There is a growing general consensus that the virtual machine technology can help in making a system more secure. This is true both for consumer market and server market.
Let’s take Virtual PC for instance. First of all, you have the ability to run separate (legacy) applications in separate virtual machines. If one of these applications has a vulnerability, then only one of these virtual machines will be affected, and not everybody.
Second, virtual machines offer an elegant solution to applications that do not play well with Limited User Account (LUA) idea. If an application is insecure and at the same time it requires administrative access to run it, then all you have to do is running this application in a separate Virtual PC instance.
However, I would like to point out that, in many cases, creating separate, non-administrative user accounts might be good enough. You don’t need virtualization to solve all of your problems. I just read an article which pointed out this potential confusion:
Intel expects to see some business users build on these concepts. Companies might, for example, set up one partition that can run only approved software. Users can install iTunes or Doom or whatever unsafe software they like in another partition. Software makers might also create a type of “service operating system” that could be accessed no matter what has happened to the main copy of Windows or Linux.
“This lets you isolate the systems and recover if there is a malicious attack,” Bryant said.
What do consumers get?
Well, they can partition off the operating system into “for adult” and “for children” compartments.
“I really don’t want my kids messing with the Quicken files we use to pay our bills,” said Bill Leszinske, a director of marketing in Intel’s desktop group. Leszinske would return to this bad child theme again and again.
PC makers might also try and fine tune their systems to handle certain functions better. Why go through the time and trouble of booting Windows when you just want to play a DVD? Here comes the instant-on DVD partition, Leszinske said.
While the Intel marketeers did provide a couple of useful suggestions, they didn’t have answers for some of the more difficult questions posed by the IDF crowd. Things like, “Do we really need separate partitions for our evil children? Doesn’t a separate login do the trick today?” “What happens when Microsoft wants us to pay for four licenses for our four partitions?” “Do we install Norton four times?” “How about Service Pack 3?”
It is very easy to prevent your kids to access the Quicken files – all you have to do is to set the right security settings on the quicken folders. And, also, make sure that these kids are not administrators.
Even though, sometimes I think that we should have a very simple (and easy to discover) wizard in Windows XP Home Edition that allows the average non-technical user to secure the machine by automatically creating one or several non-administrator accounts. In my mind, the current user management UI has to do a better job in educating us why we should care about having non-administrative user accounts…
[update: adding more context to the quote above]