On Tue, Oct 21, 2003 at 10:26:01PM +0200, Evan Langlois wrote:
I don't know much about FILO.
I should have included the URL where it lives: http://te.to/~ts1/filo/ Sorry about that.
Can anyone comment on its compatibility with the LILO graphical features (displaying graphical menus/splash screens), and is there any support available for encrypted filesystems?
Graphics may not be up when FILO runs, LinuxBIOS does not have a waterproof way of initializing all graphics controllers yet. (See list archives, search for VGABIOS.)
Assuming FILO works like LILO, and doesn't know about filesystems, I'm assuming encryption would be difficult, and it might therefore be best to chain-load another boot-loader, but I'd want the encryption keys to be in the ROM to make it as difficult as possible to get to them.
Encryption keys should be in the user IMHO, but this is another discussion entirely. The ROM is anyway very easy to get information from, assuming the system boots from it. (There's limited use of a disconnected ROM though..)
Encryption in the BIOS itself may be a positive feature, not just for corporate users that want to protect their IP, but laptop users and such (in which case the key would be asked for on boot) that don't want sensitive information leaking out just because a laptop was stolen.
Yep, this is a good idea. See http://www.nah6.nl/products/secure-notebook/
//Peter