On 28/04/14 12:00, Chris Walker alug_cdw@the-walker-household.co.uk wrote:
I've just downloaded and installed a copy of Robolinux on a spare desktop machine. It says that it's a replacement for Windows XP as it will keep the Windows stuff secure without fear of a virus or malware.
I paid a few dollars for the basic version as I thought I would be able to configure the XP stuff myself. But it seems they want me to pay for more of it first.
But then the thought occurred to me that I might be able to do all this stuff with VirtualBox anyway. This is the link to the info about the secure bit - http://www.robolinux.org/stealth-vm-info/
There's a video on the site showing how a virus attacks the VM. What I find more than a little annoying is that it says I can do this for free and yet there's no way to get past the donation page.
The question remains though. Is this special software or simply a cunning bit of configuration of a virtual machine on the part of Robolinux?
Interesting - not looked at Robolinux before. I fear making claims such as: "A Windows keylogger, virus or malware cannot attack a native Linux application." and "Windows Viruses and Malware do NOT attack Linux file systems." is just asking for trouble - I can hear the shouts of 'Challenge accepted!' already :-/
Many virii already detect VM environments and self-destruct to avoid the reverse engineering teams who study them, it's only a short step from there to breaking out of the VM via it's 'convenience features' such as drag/drop file transfer, guest-based tools, file shares and clipboard support to infect the host.. game over. Made easier with robolinux using the popular VirtualBox platform too.
I've just spent half an hour trying to find their source code: given it's largely built on a GPL Debian base they are obliged to publish their code under GPL too - nothing found. So I've asked on their official support forum if they are open source or not - if they admit to not I'll shop 'em to gpl-violations.org, if they are, I'll ask for the code and notify gpl-violations.org anyway.
Phil (in hacker/legal mode today!)
Hi Phil,
Under the About Robolinux section, they have stated "Robolinux is open source software" so if they try to say they're not then that's a BIG problem.
Like you, I have been unable to find the source code nor any mention of which GPL version they use and this makes me very twitchy, especially given that it looks like (might be misunderstanding this bit) they're passing on dodgy XP licences as part of their Stealth VM.
I'd be interested to hear the results of your requests, as this does look a bit strange! On 28 Apr 2014 22:32, "Phil Ashby" phil.alug@ashbysoft.com wrote:
On 28/04/14 12:00, Chris Walker alug_cdw@the-walker-household.co.uk wrote:
I've just downloaded and installed a copy of Robolinux on a spare desktop machine. It says that it's a replacement for Windows XP as it will keep the Windows stuff secure without fear of a virus or malware.
I paid a few dollars for the basic version as I thought I would be able to configure the XP stuff myself. But it seems they want me to pay for more of it first.
But then the thought occurred to me that I might be able to do all this stuff with VirtualBox anyway. This is the link to the info about the secure bit - http://www.robolinux.org/stealth-vm-info/
There's a video on the site showing how a virus attacks the VM. What I find more than a little annoying is that it says I can do this for free and yet there's no way to get past the donation page.
The question remains though. Is this special software or simply a cunning bit of configuration of a virtual machine on the part of Robolinux?
Interesting - not looked at Robolinux before. I fear making claims such as: "A Windows keylogger, virus or malware cannot attack a native Linux application." and "Windows Viruses and Malware do NOT attack Linux file systems." is just asking for trouble - I can hear the shouts of 'Challenge accepted!' already :-/
Many virii already detect VM environments and self-destruct to avoid the reverse engineering teams who study them, it's only a short step from there to breaking out of the VM via it's 'convenience features' such as drag/drop file transfer, guest-based tools, file shares and clipboard support to infect the host.. game over. Made easier with robolinux using the popular VirtualBox platform too.
I've just spent half an hour trying to find their source code: given it's largely built on a GPL Debian base they are obliged to publish their code under GPL too - nothing found. So I've asked on their official support forum if they are open source or not - if they admit to not I'll shop 'em to gpl-violations.org, if they are, I'll ask for the code and notify gpl-violations.org anyway.
