hi. if i install a linux guest on windows host in a virtualised environment (qemu for example), will any malware that might already exist on the windows host have access to the virtualised linux, or will the new virtualised environment be safe?

for example, if the host have some malware that i am not aware of that tracks keystrokes, will any password i type in a browser in the virtualised linux be vulnerable?

thanks

While I don't grok Windows like I grok Linux virtualization services like QEmu, VMware, etc, etc depend on services and drivers loaded by the OS so given that interception and subversion in Windows can occur in different places and at different levels so my answer to that is "it depends". If you would for example have a password-stealing trojan loaded in Windows and you would have installed say Joomla in QEmu then accessing the guest over FTP might leech your credentials. Likewise if you would have a keylogger installed key sequences are still routed like physical keyboard -> Windows keyboard driver -> OS -> virtualization service -> guest. So IMHO this essentially is not a Linux but a Windows-related question. Additionally if your intent is to "have something safe" on a known infested host then I'd suggest you don't proceed but clean up the host instead.

1 members found this post helpful.

thanks for the reply unSpawn.
i do appreciate that the situation i am describing is far from ideal.
the reason i am proceeding with this line of thinking is that i do not know how to verify that a windows machine is clean, and i was wondering if i can create a relatively malware free environment for activities such as internet shopping by setting up a virtualised linux in qemu on windows host. i am aware of the fact that simply running linux is a much better solution. this is what i do on my own machines. but i have some family members that only use windows, so i am trying to make things safer.

If they're accustomed to using Windows then Linux might just be alien to them. Windows can be hardened to some extent, remove Java, remove Adobe or Macromedia PDF viewer, avoid web, email and such natively provided applications, choose anti-malware and antivirus tools, make backups, if you have a spare machine you could set it up as a scanning proxy (HAVP?) and allow them access to it but most of all it's behavioral discipline: set to update everything automatically and don't visit / click anything that is highly attractive in a "too good to be true" way or dodgy.

1 members found this post helpful.

The vm is no more at risk than any other lan connected computer for the most part.

It is generally considered to be safe running a linux VM on a windows host. The same issues that plague any system is the way malware can access OS's. Since you don't have tools like guest additions in qemu it is safe from some attacks. Qemu does allow you to mount a sub directory that could expose the OS to some harm.

A more secure way may be to boot to a live cd/dvd that doesn't mount the hard drive. I am not sure if this has been attacked yet but may be one of the more secure ones. http://www.spi.dod.mil/lipose.htm

1 members found this post helpful.

Can you get enough disk space to dual boot Linux instead? That should avoid most MS nasties?
If its only basic stuff like shopping/banking, you shouldn't need very much disk space.

1 members found this post helpful.

thanks all for your replies.

i am going to stick with the vm solution as internet kiosk only.
if i understand correctly, this should avoid many of the threats that the windows host might be exposed to. better then nothing.
as for dual boot and live solutions, even though they are much better, i want to keep it as simple as possible for the users, as my family are not used to anything beyond basic windows use.