Ask Slashdot: Why Are There No True Dual-System Laptops Or Tablet Computers?

dryriver writes: This is not a question about dual-booting OSs -- having 2 or more different OSs installed on the same machine. Rather, imagine that I'm a business person or product engineer or management consultant with a Windows 10 laptop that has confidential client emails, word documents, financial spreadsheets, product CAD files or similar on it. Business stuff that needs to stay confidential per my employment contract or NDAs or any other agreement I may have signed. When I have to access the internet from an untrusted internet access point that somebody else controls -- free WiFi in a restaurant, cafe or airport lounge in a foreign country for example -- I do not want my main Win 10 OS, Intel/AMD laptop hardware or other software exposed to this untrusted internet connection at all. Rather, I want to use a 2nd and completely separate System On Chip or SOC inside my Laptop running Linux or Android to do my internet accessing. In other words, I want to be able to switch to a small 2nd standalone Android/Linux computer inside my Windows 10 laptop, so that I can do my emailing and internet browsing just about anywhere without any worries at all, because in that mode, only the small SOC hardware and its RAM is exposed to the internet, not any of the rest of my laptop or tablet. A hardware switch on the laptop casing would let me turn the 2nd SOC computer on when I need to use it, and it would take over the screen, trackpad and keyboard when used. But the SOC computer would have no physical connection at all to my main OS, BIOS, CPU, RAM, SSD, USB ports and so on. Does something like this exist at all (if so, I've never seen it...)? And if not, isn't this a major oversight? Wouldn't it be worth sticking a 200 Dollar Android or Linux SOC computer into a laptop computer if that enables you access internet anywhere, without any worries that your main OS and hardware can be compromised by 3rd parties while you do this?

just run the 2nd OS in a VM and call it a day

[iggymanz]

real exploits of that situation are rare

Re:just run the 2nd OS in a VM and call it a day

[ctilsie242]

If truly worried, I'd just have a dedicated machine where the sensitive OS runs in a VM. You can even set up some secure remote access so you don't have to lug two machines around everywhere. In fact, I'd consider multiple separate VMs, one for each client, so a compromise doesn't mean everything is lost, just whatever is opened at the time.

Attacks where something jumping across or out of VMs is extremely rare. It can happen, but this is not a big attack vector, relatively.

Plus, if you store your VM on an eSATA or USB 3.1 drive, when done with it, just unplug the drive and toss it somewhere secure. $200 buys you a FIPS compliant external SSD with hardware encryption from Apricorn. This takes care of the DAR (data at test) element, regardless of the OS. From there, a PC with VirtualBox, Hyper-V, VMWare, or Parallels can run the VM.

It's in your pocket

[Syphonius]

That second system you are looking for, to browse and email and such, it's in your pocket.

It's called your phone.

The need you are describing is apparently not widespread nor strong enough for anyone to invest in implementing it in the way you describe.

Use your phone.

Duct tape another laptop to your main laptop

[DontBeAMoran]

'If the women don't find you handsome, they should at least find you handy.' — Red Green

Virtualization is the answer.

[Arkham]

Virtualization is the obvious answer. Inside your VMs you can run Linux, or Windows, or whatever. It's quite safe. You should run your work-related stuff in one VM, and your personal stuff in another VM, and not use the native OS for anything except the virtualization software.

This is the most secure option you will find, and modern virtualization platforms (VMware, etc) will even let you set flashpoints where the VM is saved, and if there's an issue, you can rewind to the safe point and continue.

There's little to no performance penalty as long as the hosted OSes run natively on Intel.