Phil (in hacker/legal mode today!)
main@lists.alug.org.uk http://www.alug.org.uk/ http://lists.alug.org.uk/mailman/listinfo/main Unsubscribe? See message headers or the web site above!
Their marketing suggests their unique feature is their 'VM installer', which I'm guessing is some sort of wrapper/setup GUI for VirtualBox. Maybe it makes it easy to say 'that's my Windows partition... go!' which I found less than straightforward when I tried a few years ago. And maybe it has a GUI around doing a gz of your image file (/partition?) for backups.
If that's not unique to them and it's a tool available in other distros then as far as I can see their distro is pointless.
If they wrote it then that's probably what they justify charging for.
If it's just an included app then it's separate from standard Debian and they should probably be careful to claim Robolinux is 'based on' GPLed software but the 'entire thing' isn't GPLed. Similar to including a GPLed library as a component in your proprietary app. And RHEL.
I think...?
Neil
On 28/04/2014 23:10, Paul Lenton wrote:
Hi Phil,
Under the About Robolinux section, they have stated "Robolinux is open source software" so if they try to say they're not then that's a BIG problem.
Like you, I have been unable to find the source code nor any mention of which GPL version they use and this makes me very twitchy, especially given that it looks like (might be misunderstanding this bit) they're passing on dodgy XP licences as part of their Stealth VM.
I'd be interested to hear the results of your requests, as this does look a bit strange!
On 28 Apr 2014 22:32, "Phil Ashby" <phil.alug@ashbysoft.com mailto:phil.alug@ashbysoft.com> wrote:
On 28/04/14 12:00, Chris Walker <alug_cdw@the-walker-__household.co.uk <mailto:alug_cdw@the-walker-household.co.uk>> wrote: I've just downloaded and installed a copy of Robolinux on a spare desktop machine. It says that it's a replacement for Windows XP as it will keep the Windows stuff secure without fear of a virus or malware. I paid a few dollars for the basic version as I thought I would be able to configure the XP stuff myself. But it seems they want me to pay for more of it first. But then the thought occurred to me that I might be able to do all this stuff with VirtualBox anyway. This is the link to the info about the secure bit - http://www.robolinux.org/__stealth-vm-info/ <http://www.robolinux.org/stealth-vm-info/> There's a video on the site showing how a virus attacks the VM. What I find more than a little annoying is that it says I can do this for free and yet there's no way to get past the donation page. The question remains though. Is this special software or simply a cunning bit of configuration of a virtual machine on the part of Robolinux? Interesting - not looked at Robolinux before. I fear making claims such as: "A Windows keylogger, virus or malware cannot attack a native Linux application." and "Windows Viruses and Malware do NOT attack Linux file systems." is just asking for trouble - I can hear the shouts of 'Challenge accepted!' already :-/ Many virii already detect VM environments and self-destruct to avoid the reverse engineering teams who study them, it's only a short step from there to breaking out of the VM via it's 'convenience features' such as drag/drop file transfer, guest-based tools, file shares and clipboard support to infect the host.. game over. Made easier with robolinux using the popular VirtualBox platform too. I've just spent half an hour trying to find their source code: given it's largely built on a GPL Debian base they are obliged to publish their code under GPL too - nothing found. So I've asked on their official support forum if they are open source or not - if they admit to not I'll shop 'em to gpl-violations.org <http://gpl-violations.org>, if they are, I'll ask for the code and notify gpl-violations.org <http://gpl-violations.org> anyway. Phil (in hacker/legal mode today!) _________________________________________________ main@lists.alug.org.uk <mailto:main@lists.alug.org.uk> http://www.alug.org.uk/ http://lists.alug.org.uk/__mailman/listinfo/main <http://lists.alug.org.uk/mailman/listinfo/main> Unsubscribe? See message headers or the web site above!
main@lists.alug.org.uk http://www.alug.org.uk/ http://lists.alug.org.uk/mailman/listinfo/main Unsubscribe? See message headers or the web site above!
No virus found in this message. Checked by AVG - www.avg.com http://www.avg.com Version: 2014.0.4570 / Virus Database: 3931/7408 - Release Date: 04/28/14
Well, my question on the robolinux discussion group asking if it's open or closed source has been removed by the project admin without answer. Less than helpful, and makes me more suspicious than ever.
