virtualbox.org

Will it be the case? Saw a lot of logs in my host:
C:\ProgramData\VirtualBox
C:\Users\ %%% \.VIrtualBox

Thanks

A more descriptive scenario might help us understand your concern.

The VM has a disk file that stores all the VM's data. That disk file exists on the host drive. The VM's data does not come out of that disk file unless you save data on a network connected to the VM. The VM's C drive is inside the disk file and is not the host PC's C drive.

The data in the disk file can be seen from the host PC, using hex editors, compatible zip archive programs, and other methods. Virtualbox offers disk encryption to hide disk data so it cannot be read from the host. Don't disconnect the VM's disk file from an encrypted VM, or the data in the disk file may be un-decryptable.

Virtualbox does make logs, in C:\Users\{youraccount}\.VirtualBox, and in the VM's Logs folder. These logs come from Virtualbox itself, not the VM's OS. The only data that gets put in the logs is network and RDP data that you start from the host PC to the VM. If you have a typical house router that changes your internet IP address from your ISP into a private IP address, then no public IP address info gets into the logs. Your user account name is put in the logs in the paths to the files that get logged, since the Virtualbox files get stored in your user account home folder. User account names cannot be hacked without your public IP address, and your computer is already being pen-tested all the time if it is internet-connected.

If you don't have a router and your PC is connected directly to the internet and sees your public IP address directly, then that IP address might be in the log. In my opinion this is the only possible security issue in the log, and if you use a router then this issue does not exist.

scottgus1 wrote:A more descriptive scenario might help us understand your concern.

The VM has a disk file that stores all the VM's data. That disk file exists on the host drive. The VM's data does not come out of that disk file unless you save data on a network connected to the VM. The VM's C drive is inside the disk file and is not the host PC's C drive.

The data in the disk file can be seen from the host PC, using hex editors, compatible zip archive programs, and other methods. Virtualbox offers disk encryption to hide disk data so it cannot be read from the host. Don't disconnect the VM's disk file from an encrypted VM, or the data in the disk file may be un-decryptable.

Virtualbox does make logs, in C:\Users\{youraccount}\.VirtualBox, and in the VM's Logs folder. These logs come from Virtualbox itself, not the VM's OS. The only data that gets put in the logs is network and RDP data that you start from the host PC to the VM. If you have a typical house router that changes your internet IP address from your ISP into a private IP address, then no public IP address info gets into the logs. Your user account name is put in the logs in the paths to the files that get logged, since the Virtualbox files get stored in your user account home folder. User account names cannot be hacked without your public IP address, and your computer is already being pen-tested all the time if it is internet-connected.

If you don't have a router and your PC is connected directly to the internet and sees your public IP address directly, then that IP address might be in the log. In my opinion this is the only possible security issue in the log, and if you use a router then this issue does not exist.

Hi, Thank you very much for your reply

I know that the .vhd or .vhdx (used by Hyper-V) is easily mountable and readable on File Explorer, so I stayed out of it and used the .vdi by VirtualBox. No, I didn't set disk encryption. But, from your description, there won't be data leakage from the disk file UNLESS I use special software to read it - even I didn't encrypt the disk file??

Here's my network setup: I have the router (Google Wi-Fi) from my ISP and my laptop connects the internet via Wi-Fi. My Host is Windows 10 and I always have VPN on. My Guest is also Windows 10, on "NAT" (a network setting on VirtualBox), and I don't have VPN running on Guest. Can I assume that no browsing history or whatever being saved on my Host?? And does it hold true if I connect my laptop using LAN cable and not Wi-Fi??

Thanks a lot for your inputs

Oracle User wrote:there won't be data leakage from the disk file UNLESS I use special software to read it

True. Under normal operation, data won't leave the disk file. However, the 'special' software is easy to get. 7-zip (free) will open .vdi's on a Windows host and allow extracting files. An encrypted disk will not be extractable.

Everything in your network looks private, except for the VPN. I do not know how the VPN influences or permits ip addresses to be released.

No browser history gets saved on the host PC via Virtualbox. Note that some browsers, like Chrome, allow signing into a browser account so your settings can be copied to all your PCs. This browser setup may make browser history or favorites available on the host. So don't sign in on the browser.

I should point out a couple more things: Virtualbox is primarily for running more than one operating system on one computer. It is not marketed as a hide-my-computer-activity program. If you are trying to keep things secret, you might want to look elsewhere.

scottgus1 wrote:I should point out a couple more things: Virtualbox is primarily for running more than one operating system on one computer. It is not marketed as a hide-my-computer-activity program. If you are trying to keep things secret, you might want to look elsewhere.

Haha, that's a good point, I was only asking how secure VIrtualBOx is. Nothing illegal in my use case.


[/quote]

scottgus1 wrote:

Oracle User wrote:there won't be data leakage from the disk file UNLESS I use special software to read it

True. Under normal operation, data won't leave the disk file. However, the 'special' software is easy to get. 7-zip (free) will open .vdi's on a Windows host and allow extracting files. An encrypted disk will not be extractable.

Everything in your network looks private, except for the VPN. I do not know how the VPN influences or permits ip addresses to be released.

No browser history gets saved on the host PC via Virtualbox. Note that some browsers, like Chrome, allow signing into a browser account so your settings can be copied to all your PCs. This browser setup may make browser history or favorites available on the host. So don't sign in on the browser.

scottgus1 wrote:I should point out a couple more things: Virtualbox is primarily for running more than one operating system on one computer. It is not marketed as a hide-my-computer-activity program. If you are trying to keep things secret, you might want to look elsewhere.

Thanks for pointing out the "encryption" function, I tried it and the disk is unextractable. I guess the major problem is that the data whole leak itself, it's fine if it's me to extract the disk when needed.