[marcosdumay]

The TPM chip has a builtin key that you, as the device owner is not allowed to read. That key is certified by the manufacturer.

If any manufacturer starts selling chips where you can read the key, it will be disallowed by Microsoft.

[dane-pgp]

So control over all the computers in a country comes down to just a few keys held by "approved" manufacturers; or rather a single key, held by the government, which signs the list of approved manufacturer keys.

Then all they need to do is require that ISPs only allow packets to be sent by computers that have passed a Measured/Trusted Boot check, and suddenly all online activity is restricted to "approved" computers, running code from "approved" app stores.

"One Ring to rule them all, One Ring to find them, One Ring to bring them all and in the darkness bind them."

[marcosdumay]

> So control over all the computers in a country comes down to just a few keys

Notice that I didn't mention "country" anywhere. There's no country restriction.

> or rather a single key, held by the government, which signs the list of approved manufacturer keys

Hum, no. The single key is held by Microsoft.

And yeah, that's basically what the Trusted Computing Consortium was designing at the early 00. But people pushed back enough that they stopped publishing public documents and delayed the implementation. We are just getting there.

[dane-pgp]

> There's no country restriction.

The technology may not care about countries, but countries care about technology. If (or rather when) a government passes a law limiting internet access to approved operating systems and hardware, the ISPs in that country will logically have to listen for signed updates to the whitelist.

In practice the list might be very short, containing just intermediate keys representing Microsoft, Apple, Google, a few commercially-backed Linux distros, and the CPUs that support them (with the necessary TPMs). The intermediate keyholders would have the responsibility to revoke approval of versions / model numbers that have known vulnerabilities which allow arbitrary user-controlled code to run.

[grishka]

So okay, you again assume that software is immutable. But Windows has to store these trusted keys somewhere. What if I emulate the TPM with a key I generated myself, and patch Windows to trust that key?

[marcosdumay]

Then you will discover that Secure Boot will stop your computer from starting until you reinstall something signed by Microsoft.

[grishka]

Can't you just turn that off in the BIOS settings?

[ddalex]

Not if BIOS doesn't allow that to be turned off.

[grishka]

Uh, that's a thing?! How do people install Linux then? How does that work with PCI cards that contain executable code in their ROMs, does that code have to be signed by overlords now?

[marcosdumay]

> How do people install Linux then?

Basically, when MS started requiring Secure Boot on Windows computers, there were a few anti-trust actions against then that looked at this action. So they back-pedaled and required that people should be able to disable Secure Boot on x86 and amd64 computers. They also created a 3rd party certification program, that those distros one buys could pay for and get signed.

But make no mistake, MS completely control the specs of any PC available to you, and will not miss a chance to remove the support for 3rd party OSes.

[tenebrisalietum]

You'll boot Windows but can't mount the system volume if it's protected by a Bitlocker key derived from the TPM key.

[grishka]

Even if you do a clean install yourself? Well then, gotta patch the installer. There's always a way!