[ale] what happens to vm if host reboots
Jim Kinney
jim.kinney at gmail.com
Mon Feb 18 08:00:40 EST 2013
On Feb 16, 2013 10:48 PM, "Ron Frazier (ALE)" <
atllinuxenthinfo at techstarship.com> wrote:
>
> comments inline
>
> Phil Turmel <philip at turmel.org> wrote:
>
> >Hi Ron,
> >
> >On 02/16/2013 10:03 AM, Ron Frazier (ALE) wrote:
> >> Hi JD, Phil T, and Jim K, and others,
> >>
> >> Thanks for the prior responses to this. I thought I'd post a small
> >> update. For now, I've just disabled automatic patch installation for
> >> the PC in question. Maybe later, I can figure out how to have the VM
> >> shut down properly before the host shuts down. When I went back to
> >> the virtualbox control panel on the host pc after the forced reboot,
> >> the status said the VM had been aborted. That didn't sound good. The
> >> VM rebooted OK and the virtual HDD seems OK. But, I obviously want
> >> to avoid such aborts.
> >>
> >> The questions of why run Windows, or run Windows in a VM on a Linux
> >> host are valid questions. In this group, I wouldn't expect anyone to
> >> be endorsing Windows, nor would I try to convince you to run it.
> >> However, I thought I'd provide a bit of explanation of my scenario.
> >
> >In any normal human environment, I'd let this go by. But you are
> >addressing this to the Atlanta Linux *Enthusiasts* mailing list.
> >Pointed commentary to follow:
> >
>
> So, ALE people are not normal humans. 8-)
> No one ever accused the group of being the Friendly Atlanta Linux
Enthusiasts. 8-)
>
> I run and study Linux a good portion of the time. In that regard, I'm a
Linux Enthusiast too.
>
> >> I've been running Windows ever since it was invented. Since long
> >> before, in my opinion, Linux on the desktop had a viable gui and
> >> maintenance and installation routine for the AVERAGE user. Since
> >> Ubuntu came about in 2006 or so, and particularly, more recently,
> >> Linux on the desktop is much more viable for the average user. I
> >> consider myself above average in terms of technology. However, I do
> >> prefer a nice GUI and minimal hassle installing and maintaining a
> >> system. Modern Linux desktops are an acceptable replacement for
> >> Windows in most cases. However, I reference my recent thread when I
> >> was complaining about lack of control over my experience I get on
> >> things like Unity and Windows 8.
> >
> >Your history with Windows is certainly not unique--I also have used
> >Windows since it was introduced, and have used MS-DOS since *before*
> >the
> >IBM PC (Zenith beat IBM to market by a few months--I used MS-DOS 1.0
> >aka
> >Z-DOS on a Heath/Zenith Z-100). Making claims like this has no bearing
> >on the merits of the case.
> >
> >http://en.wikipedia.org/wiki/Argument_from_authority
>
> It has bearing on my motives to run Windows. It also has bearing on the
fact that, until about 2006, there were no really viable Linux Desktop
alternatives, in my opinion.
WTF!? As a Linux user since 1992, it has ALWAYS had a viable desktop! It
has typically had 3 or 4 to choose from.
Opinion is not fact .
Sorry for not trimming out most of this. Got a new phone running jelly bean
and can find the secret editing sauce.
>
> >
> >> The fact is, Windows 7 does 100% of what I want a PC to do, since
> >> everything out there is designed to be compatible with it. My Linux
> >> situation is in flux, since I'm in the process of firing Ubuntu and
> >> moving to Mint. Yes, I know it's Ubuntu under the covers. Anyway,
> >> my experience with Ubuntu 11.04 and with the Mint Live DVD's
> >> indicates that Linux does about 85% - 90% of what I want a PC to do.
> >
> >But you admit below that security concerns are bothering you--so
> >Windows
> >is *not* doing 100% of what you want. You are separating "security"
> >from the tasks you are using the PC to accomplish. In my opinion, if
> >the task isn't being conducted securely, it cannot be considered 100%
> >satisfactory.
>
> Everything I do is as secure as it can be under the circumstances.
