TrueCrypt is a very good tool when one wants to encrypt its entire hard disk. This article describes a minor flaw in the design of TrueCrypt (and probably any other disk encryption tool) that leads to a backdoor on the attacked system.

This attack vector is not validated by me yet. I did not try it out but I am sure it would work. If not, please let me know in the comments.

The entry point to an encrypted system is the unencrypted /boot partition. Parts of the boot loader, the kernel image and often an initial ram disk image (initrd) are stored there.

To install a backdoor in the to be attacked system, initrd is the key. While one also could use the kernel itself, using initrd is much simpler. The initrd image contains a couple of scripts that are ran when the kernel boots up and AFTER the disk was decrypted.

Before the attacker can start, she needs physical access to the system or storage. That can either be done by removing e.g. the hard disk from the system and mount it with other hardware or, if possible, to boot the system with some live system.

Now the attacker must mount the partition and copy over initrd file. In Fedora Linux the image is an gzipped cpio archive. This might be different in other distributions.

The final steps are to modify some boot script to add an password to the LUKS system. Now if the attacked user boots up the system he will add an password known to the attacker to the system. Next time the hacker gets access to the computer, she can steal some data. The modified initrd must be put back in place of course.

There are pratically no ways to protect yourself from this since as long one has access to the /boot partition, she controls almost everything in the system. TPM based signatures of the kernel and initrd could be helpful, but I don’t know much about that stuff.

As stated before I did not try it out yet. I know one thing or two about Linux and so I am pretty sure this would work. Feel free and try it out. Please tell me about your results in the comments.