this post was submitted on 10 Oct 2023
245 points (93.6% liked)
Technology
59669 readers
3663 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
It's not arbitrary. Securing an OS today is a huge challenge and Microsoft wants to leverage this tech to facilitate this. New hardware supports it, a lot of older hardware supports it and they strongly encourage this as the new standard.
Yes it means some people won't update without workarounds but they are setting a standard moving forward and for supported hardware, they were quite aggressive with the upgrade (I had to make sure the TPM was disabled in BIOS on a machine I didn't wish to upgrade early on).
What exactly is TPM used for in Windows 11?
It allows Windows to create and store cryptographic keys and validate OS and firmware components haven't been tampered with.
Okay, how is that inherently useful? All any form of trusted boot does is make sure, that the OS is whatever the manufacturer approves. If that is an outdated image full of backdoors and exploits, than that is what the TB enforces. TECHNICALLY a phone on android 2 is secure (by this logic) because the TB enforces that awfully outdated image. All trusted boot is good for is to make sure you can't run acutally secure software on your device