Whether I'm running Linux or Windows, I keep the OS patched. I run a
software firewall. And, I'm sitting behind 2 hardware firewalls. If I'm
in public, I'm running a VPN. My main security concerns do not relate to
the fact that I'm running Windows, and, in fact, I would have most of the
same concerns if running Linux. Let's compare. Almost every primary
attack vector nowdays is related to things you potentially invite into the
computer via the web browser or email or a website or a document. The
attacks that can spontaneously penetrate a firewalled and patched computer
remotely without some invitation in the door are more rare now.
>
> As I quickly learned at a DC404 meeting today, I will stipulate that if
the cracker has physical access to your PC, you're toast. So, let's assume
he doesn't have that access.
>
> Concern 1: Java - Applies to Windows and Linux.
> Windows Solution: Deinstall it, although I'm considering running a VM
just for a couple of things that have to have it.
> Linux Solution: Haven't figured out how to deinstall it. Control it best
I can with NoScript.
> Winner: Windows
>
> Concern 2: Javascript - Applies to Windows and Linux.
> Windows Solution: Control with NoScript - except sites that have to have
it, like the bank.
> Linux Solution: Control with NoScript.
> Winner: Tie
>
> Concern 3: Malicious Flash - Applies to Windows and Linux.
> Windows Solution: Keep flash up to date. Selectively trust sites with
NoScript.
> Linux Solution: Keep flash up to date. Selectively trust sites with
NoScript.
> Not using flash is not a very viable option, since too many sites depend
on it.
> Winner: Tie
>
> Concern 4: Malicious PDF - Applies to Windows and Linux.
> Windows Solution: Keep reader up to date. Disable java in reader and
enable enhanced security and protected mode. Possibly switch to alternate
reader.
> Linux Solution: Keep reader up to date. Disable java in reader and
enable enhanced security and protected mode. Possibly switch to alternate
reader.
> Winner: Tie
>
> Concern 5: Malicious DOC - Applies to Windows and Linux.
> Windows Solution: Disable Java and Visual Basic in LibreOffice. Set
Macro Security to high.
> Linux Solution: Disable Java and Visual Basic in LibreOffice. Set Macro
Security to high.
> Winner: Tie
>
> Concern 6: Malicious HTML, HTML5 - Applies to Windows and Linux.
> Windows Solution: Keep Firefox up to date. Control with NoScript.
> Linux Solution: Keep Firefox up to date. Control with NoScript.
> Winner: Tie
>
> Concern 7: Inserting a contaminated USB, CD, DVD - Applies to Windows and
Linux.
> Windows Solution: Tell PC not to ever do anything automatically when
media is inserted. Be very careful about what media you insert.
> Linux Solution: Tell PC not to ever do anything automatically when media
is inserted. Be very careful about what media you insert.
> Winner: Tie
>
> Concern 8: Clicking links in email acts as a vector for nasties. -
Applies to Windows and Linux
> Windows Solution: Verify trustworthy source before clicking links in
email. Verify the destination of the link. Be very reluctant to click
such things. Don't click executables. Turn off automation in email client.
> Linux Solution: Verify trustworthy source before clicking links in email.
Verify the destination of the link. Be very reluctant to click such
things. Don't click executables. Turn off automation in email client.
> Winner: Tie
>
> Concern 9: Playing malicious media files. - Applies to Windows and Linux.
> Windows Solution: Be very particular about where you get your LEGAL and
reputable media files.
> Linux Solution: Be very particular about where you get your LEGAL and
reputable media files.
> Winner: Tie
>
> Concern 10: Executable viruses - Could apply to Windows or Linux, but I
will admit they are far more pervasive on Windows.
> Windows Solution: Don't do things that let questionable EXE's in the
system. Have batch virus scanners and real time virus scanners. Keep the
system updated and the virus scanner updated. Windows virus scanners are
much more sophisticated than Linux ones.
