[will4274]

Hardware key storage is a low level security primitive. Both Android and iOS have mandated it for far longer. It's a low level security primitive that enables a lot of scenarios, not just DRM.

For example - it's not possible to protect SSH keys from malware that achieves root without hardware storage. Only hardware storage can offer the "Unplug It" guarantee - that unplugging a compromised machine ends the compromise.

[anthk]

9front with factotum tells a different story.

[LtWorf]

If you want to protect keys you get a yubikey or something like that.

[will4274]

And if you want to play sound, you buy a sound card. Computers integrate components that approximately everybody needs. Hardware storage for keys is just the latest example

[LtWorf]

The main component of a yubikey is that it requires a human presence to hit the button and access the secret.

Do new computers have such a button? I've failed to locate it.

[will4274]

Touch is one way of demonstrating proof of presence. Biometric is another. Pin is a third. Yubikeys typically support touch or pin. Windows Hello (which is TPM based) supports bio or pin.

[CrossVR]

Ah yes Android and iOS, they have truly become bastions of user freedom since mandating secure enclaves. That really puts my worries to rest. /s

[hollerith]

User freedom is not the only axis by which we judge operating systems.

[CrossVR]

It is not, but to me personally it is a very important one and it is not one I will give up without a fight.