[ddalex]

> There's nothing to stop you from booting into another OS and deleting the files implementing the harmful functionality. If there are checks for the presence of these files in other parts of the OS, you can remove them

Encrypted disks with TPM-stored keys will certainly prevent unauthorised modification to a filesystem

> hardware allows booting arbitrary code

And this particular cat is already out of the bag with Win 11 REQUIRING TPM support with verified boot.

The war against general-purpose computing is in the final stages, and the garden-keepers have already won for almost everything that matters. Yes, you can still source open hardware and they will not fight against technical elites - a minority - but for the vast majority of users, it's over because they LIKE the closed apps holding data hostage.

[grishka]

So this might be a dumb question, but what's there to prevent someone emulating a TPM? What's there to prevent someone nop'ing out the code that implements the TPM functionality in Windows? Where does the root of trust (or, rather, distrust) come from?

[marcosdumay]

The TPM chip has a builtin key that you, as the device owner is not allowed to read. That key is certified by the manufacturer.

If any manufacturer starts selling chips where you can read the key, it will be disallowed by Microsoft.

[dane-pgp]

So control over all the computers in a country comes down to just a few keys held by "approved" manufacturers; or rather a single key, held by the government, which signs the list of approved manufacturer keys.

Then all they need to do is require that ISPs only allow packets to be sent by computers that have passed a Measured/Trusted Boot check, and suddenly all online activity is restricted to "approved" computers, running code from "approved" app stores.

"One Ring to rule them all, One Ring to find them, One Ring to bring them all and in the darkness bind them."

[marcosdumay]

> So control over all the computers in a country comes down to just a few keys

Notice that I didn't mention "country" anywhere. There's no country restriction.

> or rather a single key, held by the government, which signs the list of approved manufacturer keys

Hum, no. The single key is held by Microsoft.

And yeah, that's basically what the Trusted Computing Consortium was designing at the early 00. But people pushed back enough that they stopped publishing public documents and delayed the implementation. We are just getting there.

[dane-pgp]

> There's no country restriction.

The technology may not care about countries, but countries care about technology. If (or rather when) a government passes a law limiting internet access to approved operating systems and hardware, the ISPs in that country will logically have to listen for signed updates to the whitelist.

In practice the list might be very short, containing just intermediate keys representing Microsoft, Apple, Google, a few commercially-backed Linux distros, and the CPUs that support them (with the necessary TPMs). The intermediate keyholders would have the responsibility to revoke approval of versions / model numbers that have known vulnerabilities which allow arbitrary user-controlled code to run.

[grishka]

So okay, you again assume that software is immutable. But Windows has to store these trusted keys somewhere. What if I emulate the TPM with a key I generated myself, and patch Windows to trust that key?

[marcosdumay]

Then you will discover that Secure Boot will stop your computer from starting until you reinstall something signed by Microsoft.

[grishka]

Can't you just turn that off in the BIOS settings?

[ddalex]

Not if BIOS doesn't allow that to be turned off.

[tenebrisalietum]

You'll boot Windows but can't mount the system volume if it's protected by a Bitlocker key derived from the TPM key.

[grishka]

Even if you do a clean install yourself? Well then, gotta patch the installer. There's always a way!

[userbinator]

What's there to prevent someone nop'ing out the code that implements the TPM functionality in Windows?

Nothing absolute, mainly a long series of annoying hurdles - including the constant barrage of updates.