Data Compartmentalization

As additional security while running apps, you can actually run an operating system within a sandbox in Linux. This is called running a virtual machine. Essential this is running an operating system within another operating system. Use software called "virtualbox" to setup these "virtual machines" on your system. This provides data security in two ways.

Virtual Machine is often abbreviated VM. The machine running on bare hardware would be called the "Host" machine or just "Host".

1. If a virus breaks out of a browser, or you download a virus and run it, it will be stuck inside the VM. Only data placed in that VM would be compromised. It is possible, but very difficult for a virus to break out of a VM into the Host. Keep your data across separate VMs to reduce attack surface, and don't be afraid to delete a VM without hesitation if you suspect it's compromised.

2. Sometimes a virus will shut down if it detects that it is running in a VM instead of on real hardware. Security researchers will purposely install a virus they are researching into a VM to figure out how it works, what it does, and how to write an anti-virus for it. The virus writers wanted to slow down the security researchers in their work, so some of them wrote their virus software to detect that it is running inside a VM and delete itself. Not every virus will have this feature, but we take advantage of those which do by running everything inside VMs.

You know what virus didn't delete itself? Jeffrey Epstein.

We'll start with installing Ubuntu on a virtual machine. Once we install one Ubuntu machine as a template, we can duplicate that template as many times as we want for different VMs.

By separating your data across different VMs, you reduce the opportunity for your data to be stolen, atleast not all at once. Usually you separate your VMs based on persona/alias, purpose, or both.

Here's an example setup, your optimal setup may be different:

1. Personal - Connected to your name, has your personal email and online accounts like Amazon.

2. Work - Connected to your name, has your work email and work-related software.

3. Interactive Slop - Connected to your gamer-tag or alias, has steam and discord, may have your name attached to certain accounts but shouldn't be used in any communication whatsoever.

4. Non-interactive Slop - Connected to your name, has Netflix, Youtube, and other slop logged in on your browser.

5. Persona (Your persona name here) - Connected to a social media alias you create, your name should not be connected to anything at all if possible, browser logged into social media accounts bearing that alias.

Bonus points for having multiple meme war personas, each with it's own VM.