I'm building a car pc and the way i'm setting it up, the PC will directly control the ability to start the car(ignition cylinder will be removed from the steering column). I want to make sure that the system cant be booted without a usb device plugged in, but i've heard that putting the whole OS on a usb stick can make boot times go sky high and I've been told to only move the boot kernel onto the usb drive and leave the OS itself onto the hard drive. This makes perfect sense, but how would I go about doing it?
I'm guessing I'de have to move NTLDR onto the stick....but what else do i have to do?
Any help would be greatly appriciated.
Thanks
Matt
Car PC Security booting
Started by
sxtnitehawk
, Oct 10 2007 07:57 PM
7 replies to this topic
#2
Brito
-
- .script developer
-
- 10616 posts
Platinum Member
- Location:boot.wim
- Interests:I'm just a quiet simple person with a very quiet simple life living one day at a time..
-
European Union
Posted 10 October 2007 - 09:55 PM
Hi Matt - welcome to our forums! 
Why not using the hard drive for all operations and move away from using the USB drive for boot?
You can create an image of the bootable disk and place it on the drive - then you would be able to load it to RAM using SDI and should be fairly faster than using any USB drive.
----
What is the advantage?
Using an image means that you can use the same image on either USB pendisks, CD-ROM drives and Hard disks and in all cases it should be possible to safely remove the media from where the OS was booted.
(not actually sure about HD removal since I slightly suspect that removing the disk from a running OS might cause it to freeze - not confirmed)
I would be very interested to know your results about boot speed even thought my opinion is that hard drive boot is always faster than compared to USB2 or CD drive.
-------
There is also VistaPE - it's meant from the start to run straight from RAM and USB drives so it migth be easier to get working out of the box without having to use Windows 2003 files mixed with the XP ones.
In either case if you still wish to try RAM boot from XP, you should first get a copy of the trial version of windows 2003 - a link from microsoft is available here: http://www.microsoft...llinstruct.mspx
And wb projects targeted to XP almost always include the option to create a RAM boot with ease - just use this windows 2003 as source to create a new boot disk.
(a script to create bootable USB flash disks is also included on the liveXP project - it uses the PeToUSB tool created by codebettle on http://gocoding.com)
---
Good luck with you car-booting!!
Why not using the hard drive for all operations and move away from using the USB drive for boot?
You can create an image of the bootable disk and place it on the drive - then you would be able to load it to RAM using SDI and should be fairly faster than using any USB drive.
----
What is the advantage?
Using an image means that you can use the same image on either USB pendisks, CD-ROM drives and Hard disks and in all cases it should be possible to safely remove the media from where the OS was booted.
(not actually sure about HD removal since I slightly suspect that removing the disk from a running OS might cause it to freeze - not confirmed)
I would be very interested to know your results about boot speed even thought my opinion is that hard drive boot is always faster than compared to USB2 or CD drive.
-------
There is also VistaPE - it's meant from the start to run straight from RAM and USB drives so it migth be easier to get working out of the box without having to use Windows 2003 files mixed with the XP ones.
In either case if you still wish to try RAM boot from XP, you should first get a copy of the trial version of windows 2003 - a link from microsoft is available here: http://www.microsoft...llinstruct.mspx
And wb projects targeted to XP almost always include the option to create a RAM boot with ease - just use this windows 2003 as source to create a new boot disk.
(a script to create bootable USB flash disks is also included on the liveXP project - it uses the PeToUSB tool created by codebettle on http://gocoding.com)
---
Good luck with you car-booting!!
#3
MedEvil
-
- .script developer
-
- 7771 posts
Platinum Member
Posted 10 October 2007 - 11:09 PM
sxtnitehawk, if you use a laptop simply use the build in bootpassword feature. It can't be circumvented without replacing the BIOS chip. Every other Security feature is far easier to get around.
Like when you're going to use a USB stick as a key, then your computer will, the way you describe it, need to boot from USB.
So what should keep me from hooking up my USB Stick, boot it up and then cross over into your installed system to get some data or even make use of it straight?
Like when you're going to use a USB stick as a key, then your computer will, the way you describe it, need to boot from USB.
