Amazing Privacy Ideas with KVM Virtual Machines

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

in another video on virtual machines i talked about using virtualization technology to get some privacy on your computer virtualization tech is one of the best solutions for defeating browser fingerprinting as well as having some privacy when working from home this is also how some secure linux distros work like cubes and hunics in my prior virtual machine video i use virtualbox running on windows as my example today we're going to shift gears here and show you the virtualization using kvm on linux to be honest kvm runs so well on linux that this alone is a reason to switch to pure linux if you're serious about virtualization for privacy and security then this is an essential thing to learn i'm going to teach you how to install kvm on your linux machine but more importantly i will help you strategize the use of kvm to achieve some privacy i will also discuss some more advanced setup tips at the end that relate to protecting against malware all this coming up next [Music] virtualization is an excellent tool for privacy and kvm is the best at virtualization if you're using linux many of you have used kvm virtual machines without even knowing it when you rent a server for a website typically you are renting a vps or virtual private server this is just a fancy way of saying you're using a kvm virtual machine sharing a server with other users and even if you use a dedicated server it will often be easier for the data center to just give you a kvm virtual machine though you will be the only user so kvm is highly used in the linux server infrastructure it's actually very efficient and there's very little overhead from using kvm and that is because kvm is already included in the linux kernel today we're going to teach you how to install kvm on your desktop linux so you can run multiple virtual machines accessing kvm as a desktop is a little different than the server use because you are accessing different desktops right on your single computer from a gui graphical user interface a vm or virtual machine on your desktop is great for hiding your identity and as i mentioned it is used by hunix and cubes first i will teach you how to install kvm it's really very simple then i will teach you how to use several virtual machines at once and how to strategize using it for privacy and security before i continue just a reminder that i post my videos on library lbry ahead of youtube there's a link in the description to follow me there no censorship on library and it seems to have a very heavy linux following also this video is self-sponsored by my product by svpn which now serves north america europe australia and india and you can also use my brax router and all these locations with that vpn now back to topic i'm using ubuntu 20.04 lts for this demonstration you can of course install any distro you want though i will suggest that you use a very popular distro for privacy and we'll talk about why later i'm going to do some command line instructions throughout this video don't worry i will add these to the description so you can do a quick cut and paste instead of manually copying it from the video first let's check if your computer can handle virtualization and this is done through the command line you run this command which is e-grep and it looks at cpu info and this returns the number of cores on your computer if it is compatible it will return the number of cores otherwise it will return a 0. in my case here it returns the result of 8 which indicates that eight cores are available now to check specifically if kvm will run you install something called cpu checker then you run kvm dash okay if it will work it will say kvm acceleration can be used you're good to go and you can now begin installation just to save time i've already downloaded an image of ubuntu 20.04 which is in my downloads folder so get that in advance before you continue on ubuntu installing the kvm utilities is just this command now i've already installed this so your messages will not be the same as mine the installer installs cuemo which is the quick emulator live vert is the virtualization daemon that runs in the background bridge utils allows you to bridge the network from the vm to the host and vert manager is the actual gui for managing and launching the vms from the desktop now enable the virtualization daemon to start at boot with this command reboot and you should be ready to go it's really simple to install once you've restarted all you have to do is to start the virtual manager application and you will see this little window here make sure you already have an iso or disk image of your preferred linux distro the neat part about virtualization is that you can run multiple linux distros but a privacy tip with browsers you have to be cautious with this because the more unique the distro is the more likely you will be fingerprinted this is the same reason not to put browser extensions on your browsers because it makes your device unique so i will hide among the many users of a popular distro like ubuntu to create a virtual machine i select new virtual machine from the menu then i select the iso image and then continue on to start the virtual machine i'm just going to take the defaults here and you can always tweak it afterwards since the assumption is that you're doing most of your work on the vm you can actually allocate it more memory and cores more than i used in this demo so tweak it as you see fit usually it will work much faster if you increase the memory now i just double click on the virtual machine to start it and since this is the first time it is launched ubuntu will then prop me for an install i'll speed up the installation so you don't have to wait for this since it takes a while in real time [Music] [Music] [Music] then at the end of the install i will reboot the vm and now i can start ubuntu let me just show you a couple of important points for your virtual machine let's get into settings i want to show you here that kvm actually sets up a nat for virtual machines so it will allocate another set of ip addresses that cannot be reached from the outside and you will notice that the ip addresses start with 192.168.122.x so all your vms will have an ip address in that range however your external ip address will be the same as your host so you will need to use a vpn on the host or use a vpn router next thing to consider for privacy is the display resolution setting browser fingerprinting uses the display resolution as part of the identification process so have varied resolutions however slight and that could be useful for hiding an identity other things you can consider are to have a different time zone for the vm and you should also be careful with the machine name since that can sometimes be seen some usability tips here you can make your vm a full screen you can also shift from a full screen mode on the virtual machine back to a window by putting your cursor at the top center of the screen and you will have the option to leave full screen mode since this is linux the operation of the vm is the same as the host and all the keystrokes are the same so there's no noticeable performance difference in my opinion for additional vms you don't need to keep installing ubuntu you can just set up a base version with all the apps you need then you can clone the vm as i show you in the example here first you have to stop the virtual machine then if you right click on it there will be a clone option so it's very simple if you want to install kvm from a command line only for example on a headless server meaning ssh access to a server only then you can use the command that i'm going to show you here and i know you won't remember this so i will include this in the description so you can refer to it later on so now let's strategize how to use this i would start out thinking about which threats require isolation using a virtual machine here are reasons why you would