CONFIG.SYS: LOADHIGH21h ago

Today someone (who is not on Mastodon) released a collection of more than 570 distinct operating systems, pre-installed with VM configurations for the 250+ different platforms, going back all the way to 1948.

https://virtualosmuseum.org/

Now, I have to admit I'm posting this without trying it myself, as I'm running low on disk space on this machine.

Because the full download is 121GB (174GB unzipped!). There is also a lighter version at 14GB that will download stuff on demand.

#retrocomputing

The Virtual OS Museum

Over 1,700 pre-installed operating systems spanning 1948 to today, in a single Linux VM. Bundled QEMU, VirtualBox, and UTM. One-click launchers for Windows and Linux.

The Virtual OS Museum
Show threadRegendans19h ago
Boosting this but also thinking about sudo|bash and Trojan horses and trusting strangers and distro hopping /j 😇
Show threadNazo

@regendans It seems to be a zip file presumably with images in it that you never directly execute. Presumably. (Ok, I can't get a download to actually go right now...) I suppose exploits/etc in the VM softwares themselves allowing escapes can't be 100% ruled out either, but this is definitely not a curl | sudo bash setup.

EDIT: I stand corrected! It's an AppImage, so it is executable. It looks like it uses qemu and AppImages can typically be extracted manually but ymmv.

May 19 at 9:41pmWeb
Show threadCONFIG.SYS: LOADHIGH5h ago

@nazokiyoubinbou @regendans That's a valid concern.

Extracting the AppImage for the VM images (or figuring out where the Lite version gets them from) and using your own emulator is probably safer. An (accidental) evil payload would be more likely to be in the initial binary than a complex VM escape in the images, I would say.

I'm hoping to clear up enough space tonight, and give it a whirl myself.