RMS is sounding less and less crazy with discoveries like this. To think a manufacturer would essentially rootkit their own machines is testament to how bad things have become.
Would running TrueCrypt full disk encryption protect you from your own hardware? If the BIOS can't read the disk on boot, I don't think it would inject the binary into the file system.
No - see my reply to the Ars thread. Windows 8 introduced an "official" way to do this called "Windows Platform Binary Table". Every time Windows boots, it checks your ACPI table for an entry called "WPBT", writes that to disk as "wpbbin.exe", and executes it. There does not seem to be any way to disable this behavior in Windows. Truecrypt would not help in this case because it happens after boot.
You know, I have to agree. My gut reaction is "blame the policy not the technology", but after looking closely, I'm struggling to see how this feature could ever be applied towards the user's best interests.
Would running TrueCrypt full disk encryption protect you from your own hardware? If the BIOS can't read the disk on boot, I don't think it would inject the binary into the file system.