Advice Request Help with using a VM to improve my security

Please provide comments and solutions that are helpful to the author of this topic.

jetman

jetman

Level 10
Thread author
Verified
Well-known
Jun 6, 2017
473
Hi there-

I have read a few posts on this site which have suggested setting up a Virtual Machine in order to carry out banking or other financial transactions. I assume this is because the Virtual Machine machine would be less likely to be infected with malware, keyloggers etc if it is not used for day-to-day browsing.

Firstly, have I undertood this correctly ? Is it a good idea to use a Virtual Machine for these purposes ?

Secondly, are there any good tutorials or general tips on how to set up a Virtual Machine on a Windows PC ? This is not something that I have tried before and it looks relatively complicated.

Thanks for any comments or advice.
 
  • Like
Reactions: oldschool, Weebarra, Brie and 3 others
E

Eddie Morra

crezz said:
Firstly, have I undertood this correctly ? Is it a good idea to use a Virtual Machine for these purposes ?
Click to expand...
It's a good idea if you have good enough system resources for it, but bear in mind, it doesn't automatically keep you safe. If you're going to use a VM for carrying out banking transactions, use a snapshot which is clean to revert back to for each banking session. It only takes a few seconds to create and revert with one using VirtualBox or VMWare.

Unless you really need to, don't use Windows on a VM for this, it isn't necessary. Go for Linux instead... or even ChromeOS (customized Linux distribution) if you can get that to work.

You can find tutorials on YouTube for setting up a VM - they will be more than sufficient.
 
  • Like
Reactions: ChemicalB, oldschool, Weebarra and 6 others
Ink

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
If you suspect you have some unwanted adware or malware, clean install the OS. But if your main system is secure and malware-free, you should have no problems.

A VM is still susceptible to malware, phishing and scams. Linux cannot prevent phishing websites, you can however install trusted web browser extensions to flag and block them.

You get some "secure browsers", but I don't know how effective they actually are. For example; Avast Secure Browser.
 
  • Like
Reactions: Weebarra, vtqhtr413, oldschool and 2 others
shmu26

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
crezz said:
Hi there-

I have read a few posts on this site which have suggested setting up a Virtual Machine in order to carry out banking or other financial transactions. I assume this is because the Virtual Machine machine would be less likely to be infected with malware, keyloggers etc if it is not used for day-to-day browsing.

Firstly, have I undertood this correctly ? Is it a good idea to use a Virtual Machine for these purposes ?

Secondly, are there any good tutorials or general tips on how to set up a Virtual Machine on a Windows PC ? This is not something that I have tried before and it looks relatively complicated.

Thanks for any comments or advice.
Click to expand...
I don't really agree with the whole idea of banking in a VM. Why? Because it is inconvenient and resource-hogging to fire up a special VM every time you want to access a financial site. You would only do such a thing if you suspected that your system is infected.
Better to put your efforts into protecting your system from infection in the first place, otherwise you are just swatting flies, to which there is no end. The flies just keep on coming, if you have holes in your screens.
Slap a good default-deny solution on your system, and you won't have to worry about flies.
 
  • Like
Reactions: ChemicalB, Weebarra, vtqhtr413 and 2 others
oldschool

oldschool

Level 82
Verified
Top Poster
Well-known
Mar 29, 2018
7,102
shmu26 said:
I don't really agree with the whole idea of banking in a VM. Why? Because it is inconvenient and resource-hogging to fire up a special VM every time you want to access a financial site. You would only do such a thing if you suspected that your system is infected.
Better to put your efforts into protecting your system from infection in the first place, otherwise you are just swatting flies, to which there is no end. The flies just keep on coming, if you have holes in your screens.
Slap a good default-deny solution on your system, and you won't have to worry about flies.
Click to expand...

I tend to agree. It's kind of ironic that the some people who either advocate or use VMs for banking are often the same people who see others as paranoid or who have overkill configurations. But, hey, whatever floats your boat!
 
  • Like
Reactions: ChemicalB, Weebarra, vtqhtr413 and 2 others
shmu26

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
Brie said:
i read that dual booting windows and linux makes both operating systems unstable.
Click to expand...
The real problem is getting the boot process itself to work right. They use different booters, which don't always like each other. But once the operating systems start, they work fine.
 
  • Like
Reactions: Weebarra, bribon77 and oldschool
shmu26

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
crezz said:
Thanks for all the helpful comments.

Some of you refer to using Default Deny solutions within Windows.

What are good examples of this ? Is Kaspersky Trusted Applications Mode and example ? Are there any others ?
Click to expand...
Some default deny solutions of the anti-exe type:
1 EXE Radar Pro
2 ReHIPS
3 VoodooShield
4 Comodo Firewall

Some default deny solutions of the Software Restriction Policy type:
1 Hard_Configurator
2 AppGuard

Hybrid:
1 Kaspersky TAM
2 Avast hardened/aggressive mode
 
  • Like
Reactions: ChemicalB, askmark, Gandalf_The_Grey and 3 others
C

ChemicalB

Level 8
Verified
Sep 14, 2018
360
You can use a clean virtual machine with just the operating system, a browser and above all: using it only and exclusively for the home banking, so once you finish what you need to do in the website of your bank, Log Off and shutdown of the virtual environment.
I think that is the best solution but just a bit paranoid.
 
  • Like
Reactions: ng4ever, Weebarra, shmu26 and 2 others

Similar threads

Shadowra
    • Like
    • +Reputation
    • Applause
App Review Bkav Pro Internet Security
Replies
14
Views
1,423
Video Reviews - Security and Privacy
ForgottenSeer 103564
F
Shadowra
    • +Reputation
    • Like
    • Thanks
App Review ArcaBit Internet Security 2024
Replies
4
Views
868
Video Reviews - Security and Privacy
Trident
Trident
Shadowra
    • +Reputation
    • Like
    • Thanks
App Review Huorong Internet Security v6 BETA
Replies
17
Views
1,382
Video Reviews - Security and Privacy
Mark484
M

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top