Virtualization as security

Virtual computer, real security

There are many ways to keep your computer secure. Your own behavior affects it a lot and we at F-Secure are happy to help protecting you with our products. But there are also many tools that can improve your security even if that wasn’t their initial purpose. Melissa and Sean described how you can use separate browsers to lower the risk for human errors. Virtualization is another technology that can improve security as a side effect. It’s a like the separate browsers idea, but takes it a lot further. Read on to learn more.

Virtualization in computing means to simulate something with software. What we talk about here is to create a whole virtual computer inside a real computer. It’s complex under the hood, but there are luckily easy products that can be used by almost anyone. This technology is by the way used extensively in the software industry. Huge number of virtual computers can be used to process data or test software. A large portion of the Internet is also provided by virtual servers.

But how can this improve my security? Most malware is made for profit and interfering with your on-line banking is a common payload. But what if you run your on-line banking on a separate computer? Buying another machine costs money and consumes space, but that can be solved by using a virtual computer instead. That virtual machine would only be used for banking, nothing else. A malware infection could happen if your guard is down and you open a malicious file in the mail. Or surf to a site witch is infected with a drive-by download. Both cases could infect your real computer, but the malware can’t see what you are doing with the bank inside the virtual machine. One could also use the opposite strategy. Use a virtual machine when doing something risky, like looking for downloads on shady servers. A previously made snapshot can easily be restored if something bad hits the virtual machine.

An additional benefit is that this gives you an excellent opportunity to play around with different operating systems. Install Linux/Windows/OS X just to become familiar with them. Do you have some hardware which driver won’t work in your new machine? No problem, install a virtual machine with an older operating system.

OK, sounds like a good idea. But can I do it? Here’s what it takes.

  1. You need a fairly new and powerful computer. Especially the amount of RAM memory is critical. You are usually OK with 8 GB, but more is desirable. This is probably a bad idea if you have less. (This depends a lot on what operating system you are running and what you want to run in the virtual machines.)
  2. You need to download and install a virtualization product. Two good alternatives are VirtualBox by Oracle (free) and VMWare Player by VMWare (free for personal use).
  3. You need to have an installation media for the operating system you want to run in the virtual machine. This is easy for Linux as you can download the installer freely from the net. Hint: Google: download linux.
  4. You need to know how to install an operating system. This is not as nerdy as it sounds. Modern operating systems have easy installers that most people are able to use. And don’t worry if you make a mistake. It’s just a virtual machine and you can go back to the beginning at any time without losing anything (except some time).

I’m not going to provide detailed instructions for this. That depends too much on which virtualization product and operating system you use. And it would beside that be like reinventing the wheel. You will find plenty of step-by-step instructions by Googling for what you want to do, for example “install Linux in VirtualBox”.

But for your convenience, here’s an overview of the process.

  1. Select one of the virtualization products and ensure that your computer meets its system requirements.
  2. Download and install the virtualization product.
  3. Ensure that you have an installation media for the operating system you want to use and any keycodes etc. that may be needed during installation. The media can be a physical disk or USB-memory, or a disk stored as an image file. The virtualization software can mount disk image files as a device in the virtual machine and there’s no need to burn a disk for this purpose.
  4. Now follow the instructions you found on the net. They will help you create the virtual machine, mount the installation media in it and go through the operating system installation.
  5. After this you can use the virtualization product’s console to start the virtual machine when needed. It shows up full-screen or in a window depending on the settings. Inside it you can do what you want, install programs surf the net, etc.
  6. For the banking virtual computer you just need to install the browser of your choice, make sure it’s updated and patched and make your bank the home page. Don’t install anything else unless it really is needed for the banking connection and don’t use this virtual machine for anything else.
  7. You can create multiple virtual machines, but be careful if you try to run them at once. Your computer may not have what it takes. As said, RAM memory is the critical resource here.

Safe surfing,

Edited to add: It is of course a good habit to exercise the same basic security measurements inside virtual machines as in real computers. Turn on the operating system’s update function, install your anti-virus program and make sure your browser is kept up to date. Doing just banking with the virtual machine reduces the risk a lot, but this is good advice even in that case. And needless to say, the virtual machine’s armor is essential if you use it for high-risk tasks. Thanks Dima for providing feedback.

More posts from this topic

brain floppy, scanning engines, malware scanning

5 Ways We Stop Cyber Attacks In Their Tracks

See that floppy disc? That's how F-Secure Labs used to get malware to analyze. Nowadays, of course, it's much different, Andy Patel from the Labs explained in a recent post, "What's The Deal with Scanning Engines?" In just a few hundred words, Andy lays out what makes modern protection so different from the anti-virus that you remember from the 80s, 90s or even the early 00s. And it's not just that floppy disks the Labs once analyzed have been replaced by almost any sort of digital input, down to a piece of memory or a network stream. The whole post is worth checking out if you're interested in how relentless modern internet security must be to keep up with the panoply of online threats we face. But here's a quick look at five of the key components of endpoint protection that work in tandem to stop attacks in their tracks, as described by Andy: Scanning engines. Today’s detections are really just complex computer programs, designed to perform intricate sample analysis directly on the client. Modern detections are designed to catch thousands, or even hundreds of thousands of samples. URL blocking. Preventing a user from being exposed to a site hosting an exploit kit or other malicious content negates the need for any further protection measures. We do this largely via URL and IP reputation cloud queries. Spam blocking and email filtering also happen here. Exploit detection. If a user does manage to visit a site hosting an exploit kit, and that user is running vulnerable software, any attempt to exploit that vulnerable software will be blocked by our behavioral monitoring engine. Network and on-access scanning. If a user receives a malicious file via email or download, it will be scanned on the network or when it is written to disk. If the file is found to be malicious, it will be removed from the user’s system. Behavioral blocking. Assuming no file-based detection existed for the object, the user may then go on to open or execute the document, script, or program. At this point, malicious behavior will be blocked by our behavioral engine and again, the file will be removed. The fact is, a majority of malware delivery mechanisms are easily blocked behaviorally. In most cases, when we find new threats, we also discover that we had, in the distant past, already added logic addressing the mechanisms it uses.If you're interested in knowing more about behavioral engines, check out this post in which Andy makes then easy to understand by comparing the technology to securing an office building. So you must be wondering, does this all work? Is it enough? Well, our experts and our computers are always learning. But in all the tests this year run by independent analysts AV-Comparatives, we’ve blocked 100% of the real-world threats thrown at us. Cheers, Jason  

