Just came across this article on slashdot, about how a bootkit is used to bypass TrueCrypt's encryption in a rather elegant way: http://it.slashdot.org/story/09/08/01/2247225/Bootkit-Bypasses-TrueCrypt-Enc... At least, there is some form of protection possible, since anti-virus software fails completely at detecting the bootkit: "However, administrator privileges or physical access to a system are required for an infection. At present, only machines running the traditional BIOS are vulnerable. The attack is unsuccessful when the BIOS successor the Extensible Firmware Interface (EFI) is at work on the motherboard. The most effective protection appears to be encrypting the entire hard disk with software that is based on the Trusted Platform Module (TPM)." Cheers, Peter -- Peter Reutemann, Dept. of Computer Science, University of Waikato, NZ http://www.cs.waikato.ac.nz/~fracpete/ Ph. +64 (7) 858-5174