TPM
Trusted Platform Module
Does anyone actually use these? Are they supported by linux at all?
Any major differences between 1.6 and 2.0?
I was thinking of picking up one of these to play around with but if they only work for Enterprise shit and one piece of encryption software made by MS I am not sure if I should bother.
TPM
Aiden Wilson
Aaron Bennett
I can say for sure that coreboot supports them and linux utilizes them fkr entropy. Other than that, no clue user.
Justin Smith
Interesting, all I have found online is old articles from neckbeards ranting about drm.
Wyatt Harris
Im also interested
Bump
Xavier Myers
When they first started talking about this stuff early in the millennium, there was a lot of concern that that would be their main use case - Microsoft backing them as a sort of early form of what we now call secure boot didn't help matters. Of course given this hardware secure-boot stuff you can use it for evil (eg, that spat about Apple locking out Linux on macbooks) or for good (Purism uses it for their tamper-evident stuff to defend against "evil maid" attacks)
the other thing you can do is disk encryption. I believe you can set things up so that if someone takes out your encrypted disk and puts it in another machine, they won't be able to decrypt it even if they know your password, due to key storage on the TPM.
Jason Wright
A lot of current motherboards can emulate them using the PSP/ME and a tamper-resistant EEPROM. All Zen processors have an fTPM and it's reckon that intels have them too.
John Harris
tpm_luks allows you to store your LUKS encryption keys in it
Justin Watson
> Does anyone actually use these?
No.
> Are they supported by linux at all?
Yes.
> Any major differences between 1.6 and 2.0?
AFAIK less prone to a coldboot attack.
Colton Gray
Isn't it dangerous? Thief comes in, takes your PC and not just disks, boots it up - done.
Easton Wilson
You could futz around with TPM/TOTP and have the computer verify itself to you rather than the other way around.