May 24, 2016
Sports Cartoon

3 Easy Steps to Stream your Favorite Sports Events, Wherever you are

It’s going to be a busy month for sports lovers from all corners of the world. Hockey fans are currently being treated to both the NHL playoffs and the IIHF world cup, and the coming month will see things like the Champions League final, the US Masters, the NBA playoffs, and to top it all off, the European Championships in football. This presents a problem for many of us. Particularly during the summer, we travel a lot and just might be unable to find a TV screen showing our favorite events. So does this mean we have to miss Kevin Durant sink yet another 3-pointer or be content with next-day highlights of the CL final between Real and Atletico? Thankfully not! The internet allows us to stream games online and watch your favorite matches anywhere, whether at home or under a beach umbrella. Unfortunately, your excitement can often be hindered by messages like “Sorry, this content is unavailable in your country.” This is known as geo-blocking, where the services check your IP address (the unique address of your device) and only allow access if it is located in a specific country. The obvious solution then is to change your IP address to a country where you can access the service. And the easiest and quickest way to do this is with a VPN. How Freedome VPN works The way VPNs work is very simple. Instead of connecting to the internet directly, a VPN first directs your traffic into a secure and private tunnel. The rest of the web won’t see where your traffic enters the tunnel, making your real location and IP address hidden. A VPN like Freedome also lets you choose where the other end of that tunnel is, and THIS determines where any website will think you are. Pretending to be virtually in another country is that simple! How to use Freedome VPN to stream sports Follow these simple instructions to watch your favorite sports live everywhere! Download and install Freedome VPN In the Freedome app, tap the location at the bottom of the screen, and choose your home country where the stream you want to see is available Navigate to the website of the streaming service or search for a legal live stream of the sports event online If on a mobile device, remember to turn “location” off, as some websites use this as an additional method of pinpointing your location It’s as simple as that! More about Freedome VPN Freedome is a hybrid VPN, available for both mobile and desktop platforms. In addition to letting users access content restricted to other countries, it protects your anonymity from websites you visit, and prevents even your internet service provider from snooping on your online activities. There are even a few features lacking in other VPN products, such as automatic blocking of intrusive tracking by advertisers, and protection from malicious websites. Get Freedome from our website to enjoy unrestricted access to the internet while protecting your privacy on the side!

May 16, 2016
Customer Day F-Secure

Customer Day at F-Secure: Technology Enables, Feelings Live

The Internet is pretty cool. You can use it to learn about things happening all over the world. You can start your own blog or social media account to share your views and speak up about the things you care about. You can stay in touch with people that live far away. It’s really all about connecting people, and it’s changed how people live their lives. The odd thing about all this connecting is that it's surprisingly easy to become disconnected from actual people. Spending time in front of a computer screen, especially when working in roles that involve lots of engineering or programming, can put people out of the picture. All too often, things get reduced to bits and pieces of information. People are what’s important to companies. Not just employees, but all the people involved with a business. And many companies say that the customer is #1, but they’ll have employees who never interact with the people they’re serving. So in this era of hyper connectivity, it’s easy for companies and employees to lose touch with the people that are actually paying their salaries. So Donal Crotty, F-Secure’s Director of Customer Advocacy, started a new tradition in 2015 to celebrate how we feel about customers, give them an opportunity to candidly share their views on the company with the Fellows that work here, and learn more about the company and the people that help make it a success. It’s called Customer Day. “Not everyone at F-Secure has the pleasure of actually meeting the people they’re trying to help,” says Donal. “It’s just the nature of some jobs. But it’s a real shame, because all the metrics and analytical tools companies use to gauge how happy or unhappy customers actually are simply aren’t enough. Numbers and data are no replacement for people, and that’s what Customer Day is for.” So today is the 2nd annual Customer Day at F-Secure (#fscustomerday16 on Twitter). And here at our Helsinki headquarters, as well as several of our regional offices around the world, Fellows and customers are coming together to connect with each other and learn more about the people and products. And have a bit of fun too. “IT companies will often say that they’re about people and not technology. But I’m not sure how many of them actually make the effort to put the people that build products and provide behind the scenes services in front of customers” says Donal. “We, as in people in companies, talk about customer experience, but it takes something more than just talking about it to make it meaningful. I like to think of it as a type of feeling. Our technology enables, but the feeling we give to customers is what we want them to live with.” Images provided by Bret Pulkka-Stone.

May 13, 2016