In a surprising turn of events, Microsoft has reversed its decision to enforce the Trusted Platform Module (TPM) 2.0 requirement for installing Windows 11. This policy, recently defended just a week ago, sparked widespread frustration as millions of otherwise capable systems were arbitrarily deemed incompatible, leaving many users feeling alienated. This backpedaling showcases yet again […]
It’s a way of tying an encryption key to the processor. Depending on how you look at it that’s either a good way to ensure your disks aren’t readable if they’re separated from your machine or a vendor lock-in.
Man, I recently ran into this shit when I bought a computer for my patents. I wanted to upgrade their hard drive and the fucking thing wouldn’t boot unless I fully cloned the original hard drive into the new one.
It certainly can be a pain in the proverbials. It’s one of those things that can be good or bad. When it’s the end user deliberately choosing to use it, it can provide extra peace of mind and lock down certain attack vectors, when it’s the vendor doing it, it’s just a way to make it harder to service your machine. That it also still locks down certain attack vectors is almost a byproduct in that scenario.
I still cannot understand the utiliy of tpm, except for tricking tech illiterate people to spend money on a new pc.
It’s a way of tying an encryption key to the processor. Depending on how you look at it that’s either a good way to ensure your disks aren’t readable if they’re separated from your machine or a vendor lock-in.
Man, I recently ran into this shit when I bought a computer for my patents. I wanted to upgrade their hard drive and the fucking thing wouldn’t boot unless I fully cloned the original hard drive into the new one.
I never even knew about this fuckery
It certainly can be a pain in the proverbials. It’s one of those things that can be good or bad. When it’s the end user deliberately choosing to use it, it can provide extra peace of mind and lock down certain attack vectors, when it’s the vendor doing it, it’s just a way to make it harder to service your machine. That it also still locks down certain attack vectors is almost a byproduct in that scenario.
It’s OS level DRM.
https://en.wikipedia.org/wiki/Trusted_Platform_Module