[jandrese]

A TPM is just a bit of memory that is "hacker proof" so you can store a private key with a guarantee that it can't leak out. You can then sign, encrypt, or decrypt using the key.

They were controversial because it was originally thought they would be used to lock parts of your computer away from you, being used to do DRM and the like. At the end of the day the chips were hard to use, slow, and flaky enough that it didn't really pan out. A lot of the braindamage came from a secondary feature where you could theoretically create "secure enclaves" where the entire execution chain down to the bare metal was signed to prevent viruses and rootkits from executing. In theory this is neat, but in practice it's basically impossible on PC hardware and caused a lot of problems. This functionality is the reason BitLocker had the reputation for randomly locking you out of your machine, even though it doesn't use the feature directly. The configuration registers were maybe a mistake.

[meowface]

I know it's super easy for anyone to Google, but I feel like at least one reader will find this useful since I didn't see it mentioned anywhere in the discussion thread: TPM stands for Trusted Platform Module.

("TPM is an international standard for a secure cryptoprocessor, a dedicated microcontroller designed to secure hardware through integrated cryptographic keys." - https://en.wikipedia.org/wiki/Trusted_Platform_Module)

[tremon]

A TPM is much more than "just a bit of memory". It is a cryptographic coprocessor, with its own microcode and its own security domain.

And I don't think a fully-secured future for PC's is as impossible as you think. The primary reason this is impossible right now is because TPM's aren't ubiquitous (none of my machines came with one installed). That problem will be solved by Windows 11.

[cmxch]

Secured for the benefit of Microsoft or DRM providers, not necessarily for the benefit of the end user.

Unless they're willing to allow the end user to override the wishes of the vendor (and without any diminished functionality), TPM is just another way to turn computers into appliances.

[jandrese]

The fundamental problem with the secure enclave on PC is that to make it work you have to basically lock out all of the untrusted hardware on the box, which is pretty much all of it. So while you are doing your secure computation nobody is servicing the PCIe bus. The graphics card drivers aren't getting any CPU cycles. Ring buffers on your network cards aren't emptied. From the perspective of everything else on the machine the whole thing just crashed.

If your computation is quick you might be able to get away with this sometimes, but the potential for problems is almost unlimited. The fact that the TPM itself is pretty slow throws another monkeywrench into the plan.

In order for it to work the whole system needs to be designed from the bottom up to support it, which means you need to touch every layer of the PC stack. It's a lot of work. It is a lot easier on something like a cellphone where you can control the hardware from top to bottom and don't have to consider the case where someone installs additional hardware to suit their needs.