How to Attach Encrypted vdi to VM in VBox 5.0

This is for discussing general topics about how to use VirtualBox.
Bobbbbbb
Posts: 4
Joined: 20. Aug 2015, 04:15

Re: How to Attach Encrypted vdi to VM in VBox 5.0

Post by Bobbbbbb »

Unfortunately, I am unable to recover the vbox file from the old hard drive. I spent all day yesterday trying to "carve" vbox files out of the disk, it only found other vbox files and not the one I needed :<

Also creating a new vm with the same name and same password as the old vm, then changing the vdi and vdi uuids to reflect the encrypted vdi does not work. Virtualbox prompts me for the password at boot then comes up with "fatal: no opertating system found" and just hangs. So I guess that means that it does not properly decrypt the vdi and thus has no os to boot.

Welp, This sucks. I'm a huge idiot for assuming that virtualbox embeded the encryption info into the vdi image. I backed up the vdi, but like a IDIOT I did not back up the key to the kingdom. This is very not ideal lol. Bah. I'm sooooo pissed at myself right now :<
aeichner
Oracle Corporation
Posts: 193
Joined: 31. Aug 2007, 19:12

Re: How to Attach Encrypted vdi to VM in VBox 5.0

Post by aeichner »

The data in the disk images is encrypted with a separate DEK (Data Encryption Key) which is completely random and not based on the UUID or the password. The DEK is encrypted/decrypted using the password when the data in the image is accessed. The DEK is stored in the medium properties in the .vbox settings which needs to be kept safe in order to decrypt the content in the image as explained here: https://www.virtualbox.org/manual/ch09. ... encryption.
If you didn't preserve at least the CRYPT/KeyStore data somewhere your data is lost irrecoverably because the DEK is the only existing key to decrypt the data.
mpack
Site Moderator
Posts: 39156
Joined: 4. Sep 2008, 17:09
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Mostly XP

Re: How to Attach Encrypted vdi to VM in VBox 5.0

Post by mpack »

Hi Aeichner - if I may I'd like to get something absolutely clear so that I an answer future queries along these lines without needing to escalate it to the devs.

Two people posted into this topic.

The OP (GlobalTommy) had tried to move the VDI but still had access to the original .vbox file and password. For him, manually restoring the encryption related fields (copied from the older .vbox) into the new .vbox media registry provided him with a viable workaround. Implies that the feature is self contained - the host doesn't matter.

The second poster (Bobbbbbb) no longer had access to the original .vbox, but did know the password. You are saying that in this scenario the data cannot be recovered?


Perhaps this feature needs to be adjusted to make the situation recoverable in the latter scenario, i.e. when you do know the password. For as long as I've been using VirtualBox we have had people who assume that the VDI is the VM and hence nothing else needs to be moved or backed up. A large fraction of posts on this site have to do with the consequences (e.g. losing Win7+ activation), so encryption is going to provide those same users with a new and rather harsh lesson that size is not always the most important thing. I dare say that paying customers will not be immune!
loukingjr
Volunteer
Posts: 8851
Joined: 30. Apr 2009, 09:45
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: just about all that run

Re: How to Attach Encrypted vdi to VM in VBox 5.0

Post by loukingjr »

mpack, I understand what you are saying and why but it seems to me that any method used to recover an encrypted disk by just knowing the password could significantly weaken the security encryption is suppose to provide. Personally I don't encrypt VMs or my computers but if I felt the need to I would hope it was as difficult as possible to decrypt.

Just my thought.
OSX, Linux and Windows Hosts & Guests
There are three groups of people. Those that can count and those that can't.
mpack
Site Moderator
Posts: 39156
Joined: 4. Sep 2008, 17:09
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Mostly XP

Re: How to Attach Encrypted vdi to VM in VBox 5.0

Post by mpack »

loukingjr wrote:mpack, I understand what you are saying and why but it seems to me that any method used to recover an encrypted disk by just knowing the password
In every other sphere I can think of, including home banking, knowing the password (or PIN) is considered sufficient verification for most transactions. It's only in the case of a suspicious transaction that it steps up to stronger checks.

I mean, if knowing the password isn't enough, what do we need a password for anyway?
loukingjr
Volunteer
Posts: 8851
Joined: 30. Apr 2009, 09:45
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: just about all that run

Re: How to Attach Encrypted vdi to VM in VBox 5.0

Post by loukingjr »

As you know, people's passwords can be guessed, recovered using the proper tools etc. Passwords are really to prevent casual users from getting into someone's computer. There are institutions that have gone to two-tiered security measures because they felt just a password wasn't enough. Including my bank, Apple (optional) and others.
OSX, Linux and Windows Hosts & Guests
There are three groups of people. Those that can count and those that can't.
mpack
Site Moderator
Posts: 39156
Joined: 4. Sep 2008, 17:09
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Mostly XP

Re: How to Attach Encrypted vdi to VM in VBox 5.0

Post by mpack »

loukingjr wrote:As you know, people's passwords can be guessed
Having a weak password is everyone's god given right. I mean realistically, how strong does it need to be? An unauthorized person would need physical access to the encrypted file, and know the password.