> Linux Solution: Don't do things that let questionable EXE's in the
system. Have batch virus scanners and real time virus scanners. Keep the
system updated and the virus scanner updated. Linux virus scanners are
much less sophisticated than Windows ones. It is PROBABLE that, if a virus
is encountered, that it was designed for Windows; and it is POSSIBLE, but
far from guaranteed, that it will not run on Linux. Linux is not immune to
viruses. No OS is. As it becomes more popular, it will become a much
bigger target.
> Winner: Linux
>
> Concern 11: Patches to the system are not kept up to date, or components
are not kept up to date. - Applies to Windows and Linux.
> Windows Solution: Patch Windows and system components every month
minimally, or every week preferably, or whenever a critical patch is
released.
> Linux Solution: Patch Linux and system components every month minimally,
or every week preferably, or whenever a critical patch is released.
Because, in most cases, all system applications are updated automatically,
patching is easier in Linux. This is a mixed bag of pros and cons. I've
had patches break things automatically on a few occasions. That can happen
on Windows too. Sometimes, for example, waiting on the Firefox updates
from the Ubuntu repositories, you don't get the latest stuff for quite a
while. In my experience, Linux patches occur with equal volume and more
frequency than Windows. Installing patches every day, should I choose to
do so, can be quite a bother.
> Winner: Linux
>
> Concern 12: Need a software firewall. Need a VPN if in public. -
Applies to Windows or Linux.
> Windows Solution: Configure and activate the Windows Firewall.
Configuration is much easier on Windows.
> Linux Solution: Configure and activate a Linux Firewall. Example: use
FireStarter to configure iptables.
> Winner: Tie
>
> As you can see, all 12 concerns I have related to security are applicable
to both Windows and Linux. I feel slightly safer with Linux, but only
slightly. I have slightly less work to do to be safe under Linux, but only
slightly.
>
> I am about as safe running Windows, the way I do so, as I would be
running Linux. In order to use safety as a justification for switching
everything I do primarily to Linux, the benefits must outweigh the hassles
of doing so. At this moment, they do not.
>
> >
> >> The main areas where Linux falls short are the devices I attach to
> >> these PC's, which often, work only with Windows to have all of their
> >> functionality. Some require Windows to have any functionality.
> >> These include an automotive GPS, ebook reader, weather display
> >> device, and a scanner. Also, the machines associated with and
> >> attached to my work table run through a vga usb kvm. One machine,
> >> when running Linux, ALWAYS mis characterizes my 1920 x 1080 external
> >> monitor and limits my screen to 1024 x 768. It drives me insane.
> >>
> >> Anyway, Windows 7 works flawlessly in all these cases.
> >
> >How is this any different from buying hardware/software packages for
> >Macs vs. Windows? You purchased devices that proclaimed Windows
> >support
> >without checking their specs or online fora for Linux support. If you
> >buy hardware for a Mac, do you expect it to plug into a Windows PC?
> >(It
> >might, but you take your chances.)
> >
> >There will always be products, services, and software that target only
> >one platform--but they are rarely unique in the market. Nearly every
> >piece of Windows software I've ever used has an alternative in both
> >MacOS and Linux. In many cases, the software alternatives are
> >file-compatible.
> >
> >As for hardware drivers, I think Linux has far surpassed all other
> >platforms. There are a few holdouts, like Nvidia, but the vast
> >majority
> >of new devices in this world get linux support first--especially
> >anything from Intel with server applications.
> >
>
> Here's the deal. As a consumer, I'm not too radically different from
most. I go into Fry's, Best Buy, Target, whatever. I find a printer, a
scanner, a video card, a router, etc. that has the features I like. I read
the box. If it works with Linux AND it has the features and the value that
I want, I buy it. If it doesn't mention Linux AND it has the features and
the value that I want, I may buy it anyway and just reconcile myself to use
it on Windows. If Linux wants to be a contender for the masses, which
proponents say it does, it needs to be compatible in the box at the place
where I'm shopping. I shouldn't have to go hunting for special gadgets so
they'll work. Note that saying "works with Linux" is not the same as
saying "supported on Linux".
>
> >> So, at this point, I still plan to run Windows as my primary system,
> >> while dual booting Linux and / or running it in a VM for learning
> >> purposes and experimentation or maintenance with things that Windows
> >> cannot do. I also don't have any licenses to install any other
> >> copies of Windows.
