virtualbox.org

jonsof wrote:Sirius what about using the "shared-folder" with read-only permissions for the guest - this is an option in shared folder settings.Also what about using NAT, or internal networking with another VM as gateway? The scenarios are many.

Read-only permissions on a shared folder should be safe. As I mentioned in my original reply, certain network settings could probably prevent a network worm from spreading.

Besides the presence of an infected file isn't absolutely a threat.Because the threat level is defined by the user's level of expertise.
There is no need to generalise and scare people

I was just answering the question and pointing out that in certain cases it IS possible for a virus to spread from a VM to a host. I made no assumptions about the OP's level of expertise, and I'd rather not give advice that results in someone's system being infected. Certainly anyone with enough expertise knows enough to handle a virus infected file with care (and to not be scared), but for someone without that expertise, I'd rather they be scared than infected.

kebabbert wrote:I was thinking about this as well. If you use different OS for a guest, would that be safer? Let us say you have Linux as host, and run Windows as guest. Would a Windows virus be able to infect Linux? Are there any cross platform viruses? For instance, MS VisualBasic macro viruses? Or Java?

MS office macro viruses were the first cross-platform viruses, I don't know if there have been any subsequent ones. It might be possible with a cross platform scripting language (JavaScript perhaps?), but Java should be safe since it runs in a sandbox. Aside from something like that it shouldn't be possible for a virus to spread between operating systems.

jonsof wrote:There is no need to generalise and scare people

There is, if you want to sell AV software, or your own services as an "IT person" - I hasten to add that I'm not suggesting that's true of Sirius... I'm just making my own weakly founded generalization...

FWIW, I have had no resident AV on any of my own (*) hosts or guests for quite some time - and my PCs perform excellently, thanks very much! I do regularly scan with a non-resident malware scanner, but I've never found anything worth reporting. From this I confirm my belief that the performance impact of resident A/V is not justified by the threat prevalence. Yet if that threat should ever come to pass, then I have multiple beachheads to fall back on: rolling Acronis whole disk image backups, backups of individual important document folders to CD, and to other PCs I use etc etc. So, even if I'm attacked, I don't believe I can be injured. To me the whole thing is a scam: far from protecting us against malware, resident A/V is the malware - it's a clumsy DOS (Denial Of Service) attack that stops you enjoying your own PC to its full potential.

(*) I distinguish between "my own" and "my employers". My employer uses an IT contracter and he stuffs every PC to the gills with AV software as a matter of course, no thought or justification required. He gets away with it of course because most PC users know even less than him. I refuse to use any of the treated PCs for development, I find them unusable.

sirius wrote:

kebabbert wrote:I was thinking about this as well. If you use different OS for a guest, would that be safer? Let us say you have Linux as host, and run Windows as guest. Would a Windows virus be able to infect Linux? Are there any cross platform viruses? For instance, MS VisualBasic macro viruses? Or Java?

MS office macro viruses were the first cross-platform viruses, I don't know if there have been any subsequent ones. It might be possible with a cross platform scripting language (JavaScript perhaps?), but Java should be safe since it runs in a sandbox. Aside from something like that it shouldn't be possible for a virus to spread between operating systems.

So it could be safer to use different OSes?

I am thinking of not allowing the guest OS to see or communicate with the host OS in anyway. Shutdown the connection between them. That would increase safety, dont you think? If someone hacks the guest OS, there is no connection to the host OS, so the hacker can not seize control over the host OS.