I think TPM-only encryption is still good enough for cases where a thief may try to swipe the hard drive out to steal the information on it later.

Plus, in a business where laptops may get reused, it could be a method to make an old Windows install inaccessible by wiping the backup key from the cloud and clearing the TPM on the device without any formatting. You may want to do a quick format to be sure (you never know if someone kept their private files in the EFI partition) but it'll protect you against data recovery risks from reassigned sectors without having to force everyone to enter a password twice every time they boot their laptop.

These kinds of attacks aside, the intent is that you need to turn on the PC and then actually boot to the intended operating system, which is then protected with a login screen

Yeah fair enough. The login screen should still provide good protection in a TPM-only scenario. (Although it had some vulnerabilities in the past: https://secret.club/2021/01/15/bitlocker-bypass.html)

Except that if you can sniff the encryption keys, you can tamper with the OS and for example remove the password...

That's why I caveated my explanation with "these kinds of attacks aside": this video describes such a bus sniffing attack

I've read your message too quickly ;)

The "big deal" is just seeing it demonstrated this quickly. TPM-Sniffing is an old hat [1], but I always thought it would take at least hours of painstaking fiddling with a soldering iron. I find this video impressive and eye opening.

[1] https://www.orangecyberdefense.com/ch/insights/blog/tpm-snif... (2021)

The default is an unencrypted computer. Microsoft is trying to improve that default without requiring yet another password.