Matthew Wild wrote: > 2009/12/9 Andrew Drapper <and...@drapper.com>: >> It may not be the same as a sandbox, but what about installing software that >> you are not sure about in a virtual ubuntu inside you main ubuntu say >> using virtualbox? >> > > This particular malware did nothing (so far) to the host machine, it > simply used it (and collectively all the other machines it was > installed on) to flood another server. Basically a primitive (yet > effective) botnet. In this respect, if the virtual machine had network > access, the malware would work still, it just wouldn't have the > potential to harm *your* computer. >
It wouldn't be hard to make this more effective either. The really scary trojan (whose name eludes me right now), managed to use effective algorithmically generated domain names for its update download location. And you can hide the packages files, even corrupt the debian packaging system to stop it from knowing about all the files you've installed... -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/