Someone who can change the booting process of a PC without being noticed can always steal the keyboard input. However, I would suggest that a tool like TrueCrypt should do everything that as possible to detect rootkits. Also it was suggested to boot TrueCrypt from a physical CD-ROM. That fixes the MBR issue.
Of course a TPM would help here, too. Too bad it has been burned by the DRM industry.
No comments:
Post a Comment