Before installing Linux, I had originally planned to dual-boot on my main PC, but somehow a gaming rig from 5 years ago isn’t good enough to run windows 11, which is ridiculous.
Before installing Linux, I had originally planned to dual-boot on my main PC, but somehow a gaming rig from 5 years ago isn’t good enough to run windows 11, which is ridiculous.
The TPM is mostly used to store bitlocker keys and Microsoft account tokens. If you’re not using bitlocker nor a Microsoft account, the TPM is basically just sitting there doing nothing. The security afforded by the TPM is not needed by most users. The only users whose threat model would be improved by a TPM are users who are at risk of their locked PC being acquired by an advanced threat actor desperate enough for the information stored on it to attempt a cold boot or similar attack. Basically only executives and government officials who travel with their work laptops need TPM and the full secure boot chain. For 99.99% of Windows users it’s just additional hassle and expense for no added benefit
Its used for secret storage all throughout the windows operating system not just microsoft account.
This is true, but most software that could does not yet interface with the TPM, so in real world usage it’s basically only the Microsoft account authentication token and bitlocker keys
Another note related to the TPM being a silly requirement, across a fleet of about 1000 windows 11 PCS, in a six month period I saw about 5 had TPMs corrupt themselves and require a reset and one otherwise perfectly functioning laptop have it’s TPM entirely die. Which isn’t a horrendous infant mortality rate, but for the thing that stores your bitlocker keys you’d hope for better reliability, and it’s sad to see perfectly functioning hardware get replaced due to such an unnecessary component failing