In order to improve security on a developer machine, how much sense does it make to "quarantine" (potentially hazardous) Internet traffic by using a virtual OS (such as with VirtualBox) for it?<p>In other words, here's the scenario:<p>- Host OS: used for "sensitive" data/applications (code, login credentials, etc.)<p>- Client OS (virtual): used for all Internet traffic activity (Web browsing, email client, SSH client, etc.)<p>And what is the safest way to manage the data-transfer interface between the 2 operating systems? Would you use shared folders? Or the shared clipboard feature? Or the drag-and-drop feature?
You might want to look at Qubes OS. It uses Xen as a hypervisor to manage your vms with an easily customizable networking flow (see the whonix implementation) and has techniques for secure data transfer between vms.
I wouldn't use virtualbox in any situation where security is a concern nor Qubes OS unless you know what you're doing. Your best option for minimal effort is to use VMware workstation or Fusion, avoid shared folders and transfer data using SSH over a host-only interface that you disconnect when not in use.<p>Bonus: If you don't need two-way transfers, you can even setup a one-way transfer system that only allows the client to write drop files to specific directory.
It wouldn't stop an attack - <a href="https://en.wikipedia.org/wiki/Virtual_machine_escape" rel="nofollow">https://en.wikipedia.org/wiki/Virtual_machine_escape</a>