• ours@lemmy.film
    link
    fedilink
    English
    arrow-up
    5
    ·
    1 year ago

    It’s not arbitrary. Securing an OS today is a huge challenge and Microsoft wants to leverage this tech to facilitate this. New hardware supports it, a lot of older hardware supports it and they strongly encourage this as the new standard.

    Yes it means some people won’t update without workarounds but they are setting a standard moving forward and for supported hardware, they were quite aggressive with the upgrade (I had to make sure the TPM was disabled in BIOS on a machine I didn’t wish to upgrade early on).

      • ours@lemmy.film
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        It allows Windows to create and store cryptographic keys and validate OS and firmware components haven’t been tampered with.

        • ddkman@lemm.ee
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          1 year ago

          Okay, how is that inherently useful? All any form of trusted boot does is make sure, that the OS is whatever the manufacturer approves. If that is an outdated image full of backdoors and exploits, than that is what the TB enforces. TECHNICALLY a phone on android 2 is secure (by this logic) because the TB enforces that awfully outdated image. All trusted boot is good for is to make sure you can’t run acutally secure software on your device