want to have different virtual machines number one virtual machine for defeating browser fingerprinting this is a very insidious thread that has no easy fix browser fingerprinting is how advertisers track your identity without using cookies basically all of your internet activities can be associated with this identity and you will not know that you're being tracked to beat browser fingerprinting think about using a different time zone a different screen resolution a different browser a different distro now i mentioned that using a rare distro could be an identifier but understand that different versions of a distro are actually considered to be different so installing ubuntu 18.04 versus 20.04 is good enough for evading browser fingerprinting make sure to have different host names as well so plan this out figure out how many possible identities you need and stick to using those virtual machines for each on kvm there's little difference in speed between using the virtual machine versus the host machine because you're running on the same linux kernel this is why it's best suited for this switching desktop use number two virtual machine for work use if you have to connect to your office network typically you connect using a pptp vpn like sonic wall the part that your employer doesn't tell you is that your computer is now open on the corporate network someone can probe your computer look at your files install malware and even use ime intel management engine to manipulate your device you can stop this by using the vm to connect to your office so your office thinks the vm is your main computer they cannot check your host computer nor other vms and in addition you can easily install a firewall on this work vm the commonly used firewall on linux is ufw so you can install it and enable it and deny access to everything so your traffic is outgoing only it is pre-installed on ubuntu number three virtual machine for developers now this is kind of obvious i would set up another vm for testing this way if you crash the machine you're not touching the host computer and you can always clone a vm if you want to test number four virtual machine to isolate facebook the facebook platform requires some special handling since it is the most dangerous application on the planet i do not use facebook because it's extremely hard to avoid its dangers but if i'm forced to use it i would isolate it completely in its own vm and i wouldn't run anything else on the machine this way facebook cannot collect any information from websites visited or even examine the network this is probably the only partially safe way to run facebook in kvm when you're not using a vm it just goes to sleep so it doesn't use resources now i still recommend having a newer computer with lots of memory but kvm is very efficient the machine i'm using for this is a star laptop with eight gigabytes of memory with this setup you might realize that you don't need to use the host computer at all other than to host kvm if you plan out your work so you always work inside a vm you will find some special advantages that we're going to address next one of the strategies i've suggested in the past is to install your data on an external drive rather than on the computer this means that if you have to factory reset a computer let's say to eliminate malware or thread of malware you don't have to reset up your virtual machines you could be running in minutes after a reset especially if as i suggested earlier that the host os is only used to run kvm why is this important as an experienced hacker i can tell you that often you cannot detect the presence of good malware and it cannot be stopped by an antivirus so my assumption is that if my computer slows down or at specific intervals during a year i always reset my computer this assures me that i don't have malware i always assume i have malware though because of my practices i haven't found any it's always a good thing because someone could be smarter than me and could trick me the nice thing about virtual machines is that each virtual machine is just a file so if you back up your virtual machine you can restore them easily and it's just one file per virtual machine i'll show you a tool on the command line that allows you to check for the location of your virtual machines this tool is called verse v-i-r-s-h or virtual shell some quick commands here verse list all and this will show you all your vms or they call it domains vers vol list default this will show you the path of each of the vms virtual machines are stored as one file in var live live vert images the vm files will have the extension dot qcal2 you can backup these files directly if you want to to some other storage medium the next thing i'm going to show you is how to actually run your virtual machines from an external drive if you do this then you can run the virtual machines from multiple computers or you can reset your computer very frequently your actual vms will not be inside the computer itself for my example here i am using external usb ssd and minus this a samsung t7 which is one terabyte the commands i will show you here will make kvm point to the vms which are in the external drive first i run verse pull destroy default then i do verse pool edit default and i will edit it using nano and you will modify the installation to point to your external drive so search for that area where you find the drive mapping make sure to know the path of your external drive before you start this when you're done you save it and then you do verse pull start default next we need to edit each vm itself to know where it is stored by the way in kvm like i said earlier a vm is known as a domain so you do verse edit and the domain which is ubuntu 20.04 the name of the vm in my case so don't be surprised by the domain terminology now again using nano i will point you to where we will edit the location then when you're done save it now we can move our files to the new location on the ssd drive just make sure you plug in the ssd drive before you start it just to show you my setup here i always put a velcro on the top of my laptop then i can easily attach and detach the ssd drive and i just have a short usb cable as you can see here you will be able to really be creative about how to use kvm for privacy you're pretty much limited in your vmus only by this space and as you can see with the external ssd solution that limitation is easily eliminated since you are using a vm if a vm gets malware for some reason all you'd have to do is to revert back to another copy of it now for even more security i would not keep my important file on the virtual machine or the ssd i would install a next cloud server and then move my actual documents there and then sync them automatically you could also automatically backup a copy of your vm to that next cloud all this requires some planning before you jump into a production use of this i would think first of all about all the threats so you know the many virtual machines you might need i probably set aside at least one vm for social media use to protect your identity and at least one for work and definitely one for experimentation this is linux after all so you could try different distros i hope you enjoyed the video if you want to install a next cloud server in the cloud i have a link to the data center lenode in the description where they offer a special 60 or 60 day discount please don't forget to subscribe folks and make sure to get notifications since i have a regular weekly video schedule thursday and friday every week thank you for [Music] watching

Info

Channel: Rob Braxman Tech

Views: 49,568

Rating: 4.9681277 out of 5

Keywords: internet privcy guy, tech privacy, kvm privacy, kvm privacy ideas, how to install kvm, advanced kvm setup, kvm desktop install, how to install kvm on ubuntu 20.04, setup tips for kvm, kvm linux, kvm virtualization, kvm advanced use

Id: NIdu4haRWx0

Channel Id: undefined

Length: 21min 2sec (1262 seconds)

Published: Thu Sep 10 2020