Look, I'm not really interested in getting into a philosophical debate here. I am pointing out that catastrophic data loss is a strong possibility with the current mechanism, as this thread already makes apparant. I have doubts that this will make paying customers happy. However, if you and devs want to field all of the related complaints that arise in the future then I'll be happy to forget about the matter, seeing as it doesn't affect me personally. I simply want to make the devs aware that a problem may be brewing.
loukingjr
Volunteer
Posts: 8851
Joined: 30. Apr 2009, 09:45
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: just about all that run

Re: How to Attach Encrypted vdi to VM in VBox 5.0

Post by loukingjr »

It was just my opinion on why Oracle may not want to make it easier. Personally I don't encrypt. I guess I don't see it as much different than people who don't backup their data. Or install pre-release software on their only machine. I certainly don't have any objection if the powers that be make it easier to decrypt with just a password.
OSX, Linux and Windows Hosts & Guests
There are three groups of people. Those that can count and those that can't.
mpack
Site Moderator
Posts: 39156
Joined: 4. Sep 2008, 17:09
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Mostly XP

Re: How to Attach Encrypted vdi to VM in VBox 5.0

Post by mpack »

loukingjr wrote:I guess I don't see it as much different than people who don't backup their data.
The difference is that the devs have provided this feature for people to use, and therefore have some responsibility for it. And the problem hits people who do back up their data, albeit incorrectly.
loukingjr
Volunteer
Posts: 8851
Joined: 30. Apr 2009, 09:45
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: just about all that run

Re: How to Attach Encrypted vdi to VM in VBox 5.0

Post by loukingjr »

an interesting view considering when I have brought up certain features of VB that are allowed as in setting too many CPUs to a guest is fine and apparently "endorsed" because it's available, I've been told it's up to a user to use VB correctly. So users should be protected from themselves in some cases and not others.
OSX, Linux and Windows Hosts & Guests
There are three groups of people. Those that can count and those that can't.
mpack
Site Moderator
Posts: 39156
Joined: 4. Sep 2008, 17:09
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Mostly XP

Re: How to Attach Encrypted vdi to VM in VBox 5.0

Post by mpack »

We aren't talking about adjusting resource usage of one feature, we are talking about the feature as a whole.
loukingjr
Volunteer
Posts: 8851
Joined: 30. Apr 2009, 09:45
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: just about all that run

Re: How to Attach Encrypted vdi to VM in VBox 5.0

Post by loukingjr »

ok. I was talking about the principle not how difficult it was to implement or change but as I said, personally it matters not to me how encryption is dealt with. I was only pointing out a possible reason not to change it.

Don, I'm not disagreeing with you. I think you had a valid point. I also think my point was valid. I assume someone other than us will decide.
OSX, Linux and Windows Hosts & Guests
There are three groups of people. Those that can count and those that can't.
michaln
Oracle Corporation
Posts: 2973
Joined: 19. Dec 2007, 15:45
Primary OS: MS Windows 7
VBox Version: PUEL
Guest OSses: Any and all
Contact:

Re: How to Attach Encrypted vdi to VM in VBox 5.0

Post by michaln »

mpack wrote:I am pointing out that catastrophic data loss is a strong possibility with the current mechanism, as this thread already makes apparent. I have doubts that this will make paying customers happy.
You don't really think encryption was implemented because it was on top of the wish list of the users of the free product, right? :)

The truth remains that anyone who encrypted their data (with a crypto technology that isn't a complete joke) has doubled their chance of a loss: either losing the data or losing the key means the data is gone. As with everything in life, there are tradeoffs, but that seems too obvious to even mention.
I simply want to make the devs aware that a problem may be brewing.
It's a valid concern. Unfortunately experience shows that users are more creative than we expect, and for every fatal mistake we try to avoid, they come up with two new ones. There's only so much we can do to protect people from themselves. But if you're right and this turns out to be a trend, we'll try to come up something.

Any quick ideas? I assume that putting up a dialog saying "if you plan to delete your key, please do not use encryption" won't be very effective :)
mpack
Site Moderator
Posts: 39156
Joined: 4. Sep 2008, 17:09
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Mostly XP

Re: How to Attach Encrypted vdi to VM in VBox 5.0

Post by mpack »

michaln wrote:Any quick ideas? I assume that putting up a dialog saying "if you plan to delete your key, please do not use encryption" won't be very effective :)
Yes, I had a solution in mind, which is to encrypt the image directly with the selected password, and don't store the password anywhere. I.e. if you know the password then you can decrypt the data, regardless of how the VDI has been moved or shared between VMs. If you don't then you can't. This to me would be expected behaviour. I confess that I don't see why this most obvious route presumably must have some big security hole?

Yes, I understand the fun technical challenges of ultra strong crypto security, but in practice does it really need to be that strong? I mean, we are presupposing a nefarious person who (a) even wants to steal your data, (b) has physical access to your PC (including login password), (c) knows the encryption password for this VM, but (d) doesn't know that he can export the VM to obtain a decrypted copy, or simply copy out the sensitive guest files he's interested in to a shared folder?

I'm not immune myself to implementing sexy features just because they were fun to do. But, I kind of draw the line with a feature whereby a small and credible technical slip (not backing up one small and seemingly unimportant text file) can result in the total loss of terabytes of data, with no possibility of even partial recovery - even when the user has been as vigilent about making backups as we always tell them to be.
mpack
Site Moderator
Posts: 39156
Joined: 4. Sep 2008, 17:09
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Mostly XP

Re: How to Attach Encrypted vdi to VM in VBox 5.0

Post by mpack »

Ugh. Mention of backups also made me think about another bad scenario: I've had a disaster and want to restore a VM from an old backup... but we have a policy of changing passwords often (as the IT police keep telling us), but I can't remember what the password was back then. We're screwed, right? Of course I could always write the passwords down in my diary, which I leave nice and handy nearby...!

This is just an aside - I realize that it's a argument about encryption per se, rather than the VBox implementation. It kind of makes me understand why government employees keep losing memory sticks with unencrypted secret data on them - because encryption must be such a nightmare to manage in real life!
Post Reply