I don’t understand the rationale here. You don’t want real tpm exposed to a vm because of security.. but you are okay with running unknown code (cracked software) to do who knows what to your runtime environment? o_O
It's all unknown code - pirated/cracked software just adds to the number of parties.
Backdoors only really became a pressing concern due to ubiquitous Internet access. When I first setup a Windows VM and install whatever application software and updates, its Internet access is through a public VPN only. And it contains no information to tie it back to me.
Before I put any sensitive information on it, I kill its Internet access and never reenable it. So there is no way to exfiltrate data that I care about. Any produced information leaves via a local Samba share.
Leaking fixed identifying information about my hardware, or forming a side channel to a new VM instance would violate this security. I doubt the TPM would store persistent personal application data, but I don't need to be the first one to find out.
Backdoors only really became a pressing concern due to ubiquitous Internet access. When I first setup a Windows VM and install whatever application software and updates, its Internet access is through a public VPN only. And it contains no information to tie it back to me.
Before I put any sensitive information on it, I kill its Internet access and never reenable it. So there is no way to exfiltrate data that I care about. Any produced information leaves via a local Samba share.
Leaking fixed identifying information about my hardware, or forming a side channel to a new VM instance would violate this security. I doubt the TPM would store persistent personal application data, but I don't need to be the first one to find out.