Some things are proven facts. Full hardware virtualization being insecure is a fact. Multiple expert level security professionals have weighed in on this matter (including the lead dev of OpenBSD) and you can read all about it in the thread I linked to. The only reason you would even want to consider using full hardware virtualization is if you are using it to isolate applications from the external IP address, and even in this case it brings serious added risks because it makes it easier for someone to pwn the operating environment in your guest VM and spy on your plaintexts, even if they can not get your external IP address. Paravirtualization and OS virtualization are much safer ways to get isolation, and if you want to go full out you should be using physical layer isolation to isolate apps from tor and external IP address. Yes it would. I have written many things like this over the years, adding to my tutorials and adding techniques and fixing mistakes as I learn more. I think my skills and knowledge have increased by such a degree that it is time for a new set of tutorials. I will start work on a comprehensive SOP tutorial set soon, I also welcome haxxtheplanet to join by writing a tutorial for physical layer isolation if he wants. If not I will. But I also will write tutorials for OS virtualization and paravirtualization. That is pretty much what happened in the thread I linked to. Someone claimed that all virtualization is bad and dangerous and that led me to find out that paravirtualization and OS virtualization should be used over full hardware virtualization. I wasn't aware full hardware virtualization was so insecure before (although I really should have as it is obviously a massive increase to complexity. I guess I was thinking of guest machines as being actual machines, instead of being applications. Bad and wrong way to look at it!). After doing research I found that the poster was about 95% right about what he said, although I did come to a slightly different conclusion than he did (suggesting paravirtualization and OS virtualization over no isolation, although we both agree physical layer isolation is the ideal solution). Many security experts are quoted in the thread and we all reach more or less similar conclusions about many of the points discussed. I think all the experts have presented the evidence and valid (if different) conclusions from the evidence are also presented. The only point left with some arguement around it is if no isolation is better than using OS or paravirtualization, we all agree physical isolation is best and we all agree that full hardware virtualization is best avoided. This is ten thousands time more true if you are using full hardware virtualization for any security related purpose other than isolation of apps from external IP address. Yes I will make a guide. Yes I am pretty good with computer security. I really shine at traffic analysis and server administration though, I am not an expert on virtualization (although I have talked with some about the issues, you should really read the thread that I linked to)