Do you trust TPM and Intel's TXT?

Discussion in 'privacy technology' started by Tipsy, Sep 10, 2014.

  1. Tipsy

    Tipsy Registered Member

    Joined:
    Aug 25, 2013
    Posts:
    207
    Do you trust the Trusted Platform Module and Intel's Trusted Execution Technology? Or do you think they are risk for your privacy and ability to control your computers?
    Do you run your machines with them enabled or do you try to disable or circumvent them?
     
  2. Nebulus

    Nebulus Registered Member

    Joined:
    Jan 20, 2007
    Posts:
    1,582
    Location:
    European Union
    I don't have any computer with a TPM chip built-in and I'd like things to stay that way :)
     
  3. brians08

    brians08 Registered Member

    Joined:
    Apr 27, 2008
    Posts:
    40
    As far as I have seen so far from TPM chips is that they are only useful in a corporate IT environment. They give IT more control over Bitlocker so employees can't bypass corporate security.
    Absolutely useless for individual users. Worse, they give individuals false sense of security since there is every reason to expect that the NSA can bypass them if they need to.
     
  4. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    If there were TPM that I could actually trust, I'd want them. Otherwise, no thanks.
     
  5. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,026
    Location:
    The Netherlands
    Dumb question: Is the TMP chip really only for corporate PC´s? I thought it was a standard feature on higher end machines, to be honest.
     
  6. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    The TPM could be used to restrict what software can run on a machine. An OEM-owned TPM might, for example, allow only Microsoft-approved software to be run. Or it might be used to encrypt log data sent to Microsoft, the NSA or wherever.
     
  7. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,026
    Location:
    The Netherlands
    @ mirimir

    OK, so it sounds like something you do not want to have, I will check it the next time I buy a machine. :cautious:
     
  8. deBoetie

    deBoetie Registered Member

    Joined:
    Aug 7, 2013
    Posts:
    1,148
    Location:
    UK
    Trust is such a big word!

    I've actively added some Infineon TPM chips to a couple of W7 desktops, specifically to be able to use WDE with Bitlocker, including on the system drive. As far as I know, it's the ONLY completely transparent way to do this, with no user intervention required. Without using TPM, or with other WDE, you're faced with entering a (necessarily strong) password and/or having a USB key for every boot. With the TPM, disk access requires a windows login which I have protected with a Yubikey. TPM also provides some protection against rootkits. It makes failed disk disposal easier too, because everything's encrypted from the start.

    Do I trust the TPM against some threats? No, and I know there are potential dangers with them - if they happen, then I'll move off 'em.

    So for protecting me against people pinching my machines - not bad. Against the NSA - well, there are a whole load of things to be thinking about there....!
     
Loading...