How to prevent dual booted OSes from damaging each other?

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Posted by user1252434 on Super User See other posts from Super User or by user1252434
Published on 2012-03-30T11:39:34Z Indexed on 2012/03/30 17:34 UTC
Read the original article Hit count: 173

Filed under:
|

For better compatibility and performance in games I'm thinking about installing Windows additionally to Linux. I have security concerns about this, though.

Note: "Windows" in the remaining text includes not only the OS but also any software running on it. Regardless of whether it comes included or is additionally installed, whether it is started intentionally or unintentionally (virus, malware).

Is there an easy way to achieve the following requirements:

  • Windows MUST NOT be able to kill my linux partition or my data disk
    • neither single files (virus infection) nor overwriting the whole disk
  • Windows MUST NOT be able to read data disk (-> extra protection against spyware)
  • Linux may or may not have access to the windows partition
  • both Linux and Windows should have full access to the graphics card
    • this rules out desktop VM solutions
    • for gaming I want the manufacturer's windows graphics card driver

Regarding Windows to be unable to destroy my linux install: this is not just the usual paranoia, that has happened to me in the past. So I don't accept "no ext4 driver" as an argument. Once bitten, twice shy. And even if destruction targeted at specific (linux) files is nearly impossible, there should be no way to shred the whole partition. I may accept the risk of malware breaking out of a barrier (e.g. VM) around the whole windows box, though.

Currently I have a system disk (SSD) and a data disk (HDD), both SATA. I expect I have to add another disk. If i don't: even better. My CPU is a Intel Core i5, with VT-x and VT-d available, though untested.

Ideas I've had so far:

  • deactivate or hide other HDs until reboot at low level
    • possible? can the boot loader (grub) do this for me?
  • tiny VM layer: load windows in a VM that provides access to almost all hardware, except the HDs
    • any ready made software solution for this? Preferably free.
    • as I said: the main problem seems to be to provide full access to the graphics card
  • hardware switch to cut power to disks
    • commercial products expensive and lots of warnings against cheap home built solutions
    • preferably all three hard disks with one switch (one push)
  • mobile racks - won't wear of daily swapping be a problem?

© Super User or respective owner

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Related posts about security

Related posts about dual-boot

Categories cloud

.NET ASP.NET iphone linux python Windows mysql android sql windows-7 html c ruby-on-rails css objective-c ubuntu networking sql-server wpf asp.net-mvc ruby database Xml apache AJAX osx security regex django Performance 12.04 windows-xp mac web-development iphone-sdk vb.net Silverlight apache2 flash server perl best-practices email installation eclipse visual-studio algorithm windows-server-2008 winforms wcf firefox bash dns /Oracle