> Wouldn't the MBR and stage 1 of the bootloader have to be in plain
> text? I mean, the x86 BIOS is small and not very bright, so you're
> stuck with having some unencrypted stuff on it. I think. If the
> BIOS has additional functions, you might be able to have a totally
> crypted disk. I also can't see that much point to encrypting /boot
> , but encrypting / , /usr , /home , and so forth makes a lot of
> sense for some situations.
>
> I've never been *that* paranoid, so all I've done is have a
> /home/me/crypt file mounted loopback via truecrypt on /home/me/
> secure/ .
Most newer systems will boot off a USB stick, then the HDD can be totally
encrypted. It's rather easy.
nathan
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)