I have never personally found a use for a TPM. Any data I care about is encrypted on disk and the evil maid attacks and $5 wrenches do not apply to me. A TPM will not protect against malware on a booted machine. Multiple snapshots of my data are backed up to multiple encrypted storage devices. A TPM will not protect that data, only physical security applies to me.
On the other hand my personal belief is that when TPM usage hits critical mass the goal posts can be moved and the TPM can be tied to the ability to stream movies or DRM content, utilize a gaming platform, traverse a CDN, access websites that have user generated or adult content and so on. People without a TPM could eventually be considered a different sub-class of users and blocked from most of the internet. I bet that sounds totally bananas right now just like I bet there are still people that think DoH was created to protect them. I see TPM as potentially becoming a persistent mega-cancer-cookie.
fsflover · 21h ago
> In the end it’s a blackbox holding your full disk encryption key. Do you trust self-encrypting disks? Probably not. So why do you trust a TPM? It could have a backdoor.
My Librem 14 has a FLOSS TPM, which works fine and is verifiable.
On the other hand my personal belief is that when TPM usage hits critical mass the goal posts can be moved and the TPM can be tied to the ability to stream movies or DRM content, utilize a gaming platform, traverse a CDN, access websites that have user generated or adult content and so on. People without a TPM could eventually be considered a different sub-class of users and blocked from most of the internet. I bet that sounds totally bananas right now just like I bet there are still people that think DoH was created to protect them. I see TPM as potentially becoming a persistent mega-cancer-cookie.
My Librem 14 has a FLOSS TPM, which works fine and is verifiable.