So what should keep me from hooking up my USB Stick, boot it up and then cross over into your installed system to get some data or even make use of it straight?
#4
sxtnitehawk
-
- Members
- 2 posts
-
United States
Posted 11 October 2007 - 04:24 AM
Nuno: I dont want the whole OS to be on a usb drive though, JUST the boot loader, I want the OS itself to be on the hard drive and just the boot menu to be on the usb device. This way without the usb device, the system wont even BOOT...but i dont want the slow boot times of using all usb for the OS itself...
MedEvil: not using a laptop...building a PC in the car... I dont want the OS to boot from the usb stick, just the boot loaded, NTLDR. I want the OS to be on the harddrive and have NTLDR on the USB stick, with ONLY the USB stick in the boot sequence in bios. This way without that USB stick, there's no chance the computer will boot.
both BIOS and XP will have passwords set, but inevitably I still want that USB stick to have NTLDR and whatever else is required to get this working...
MedEvil: not using a laptop...building a PC in the car... I dont want the OS to boot from the usb stick, just the boot loaded, NTLDR. I want the OS to be on the harddrive and have NTLDR on the USB stick, with ONLY the USB stick in the boot sequence in bios. This way without that USB stick, there's no chance the computer will boot.
both BIOS and XP will have passwords set, but inevitably I still want that USB stick to have NTLDR and whatever else is required to get this working...
#5
Brito
-
- .script developer
-
- 10616 posts
Platinum Member
- Location:boot.wim
- Interests:I'm just a quiet simple person with a very quiet simple life living one day at a time..
-
European Union
Posted 11 October 2007 - 09:26 AM
You mean using the USB key as a sort of key to allow booting the system?
That's an interesting twist.
There are other members here in the forum with more experience on GRUB and boot loaders - I hope it helps.
That's an interesting twist.
There are other members here in the forum with more experience on GRUB and boot loaders - I hope it helps.
#6
was_jaclaz
-
- Advanced user
-
- 7101 posts
Finder
- Location:Gone in the mist
-
Italy
Posted 11 October 2007 - 05:43 PM
As I see it, easiest woud be to put on the stick, that can be as small as the bare minimum you can find, 16 Mb, if you still can find a few of them, just grldr.mbr (installed) and grldr + menu.lst, better if using the md5 password feature, see this thread:
http://www.boot-land...?...ic=2984&hl=
If you also put on the stick NTLDR+NTDETECT.COM+BOOT.INI, you have a slighty added level of security.
In other words, that would be something similar to this:
http://www.911cd.net...showtopic=20434
jaclaz
http://www.boot-land...?...ic=2984&hl=
If you also put on the stick NTLDR+NTDETECT.COM+BOOT.INI, you have a slighty added level of security.
In other words, that would be something similar to this:
http://www.911cd.net...showtopic=20434
jaclaz
#7
MedEvil
-
- .script developer
-
- 7771 posts
Platinum Member
Posted 12 October 2007 - 02:59 PM
I understood your idea the first time, it's just, look 2. answerMedEvil: not using a laptop...building a PC in the car... I dont want the OS to boot from the usb stick, just the boot loaded, NTLDR. I want the OS to be on the harddrive and have NTLDR on the USB stick, with ONLY the USB stick in the boot sequence in bios.
Sorry, if you build your carpc that way you can just as well let the doors open and the key in the ignition.This way without that USB stick, there's no chance the computer will boot.
- BIOS passwords of regular PC can be deleted within seconds
- If your BIOS tries to start from USB, it will boot any bootable USB-Stick
What you might could try, is having the computer boot from the build in drive completely, but having the harddisk encrypted and a software that queries the USB port for a device containing the file with the key code.
edit:
But there would still be the task of making the PC inaccessable to the potential thief.
#8
Brito
-
- .script developer
-
- 10616 posts
Platinum Member
- Location:boot.wim
- Interests:I'm just a quiet simple person with a very quiet simple life living one day at a time..
-
European Union
Posted 12 October 2007 - 03:11 PM
The "special" USB key sounds a very good idea to prevent misuse..
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
