this post was submitted on 10 Oct 2023
242 points (93.8% liked)

Technology

59600 readers
3487 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] ours@lemmy.film 5 points 1 year ago (1 children)

It's not arbitrary. Securing an OS today is a huge challenge and Microsoft wants to leverage this tech to facilitate this. New hardware supports it, a lot of older hardware supports it and they strongly encourage this as the new standard.

Yes it means some people won't update without workarounds but they are setting a standard moving forward and for supported hardware, they were quite aggressive with the upgrade (I had to make sure the TPM was disabled in BIOS on a machine I didn't wish to upgrade early on).

[–] ddkman@lemm.ee 1 points 1 year ago (1 children)

What exactly is TPM used for in Windows 11?

[–] ours@lemmy.film 1 points 1 year ago (1 children)

It allows Windows to create and store cryptographic keys and validate OS and firmware components haven't been tampered with.

[–] ddkman@lemm.ee 1 points 1 year ago* (last edited 1 year ago)

Okay, how is that inherently useful? All any form of trusted boot does is make sure, that the OS is whatever the manufacturer approves. If that is an outdated image full of backdoors and exploits, than that is what the TB enforces. TECHNICALLY a phone on android 2 is secure (by this logic) because the TB enforces that awfully outdated image. All trusted boot is good for is to make sure you can't run acutally secure software on your device