Anonymity safety

Discussions related to using VirtualBox on Windows hosts.
Post Reply
shares
Posts: 4
Joined: 15. Mar 2021, 10:41

Anonymity safety

Post by shares »

Is there a documented method or API, or possibility for an undocumented hack, for the host machine's details to leak into the virtual machine?

For example if I am running virtual Windows 10 inside a host Windows 10, can the virtual machine retrieve information about its Host, eg name, geo-location (through the network I suppose), OS / system files, licenses, IDs etc

This is not about whether a virus in the virtual machine can infect the host, but more about whether a virus/hack/application in the virtual machine can determine and leak the "ID" of the host.

PS: Obviously the chosen network can be a big give away, depending on the setup. Shared folders may also pose breach of anonymity.
mpack
Site Moderator
Posts: 39156
Joined: 4. Sep 2008, 17:09
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Mostly XP

Re: Anonymity safety

Post by mpack »

No, AFAIK none of us track those concerns. I suggest you do your own research, treating the situation as being similar to PCs on a LAN.
shares
Posts: 4
Joined: 15. Mar 2021, 10:41

Re: Anonymity safety

Post by shares »

OK, thanks. I am doing exactly that (treating the guest as an independent PC). Except the relationship between host/guest is a special one and only documented, or known, to the developers/experts. If the guest has (undocumented) access to the host, then the host itself might be compromised.
AndyCot
Posts: 296
Joined: 29. Feb 2020, 03:04

Re: Anonymity safety

Post by AndyCot »

There are attack vectors for a number of different virtual and docker type guest OS's and vice versa, BUT none of the companies will let you anywhere near the details as it can be used for hacking.
scottgus1
Site Moderator
Posts: 20965
Joined: 30. Dec 2009, 20:14
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Windows, Linux

Re: Anonymity safety

Post by scottgus1 »

I saw a list of the attack vectors discussed by Andy, published by Oracle. (I don't have the link anymore.) I don't remember if there were any by which guest malware could compromise or reveal the host. But I was struck by how many of them were "compromise the guest from the host" and they substantially required access to the host PC to implement. Which is covered by one of the biggest rules in InfoSec:

If the bad guy gets access to your computer, it's no longer your computer.

I'd surmise that guest revealing the host is harder. Guest software can be programmed to tell if the OS is in a Virtualbox VM, even without Guest Additions installed, because some of the simulated 'hardware' has "Virtualbox" or "vbox" in the name. And the physical CPU is seen by the VM OS. But whether that software can identify the CPU through a unique ID number or get out of the VM to see host OS or PC characteristics without the host already being compromised is going to be a study of the Virtualbox source code, which is available.
Post Reply