Rootkit Breaks TrueCrypt

There is an attack against TrueCrypt based on a rootkit which is installed in the MBR. Such things are well-known since rootkits have been invented, but this one seems to be targeted directly at TrueCrypt and also quite hard to detect.

Someone who can change the booting process of a PC without being noticed can always steal the keyboard input. However, I would suggest that a tool like TrueCrypt should do everything that as possible to detect rootkits. Also it was suggested to boot TrueCrypt from a physical CD-ROM. That fixes the MBR issue.

Of course a TPM would help here, too. Too bad it has been burned by the DRM industry.