> >
> >If you have professional versions of Windows, you have the licenses.
> >Any bare-metal install of Win XP Pro or Win7 Pro may also be installed
> >in a VM on under any other OS, even without uninstalling the bare-metal
> >copy. (So long as you can only run one copy of each license at any
> >time.)
> >
>
> Home versions.
>
> >Anyways, I think you are crazy, and your arguments are strawmen or
> >otherwise unserious.
> >
>
> Assuming you meant that the way you said it, I think that's a cheap and
insulting shot. Comments like that do not welcome newbie and less
experienced Linux users into the group, they drive them away. The group
should welcome me as a new enthusiast if I am a user of Linux AT ALL. What
I've done thus far is far beyond what many Windows users would put up with
just to learn something new when they have no compelling reason to switch.
>
> >> I will say this, with all the exploits being revealed in Windows,
> >> Adobe, Java, etc., I am becoming more motivated to try to move to a
> >> Linux primary and Windows secondary environment.
> >
> >Numerous exploits have been exposed in Windows since its earliest days.
> >You claim to have been running it since then, but you are only *now*
> >becoming concerned? Either you aren't the above average technology
> >enthusiast you claim to be, or you have been rationalizing away your
> >concerns for years. (I'm guessing the latter, since you seem to be
> >otherwise well informed.)
> >
>
> I've been concerned since I plugged in the first network cable. I don't
believe going all Linux would make me substantially safer. See extensive
discussion above.
>
> >> However, in my case, it's not at all a simple task. I use each of my
> >> computers for different purposes.
> >
> >I too run a number of Windows-only software packages due to certain
> >industrial equipment I make my living from. Some of that involves
> >custom hardware that only has Windows drivers. Ever since USB
> >passthrough to VMs became stable some years ago, I haven't had to run
> >bare metal Windows for *anything*. Before that, I dual booted on
> >demand.
> >
> >If you are serious about converting to Linux as your primary platform,
> >don't wait--do it now with a Windows VM. Use host-shared folders for
> >your documents within the VM, so as you find suitable Linux apps, you
> >don't have to move anything.
> >
> >If you wait, you'll keep making lame excuses.
> >
>
> I'm not making excuses, and I don't need excuses. I'm doing what works
for me in the way that it works for me to meet my computing needs. I have
no intention, at this moment in time, of making Linux my primary system. I
do intend to keep running it as a secondary system, testing it, learning
it, and may convert to it once my concerns about usability and
compatibility with the things I do are solved; or if the other concerns
related to security become so large as to make me make the switch prior to
the time I might have otherwise.
>
> >Oh, and when the time comes to upgrade your hardware, and you need to
> >move your setup to another machine, you'll think you've died and gone
> >to
> >heaven. Moving a VM from one box to another is so trivial, it is the
> >only Turmel-approved way to migrate Windows.
> >
>
> That concept does sound interesting.
>
> >HTH,
> >
> >Phil
> >
> >ps. If you want to maintain some of Window's classic user interface,
> >while still getting lots of new UI goodies, try a KDE-based distro. I
> >personally use KDE on gentoo, and I strongly recommend Kubuntu to
> >friends and family.
>
> Gonna keep that one in mind. Right now, I'm committed to trying Mint 13
/ Mate.
>
> Sincerely,
>
> Ron
>
>
> --
>
> Sent from my Android Acer A500 tablet with bluetooth keyboard and K-9
Mail.
> Please excuse my potential brevity.
>
> (To whom it may concern. My email address has changed. Replying to
former
> messages prior to 03/31/12 with my personal address will go to the wrong
> address. Please send all personal correspondence to the new address.)
>
> (PS - If you email me and don't get a quick response, you might want to
> call on the phone. I get about 300 emails per day from alternate energy
> mailing lists and such. I don't always see new email messages very
quickly.)
>
> Ron Frazier
> 770-205-9422 (O) Leave a message.
> linuxdude AT techstarship.com
>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20130218/62dd0fdd/attachment-0001.html>
More information about the Ale
mailing list