[greendave]

> fTPM tampering is out of scope since the ME is the root of all trust in the system

I'm wondering about this assumption. Hasn't the ME previously been shown to be fairly straightforward to exploit?

[dathinab]

I think they refer more to the "technical" term "root of trust" then to weather or not persons trust it/it has had security vulnerabilities.

[als0]

As long as there is choice (e.g. between fTPM and dTPM) then it's up to the eye of the beholder to pick appropriately. An fTPM is better than nothing, but discrete TPMs have certifications.

[shawnz]

ME has had exploits, but it has also had patches.