From: adam@address.invalid   
      
   Bit Twister wrote:   
   > On Thu, 14 Jun 2012 13:51:27 -0400, Adam wrote:   
      
   >>> latest vendor installs of Firefox, Thunderbird, flash, jre.   
   >>   
   >> By "vendor" you mean getting them directly from the Mozilla, etc. site,   
   >> instead of the Mandriva repository?   
   >   
   > Yes. Repositories can be a few days behind the release. :(   
   > Last report I saw indicated criminals generates exploits within 12   
   > hours of a known exploit patch and start hunting for un-patched systems.   
      
   A year ago, I was taking a college course that used Angel (similar to   
   Blackboard) for submitting our assignments and getting comments and   
   grades, and at that time it required IE or Firefox (any OS).   
   Unfortunately the frequent updates to Firefox had just started, and the   
   Angel maintainers hadn't caught up yet, so their interim recommendation   
   was to stick with the last Firefox 3 temporarily.  I suppose creating a   
   VM exclusively for that would have been "secure enough," or at worst   
   would have limited any damage to that one VM.   
      
   >>> I will be putting Windows 7 in a virtual box guest for doing   
   >>>     TurboTax once a year.   
   >>   
   >> If the virtual system has no 'net access, then isn't it relatively safe?   
   >   
   > I would say so. But useless for getting turbotax registered and latest   
   > tax rules/schedule updates.  :)   
      
   So if your VM went online at all, then that VM would need Windows   
   anti-virus, anti-adware, anti-malware, and all that stuff, right?   
      
   > Process would be:   
   > o Clone win7   
      
   I'll have to look into VBox's cloning.  I never considered it.   
      
   > o install turbootax cd and get any tax updates.   
      
   Plus at least any Windows 7 updates needed to run the latest version of   
   TurboTax.   
      
   > Running doze in a VM is a little safer because some of the smarter   
   > malware will detect it is in a VM and will go dormant.   
      
   Wouldn't even the worst malware stay contained within that VM ("sandbox")?   
      
   Adam   
   --   
   Registered Linux User #536473   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)