*** Dalin Owen wrote in a message to Brian McCloud:
BM> As far as I am aware, the system BIOS, loaded from ROM, checks the 
BM> disks to see which is bootable.  Therefore, the only way to do what 
BM> you want is to hard-wire it into the ROM.  Some BIOSes allow 
BM> passwords in the CMOS, but I think that's just to prevent s
DO> I can _fully_ lock out my system with a BIOS password!
DO> Except that doesn't stop someone from pulling the battery..
You're not going to be able to defend against someone who truly knows what 
he's (she's) doing and who is truly determined to get in.
If someone pulls your battery, you will know that someone got into your 
computer, since the password will be gone or changed.  At worse, you'll get a 
CMOS failure message due to the CMOS being wiped, and you just plain won't 
know for sure if someone wiped it or if the computer got zapped by a power 
surge.
Someone could just pull the hard drive out and put it on another computer, 
therefore, to be properly paranoid, you'd need the entire hard drive 
encrypted.  You're begging for trouble when you start thinking along those 
lines.
The U.S. Army defends against that kind of thing by using removable hard 
drives.  You can buy mounting kits that fit in a 5.25" drive bay and will 
hold a 3.5" drive.  When you're done with the computer, you turn the computer 
off, unlock the hard drive, pull it out, and put it in the safe or other 
secure area.
Several times, I've worked on computers and the entire computer was in a 
secure area; I had to show my ID and a copy of the work order, and sign a 
sign-in sheet in order to get in to work on the computer.  They would turn on 
flashing lights so that everyone in the place knew that guests were present 
who did not have proper security clearance.
--Scott.
--- timEd 1.01
---------------