I don’t really like Windows but it’s for my gaming PC. My laptop does run linux. I don’t know much of anything about 11 and whether it’s better or not.

  • buckykat@lemmy.fmhy.ml
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    What does it mean to be secure? Allowing a megacorp to mandate what you can and can’t do on your own hardware means that hardware is less secure, not more.

    • boonhet@lemm.ee
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      It disallows certain attacks other people could perform on your devices. I’ve already explained this in 2 other comments in this thread.

      Firstly, even with physical access to your device, it’ll be harder to fuck with the firmware or software on your computer. Windows literally can’t unlock your data if something’s fucky, because TPM won’t give it the required keys. Secondly, TPM can be used as a more secure way to store encryption keys in general. And thirdly, you get hardware random number generation, which can be very useful if your system’s entropy is too low.

      Yes, unfortunately it also means DRMs can force you to consume content on only the exact same hardware you purchased it for. But there ARE legitimate use cases for TPM too. TPM has been used in enterprise settings for over a decade.

      Luckily for now at least, there’s a solution for the whole DRM issue too. It’s called piracy. Plenty of DRM free content out there. It’s possible that some streaming content literally won’t reach your favourite torrent site because hardware DRM, but I’m not TOO worried about it personally, because HDCP can be bypassed, so there’s still a way to capture the signal, it’s just between the computer and the screen.

      But overall, definitely use Linux instead of Windows with TPM off if you’re worried about ANY of this. And I mean, sure, keep TPM off, it’s highly unlikely that you’ll actually need the niche extra security it provides on a personal device.

      • buckykat@lemmy.fmhy.ml
        link
        fedilink
        English
        arrow-up
        0
        ·
        1 year ago

        The only one with physical access to my hardware trying to fuck with the software is me. Evil maid attacks are purely hypothetical for almost everyone, and suggesting that TPM is necessary to protect against them is dishonest. TPM is a much greater threat than any it purports to protect against.

        • boonhet@lemm.ee
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          Almost everyone just means home users and those don’t matter much to Microsoft anyway, corporate is where the big money is.