Comments on: ‘Perils in Parallels?’, asks the Washington Post…

By: The Washington Post says Parallels is bad... - Parallels Support Forum

The Washington Post says Parallels is bad... - Parallels Support Forum — Sun, 29 Apr 2007 05:16:52 +0000

[...] The Washington Post says Parallels is bad… Original post: http://blog.washingtonpost.com/secur…l?nav=rss_blog & My response: http://babygotmac.com/a/159 Basically, the guy says that it is Parallels problem to fix that a Windows VM can ruin the host OS, because Parallels allows access. I think that Parallels should have a warning, yes, but I think the real problem is with how Windows allows malicious code to be executed, not Parallels! What do you guys think? [...]

By: Graham Fluet

Graham Fluet — Mon, 12 Feb 2007 22:55:19 +0000

Unless you have Parallels running as root, you would get a request for password from OS X when Windows tries to do anything funny with the libary or the system, if you are a LUA then also with the applications folder, and some places in your home folder. so, unless you just type in your password in the dialouge box then click OK without looking, it should be OK.

By: Banitsa

Banitsa — Mon, 12 Feb 2007 22:31:53 +0000

Hi Brian,

in your 1st paragraph you have said exactly what I mean, just a different way. i.e. a hacker could drop a new OS X program into the system via windows.

Parallels needs to bolt that door up.

Victor

By: Brian

Brian — Mon, 12 Feb 2007 16:20:10 +0000

Banitsa: I don’t believe that’s what is being implied at all. The scenario is that Windows malware could be made smart enough to figure out that it’s running in a Parallels VM (which wouldn’t be hard to do), and could then use Parallel’s GFS feature to get root-level access to the Mac OS, wreaking whatever havoc the writer could figure out how to create (drop a payload for later delivery, figure out a way to propagate itself, wipe the drive via a UNIX command, etc.).

I can’t see how people believe this is a problem for Microsoft, rather than Parallels. It’s Parallels, not Windows, that is granting root privileges to the Mac environment. Parallels should shut the feature off by default, and should go to some length to make the user aware of the hazards of turning it on. Too many people are going to start from the assumption that their sandboxed Vista VM is safe and can’t touch their Mac stuff, which appears not to be true at all, with GFS on.

By: Banitsa

Banitsa — Sun, 11 Feb 2007 16:48:44 +0000

As I read the article, the author was saying a hacker could drop code into OS X and compromise the guest OS. This is not a Windows bug, but a potential problem in Parallels. Lets say a hacker dropped a hacked version of a system driver onto OS X and adjusted the startup scripts. OS X would execute the code at the next startup. Nothing to do with Windows.

Lets hope this never happens.
p.s. I use a mac not windows.