On Wed, 27 Apr 1994, Jim Sewell wrote:
ObCrypt: Has anyone heard of work in the area of encrypting all information on a computer and build the authentication software into the operating system so the only practical chance of intrusion is a forgetful operator?
Yes, in fact, that's been talked about. There's a DES-based loop driver for disks floating around, and I've kicked around the idea of hacking exec() and the back-end to gcc so that ld would use PGP to digitally sign a binary based on a serial number in the kernel, and having exec() use PGP to verify that the binary hadn't been tampered with. I suppose the same idea could also be used to encrypt binaries, so that the binary couldn't be tampered with and would only run on that machine. Not a real problem to implement, really.