undefined | Better HN

0 pointsDaiPlusPlus8y ago0 comments

TPM isn’t about locking down machines - they’re about enabling the user (who is always in control) to establish a trust chain for software on the machine - and to serve as a secure store for cryptographic secrets so they become inaccessible from the rest of the system.

You can have lock-out without the TPM anyway - like the pre-Fingerprint reader iPhones.

0 comments

TeMPOraL8y ago

TPM technically isn't about locking users out, but will be (is) used this way - between enterprise customers and MAFIAA's desire for DRM, it's pretty much a given. It's a tool in the War on General Purpose Computing. Alone not enough to win it, and sure, theoretically useful for both sides, but for the enemies of general purpose computing it's an important cog in their war machine.

walterbell8y ago

QubesOS uses this tool to give users and device owners (not vendors) control, e.g. Anti Evil Maid.

j / k navigate · click thread line to collapse

0 comments

TeMPOraL8y ago

walterbell8y ago

QubesOS uses this tool to give users and device owners (not vendors) control, e.g. Anti Evil Maid.

j / k navigate · click thread line to collapse