Virtual Machine vs a Clean Laptop
​
In terms of OSINT Investigations which do you find better OPSEC, using a virtual machine to protect your workstation or a "burner" workstation that you can wipe if it gets compromised?
In terms of OpSec it’s less about whether you use a VM or raw hardware, and more about how hardened your setup actually is.
Most people lean toward VMs because of sandboxing, snapshots, and separation from the host. If the VM gets compromised, you can usually wipe or revert it quickly unless you’re dealing with advanced VM escape techniques.
A burner laptop gives stronger physical separation, but bad habits will compromise you regardless. Weak passwords, poor browser hygiene, leaked metadata, reused accounts, or downloading random binaries are bigger risks than the hardware choice itself.
For serious privacy-focused workflows, most people move toward hardened Linux/Unix environments rather than default Windows-based setups due to telemetry, attack surface, and compartmentalisation benefits.