Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I've been shouting at the void for years (https://gist.github.com/osy/45e612345376a65c56d0678834535166) about how TPM doesn't bring any practical security and was originally introduced for DRM then repurposed to sell "enterprise" security and now it's used as an excuse to force consumers to buy new PCs. TPM was designed by a committee who focused on designing the most secure gate without building a fence. There are many issues that Microsoft knew about for decades and never bothered to fix because security was never the goal.


This can be said for 90% of all cargo-cult "infosec" initiatives.

At best, you're gaining marginal security benefits at the cost of major productivity loss of power users and performance loss on older OS/hardware combinations.


I'm using TPM based on free software and with my own keys on my Librem 14 just fine, and it has no DRM. You're generalizing too much.


What does TPM has to do with this? Microsoft is cutting support for CPU generations irrelevant to TPM support. It's just a cutoff CPU makers told them to add. There is an official Microsoft Long term security support version of Windows 11 that doesn't have any tpm or cpu age requirements (other than an instruction that was added to all cpus 15 years ago).


Thank you for the link. I enjoyed the read.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: