Main Area and Open Discussion > General Software Discussion
When testing untrustworthy software, remember virtual machines can be escaped
Shades:
So one should be cagey?
-cranioscopical (March 20, 2017, 11:46 AM)
--- End quote ---
The "vault" at fault, you could say... :P
MilesAhead:
Amazon instances
-cranioscopical (March 20, 2017, 11:46 AM)
--- End quote ---
It may be best to use digital paper. Burn it when done. :)
cranioscopical:
So one should be cagey?
-cranioscopical (March 20, 2017, 11:46 AM)
--- End quote ---
The "vault" at fault, you could say... :P
-Shades (March 20, 2017, 08:54 PM)
--- End quote ---
You know that this will end in gridlock.
MilesAhead:
So one should be cagey?
-cranioscopical (March 20, 2017, 11:46 AM)
--- End quote ---
The "vault" at fault, you could say... :P
-Shades (March 20, 2017, 08:54 PM)
--- End quote ---
No doubt a combination of factors caused it to take a tumble.
f0dder:
While VMs can be escaped, you should keep in mind that a VM escape is an extremely valuable 0day.
So, if you get a piece of "interesting software" containing a VM escape, there's basically two scenarios:
1) you're targeted by a nation-state, YOU'RE GONNA DIE AND THERE'S NOTHING THAT YOU CAN DO ABOUT IT.
2) you're dealing with a potentially nasty piece of malware, but it's using publically-known escape techniques.
Keep your VM software up-to-date! And don't even think about using sandboxing/containerizing software for testing BadStuff.
PS: while you're not super likely to find VM-escape in the wild, it's a lot more common for malware to have VM detection - meaning it won't activate when running in a VM, so it lulls you into a false feeling of safety.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version