Now following up with sourceforge admins and GPL violations people.
Phil.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Interesting.
Going back to the original question, I was thinking yesterday that for belt and braces you could always run a potentially vulnerable (in this case Win XP) VM from within a Linux container or chroot jail.
On 29 April 2014 21:05:02 BST, Phil Ashby phil.alug@ashbysoft.com wrote:
Well, my question on the robolinux discussion group asking if it's open
or closed source has been removed by the project admin without answer. Less than helpful, and makes me more suspicious than ever.
Now following up with sourceforge admins and GPL violations people.
Phil.
main@lists.alug.org.uk http://www.alug.org.uk/ http://lists.alug.org.uk/mailman/listinfo/main Unsubscribe? See message headers or the web site above!
- -- Sent from my Android device with K-9 Mail. Please excuse my brevity.
On Wed, 30 Apr 2014 07:53:07 +0100 Ewan Slater ewan.slater@googlemail.com wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Interesting.
Going back to the original question, I was thinking yesterday that for belt and braces you could always run a potentially vulnerable (in this case Win XP) VM from within a Linux container or chroot jail.
I'd never heard of such a thing so I've just looked that up. I see that Oracle show the details here - http://docs.oracle.com/cd/E37670_01/E36387/html/ol_cj_sec.html so I might have a crack at that for XP VBox setup.
Is there anything else I should think about to protect not only my linux machine but the VBox setup too?
On Wed, 30 Apr 2014 12:43:35 +0100 Chris Walker alug_cdw@the-walker-household.co.uk wrote:
On Wed, 30 Apr 2014 07:53:07 +0100 Ewan Slater ewan.slater@googlemail.com wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Interesting.
Going back to the original question, I was thinking yesterday that for belt and braces you could always run a potentially vulnerable (in this case Win XP) VM from within a Linux container or chroot jail.
I'd never heard of such a thing so I've just looked that up. I see that Oracle show the details here - http://docs.oracle.com/cd/E37670_01/E36387/html/ol_cj_sec.html so I might have a crack at that for XP VBox setup.
Is there anything else I should think about to protect not only my linux machine but the VBox setup too?
A followup to this in case anybody else is considering doing it and that's this site - https://www.virtualbox.org/wiki/Setup_Jail
What concerns me here is the last line where it says "Oh yeah, you'll also want to add root into the vboxusers group, since that's what VirtualBox will actually run as:"
Should I be concerned about that, or not?
On 30/04/14 12:43, Chris Walker wrote:
On Wed, 30 Apr 2014 07:53:07 +0100 Ewan Slater ewan.slater@googlemail.com wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Interesting.
Going back to the original question, I was thinking yesterday that for belt and braces you could always run a potentially vulnerable (in this case Win XP) VM from within a Linux container or chroot jail.
I'd never heard of such a thing so I've just looked that up. I see that Oracle show the details here - http://docs.oracle.com/cd/E37670_01/E36387/html/ol_cj_sec.html so I might have a crack at that for XP VBox setup.
Is there anything else I should think about to protect not only my linux machine but the VBox setup too?
I've never actually done this myself, so I'm speculating. Hope my speculation is useful.
How does Windows XP get viruses? 1) Installing programs voluntarily. So, if you can, always run XP in a user account that doesn't have administrative permission to install programs.
2) Inadvertently by a) Email so if you can, don't give it access to send or receive emails. Use a firewall to block email ports for the virtual machine
2b) Internet browsers/compromised websites so if you can, prevent internet access for the virtual machine.
3) Remote "Attack" via any open ports, samba shares, Plug n Play so Windows firewall it Linux Firewall it Minimise the amount of shared folders/files it has access to
and: Windows Anti-virus it. Don't allow Windows to run anything you don't need to run On Windows, Uninstall things you don't need
Steve
-
Chris Walker -
Ewan Slater -
Neil Sedger -
Paul Lenton -
Phil Ashby -
steve-ALUG@hst.me.uk