I appreciate the work you are doing here as moderator.socratis wrote:Let's start with the last question, because it's easier: NO. There's no way to turn off hardening.
Re: "NO. There's no way to turn off hardening." This is actually not your decision. It is Oracle's business decision.
I agree that improperly signing process is a bad thing, but that's why we have anti-virus and other programs to protect our systems.
If you take a step back, you will see that many people are having this problem recently, due to a VirtualBox 'Feature' which is, in my mind, useless.
You are also missing the point of using VirtualBox. We want to work with multiple OSs or older OSs, while still using a relatively modern machine.
The VM is supposed to be a sandbox, unaffected by whatever changes on the Host machine. If VirtualBox is using host programs, then those programs can be protected against updates...
... but to completely fail if some 3rd party, unrelated software (IBM Trusteer) is signed incorrectly or an anti-virus program is checking DLLs, is just wrong. If VirtualBox is going to fail with every encounter of an unsigned DLL, it's going to have a reputation of not being reliable.
Virtual-Box should not be doing what other programs do better and quicker. This is a feature that I don't want.
If VirtualBox is going to stop working every time some DLL gets updated without the correct cert, then the choice I will make is to use another VM.
There are many DLLs out there and the chance of one of them doing something wrong (ie. not signing their update) is huge.
PS: I had the following problem:
Result Code: E_FAIL (0x80004005)
Component: MachineWrap
Interface: IMachine {85cd948e-a71f-4289-281e-0ca7ad48cd89}
I 'fixed' it by deinstalling IBM Trusteer and turning off the DLL checking in AVG Enterprise. I don't know which one caused the problem... I don't have the time to check.