Use Virtual Machines to Contain Dodgy Stuff

They’re like secure containers for dangerous files and software

The Gentle January series shares one practical privacy tip a day from a Markup staffer who actually uses the advice in their own life.  

About ten years ago, when National Security Agency whistleblower Edward Snowden leaked classified files, securely handling large quantities of sensitive data suddenly became very important to journalists. Around this time, I began working with a gifted technologist, Micah Lee, who helped teach me and other editors and reporters how to keep incoming leaks secure.

A key principle Micah taught was compartmentalization. For example, you might work with files for a sensitive project only on a particular computer with no networking capability. Or, if you received a dodgy file from a mysterious source, you might open it using a special operating system that could not be modified (and thus could not be infected).

Years later, there’s one form of compartmentalization I use all the time: virtual machines. A virtual machine is essentially a simulated computer that runs on top of your regular computer. It has its own files, its own operating system, its own memory—and no access to the real versions of these things on your actual computer. 

Virtual machines are handy for opening potentially sketchy files (like email attachments from strangers) and software (that Blu Ray ripper you downloaded from overseas). You can get free virtual machine software to use on Mac, Windows, and Linux computers. Setting this up is time consuming but generally straightforward, with the important exception of newer Macs with Apple Silicon, for which the free software does not (yet) work. On those machines, or for an easier experience on other machines, paid products like Parallels for Mac, VMWare Fusion for Mac, or VMWare Workstation Pro for Windows are all well established options.

I take things a step further, often using a laptop running Qubes, an operating system where you do everything in virtual machines. Qubes offers excellent security but requires a fair amount of time and expertise to integrate into your digital life.If you want to learn more, I can think of no better teacher than Micah. Find his tutorial on virtual machines (and Qubes) here.

