Question Dual Boot or VM?

[hiro928]

Hi all, i've been running Pop_Os for a couple weeks now, and i love it as a OS, although getting certain games running with Lutris and Proton can be a bit of a pain in the neck, which brings me to my question.

i care a lot about the security of my system, which is why i switched to Linux to begin with, but hypothetically, if i were to Dual Boot with Windows for the game compatibility, and only using Windows for my games and nothing else, would security vulnerabilities whether they be from DRM or Windows own security vulnerabilities, put the files inside my Linux folders at risk? i guess to put it a different way, could an attack on the Windows side be able to reach the Linux side? and if so would a VM of Windows solve that matter?

i have heard many people say that since VMs are fully contained, the rest of your files outside the VM are safe, and since i mainly play single player games, i'm not worried about getting locked out by anti-cheat software, which then leads to another question, how would i pass along my hardware to the VM so i can actually play more graphically intensive games? i saw a video on doing that once, but it was for Arch Linux, and i'm not sure if it would be the same process.

for the sake of inquiry here are my specs,

GPU: Nvidia RTX 2080 ti
CPU: AMD Ryzen 7 2700X
RAM: 32 GB DDR4 2800MHz

thank you for reading.

 

[35below0]

I can't say too much on this subject since it's been over a decade since i dual booted Debian and XP.

Windows will be vulnerable when it's connected so for maximum security use strict firewall settings and use a tool like Windows Firewall Control to autoblock outbound and inbound traffic. The free version will let OS system connections pass, but those aren't going to be a massive threat if all you will be doing when connected is installing games or updating drivers. You can upgrade to the paid version if you want to block potentially compromised system processes.
Also, you can use NoScript to prevent many malicious and annoying scripts running when browsing in Windows. As i understand it, you do not intend to use Windows for browsing at all but you will have to at some point.

If you can keep security risks to a minimum, a dual boot option is least fussy. I have not had much luck with VMs. Esp. when gaming is involved.
Try to prevent Windows becoming compromised as much as possible.

 

[Priscus]

I spent many years dual booting a Linux and Windows OS.

I cannot recall what prompted me to change, maybe it is because I like to try out other flavours of Linux in addition to that which I use by default.

Anyway, for a number of my machines, I purchased 'plug-in' HDD/SSD adapters. So now I physically plug in the drive containing the OS that I wish to use.

I was initially reluctant to do this, as it seemed less convenient than selecting my OS from a menu upon boot.

However, the advantages far outweigh this drawback: my boot is considerably faster, and I can delete or replace an OS at will, I do not have to give any consideration to which drive contains boot sector/info. I no longer find myself doing repair installs for Windows to recover 'Boot' which I had lost because it was on another, and now erased, partition.

I do still have some machines with dual/ multi boot, but having discovered I can also have this plug-in option on laptop, I will also, when I get around to it, remove this, and have separate OSs to plug in as desired. I do have other HDDs/SDDs, on the devices, in addition to that containing the OS, so transferring files between OSS's is not a problem.

 

[Math Geek]

if the drive is connected then windows WILL access it, catalog it and mine it for whatever data it can.

now if you encrypt the linux drive and it's data, then windows can't get to it and it'll be safe from it's prying eyes. it will still be vulnerable to something like ransomware, but otherwise it will be mostly safe from anything happening to windows.

i went linux full time and created a windows vm for the few games i wanted that needed it. you can passthrough a gpu and other resources to the windows vm to use but it is tricky. for starters you have to pass an entire gpu to the vm. so you will need a second one installed just for the vm to use. you can't split the gpu into parts for this purpose. you can also allocate usb ports and such for it for controllers, headphones and the like if you wish.

a dual boot would be fine and accomplish your goals much easier for sure. just encrypt your linux install and data and it'll keep it safe from windows, MS and any windows nasties you may run into. if you're only playing single player games and not doing anything else with windows, then i can't see many things to worry about as far as getting a virus goes.. unless you're using "alternative methods" to get your games........ then all bets are off and you take your security and data into your own hands.

 

[skxtchTwT]

If you really want to, you could use a passthrough-GPU VM with qemu/kvm to play games on a Windows VM with full performance but mind that the majority of multiplayer games with anti-cheat will still not let you play or they will outright ban you if you try to play on a virtual machine.

So if the majority of your games are singleplayer, I'd go ahead and research how to do a GPU passthrough virtual machine, but if you're a multiplayer type of person, dual-booting may be better but you might wanna encrypt your Linux partitions.

Here's a tutorial if you're interested. Much luck to you!

 

[lantis3]

if the drive is connected then windows WILL access it, catalog it and mine it for whatever data it can.

Windows can't read / write Linux file systems.

If malware is attacking drive/partitions, then it's a different story.

 

[TerryLaze]

Another way you could go is to install windows on a vhd, a virtual hard drive, and dual boot into that, it will have access to all your real hardware, only the hard drive will have to go through an additional layer which could cause some slow down on heavy games.
That way you can have a backup of the vhd file and replace it anytime you think that it might have been messed with.

https://sites.google.com/view/melodystweaks/wintovhd