For the sake of arguing, how could they install a backdoored kernel on an encrypted hard drive.
The kernel has to be loaded from
somewhere. Unless you boot from a CD or USB drive, it will be on an unencrypted partition of your hard disk.
lol. No.
Boot PC -> MBR loads (truecrypt) -> Truecrypt decrypts MBR on hdd (windows) -> control gets passed to that.
The kernel is encypted.