko, 2020-01-28
@firedragon

The standard practice is to take a snapshot of the virtual machine and roll back to the previous (clean state) after running the gray file (is it a key maker?)
Another practice is the minimal machine for payments. Inside it, install a password manager of your choice and use it only for trusted operations. Bank client, cards.
PS Judging by your question, you clearly do not need it, do not be offended. Install kaspersky and do not click on suspicious links, this will be more than enough.