Linked by Thom Holwerda on Wed 28th Nov 2012 15:17 UTC
Windows "As we pass the one month anniversary of the general availability of Windows 8, we are pleased to announce that to-date Microsoft has sold 40 million Windows 8 licenses. Tami Reller shared this news with industry and financial analysts, investors and media today at the Credit Suisse 2012 Annual Technology Conference. Windows 8 is outpacing Windows 7 in terms of upgrades." Not bad, but there are the usual asterisks, as Ars notes.
Thread beginning with comment 543563
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[3]: But....
by Lennie on Thu 29th Nov 2012 15:22 UTC in reply to "RE[2]: But...."
Lennie
Member since:
2007-09-22

You do know that a virtual environment does not give any security garantees ?

It is just an other layer of extra code and (security) bugs.

Not being able to use proper encryption because of bad random seeding also is a big issue in virtual environments.

If you want some security and virtualization, then I suggest QEMU/KVM but with SELinux to contain it.

Reply Parent Score: 3

RE[4]: But....
by TemporalBeing on Thu 29th Nov 2012 18:42 in reply to "RE[3]: But...."
TemporalBeing Member since:
2007-08-22

You do know that a virtual environment does not give any security garantees ?

It is just an other layer of extra code and (security) bugs.


Yes, virtual environments have their own issues.
However, they also mitigate many - not only do you need to penetrate the OS you're running in, you also have to penetrate the virtual environment and its hosts - which is made a lot more difficult when the host and guest OS's are not the same (as is my case).

So for me - you would have to penetrate Windows, VMware On Linux, and then the Linux OS; and if you wanted to do anything beyond what my Linux user could do, you'd have to do a root penetration as well - this all assuming I don't suspend/shutdown the guest OS while you're trying to do it.

There is also much less software installed in that environment that could lead to a penetration to start with.

Not being able to use proper encryption because of bad random seeding also is a big issue in virtual environments.


Now you're assuming I need encryption within the virtual environment. While some may, I don't.

Even so, you can install hardware encryption technology into the VM if you needed it. So that is not really an issue. VMware, VirtualBox, QEMU, KVM, and others are also smart enough to use the underlying OS for things that require such functionality as well.

If you want some security and virtualization, then I suggest QEMU/KVM but with SELinux to contain it.


Agreed.

My primary purpose is software development and testing, not every day use. The most those systems use the Internet is for updating the tools using Windows Update.

Reply Parent Score: 1

RE[5]: But....
by zima on Tue 4th Dec 2012 13:42 in reply to "RE[4]: But...."
zima Member since:
2005-07-06

Owning one of the OS within a VM setup can still give a lot of leeway...

My primary purpose is software development and testing, not every day use. The most those systems use the Internet is for updating the tools using Windows Update.

But this is the best part - you said it yourself, you hardly use Windows in the first place.

Edited 2012-12-04 13:42 UTC

Reply Parent Score: 2