Updating intel ata controler
The real defense here is trusted boot, something Trusted Computing is supposed to enable.
But Trusted Computing has its own problems, which is why we haven't seen anything out of Microsoft in the seven-plus years they have been working on it (I wrote this in 2002 about what they then called Palladium).
As soon as you give up physical control of your computer, all bets are off.
No security product on the market today can protect you if the underlying computer has been compromised by malware with root level administrative privileges.
That said, there exists well-understood common sense defenses against "Cold Boot," "Stoned Boot" "Evil Maid," and many other attacks yet to be named and publicized.
The defenses are basically two-factor authentication: a token you don't leave in your hotel room for the maid to find and use.
This attack exploits the same basic vulnerability as the "Cold Boot" attack from last year, and the "Stoned Boot" attack from earlier this year, and there's no real defense to this sort of thing.Step 2: You boot your computer using the attacker's hacked bootloader, entering your encryption key.Once the disk is unlocked, the hacked bootloader does its mischief.(Note: Not all computers do.) I actually knew that; I just didn't remember it.
EDITED TO ADD (11/12): Peter Kleissner's Stoned Boot attacks on True Crypt.It does not protect against an attacker who has access to your computer over a period of time during which you use it, too.EDITED TO ADD (10/23): A few readers have pointed out that Bit Locker, the one thing that has come out of Microsoft's Trusted Computing initiative in the seven-plus years they've been working on it, can prevent these sorts of attacks if the computer has a TPM module, version 1.2 or later, on the motherboard.2) Use (preferably write-protected, or even read-only) USB dongle to boot up computer.