Windows Dual Boot for testing suspicious software

[dangrevan]

Hi all,
i was wondering, is it a good idea to have a Windows dual boot just for testing suspicious software?
If a software is infected with a virus will it spread from one OS to the other?
Thanks for any ideas.

 

[James Mason]

yes, it can easily spread between dual boots, because the files are still accessible as long as both hdds are hooked up.

 

[MasterChief86]

dual boot doesn't help much really. at least with a single boot and a decent antivirus, you'l be able actively have it blocked, scanned and moved to quarantine.

 

[SkyNetRising]

i was wondering, is it a good idea to have a Windows dual boot just for testing suspicious software?

Use Virtual Machine for that.

 

[USAFRet]

If both drives are actually connected, of course a virus can spread.
Each OS would simply see the 'other' drive or partition as the D drive.

 

[captaincharisma]

for something like tyhat you should use a virtual machine. that way it can't spread to the rest of your computer

 

[USAFRet]

for something like tyhat you should use a virtual machine. that way it can't spread to the rest of your computer

Mostly. However...
There are viruses that can detect being in a VM, and simply shut down, giving you no real feedback.
Or, if you have any shared resources (folders, USB stick)...they can infect the host that way.

The best way to do this is on a dedicated airgapped box.
With a couple of swappable drives, 1 Linux, 1 Windows.

 

[dangrevan]

Virtual machine was the first thing that came to mind, but i think it´s not a good environment if i want to test software that depends on heavy graphic card usage, such as games for example.
Is it possible to "disconnect" the drives from each other?

 

[USAFRet]

Virtual machine was the first thing that came to mind, but i think it´s not a good environment if i want to test software that depends on heavy graphic card usage, such as games for example.
Is it possible to "disconnect" the drives from each other?

With a dual boot on 2 different drives?
Physically disconnect one of them.
Either hotswap bays, or just disconnect the actual cable.

 

[dangrevan]

Yes, on different drives.
But i see, there´s no way to accomplish that, it´s not possible to "hide" on drive from the other.

 

[USAFRet]

Yes, on different drives.
But i see, there´s no way to accomplish that, it´s not possible to "hide" on drive from the other.

You can unmount the drive letter for te 'other' drive.

But in the context of purposely infecting a system, I would not trust a physically connected (data and power) drive, no matter how it was unmounted.

 

[dangrevan]

So there´s no option, just a dedicate PC for that.
Anyway, i think i will make a dual boot system, not concerning security but in a matter of organization. To keep the "test softwares" on a separate system would be better than on a separate user account, right? Less uninstalls leftovers...