Just saw mention on a forum of downloading a VMWare appliance ready-

to-run parental control package. It’s definitely a great convenience

to get a pre-installed entire OS with apps and all this way, but what

about malware? It seems we have very little guarantees about how

clean these installs are, and yet I don’t see people worrying much

about it. My neck hairs stand on end just thinking about it.

There is no way I know of to scan such a ready-to-run VMWare image

for malware. There is no way to reliably scan them once they’re up

and running, since they can easily be rootkitted or even contain

malware compiled into the kernel.

Personally, I couldn’t dream up a better vector to get an entire

package of malware onto sombebody else’s host or network than having

them install an entire virtual machine preloaded with it.

But they sure are neat. I’ve downloaded one or two myself to test out

preinstalled servers of different kinds, but I don’t think I’ll do

that anymore.