TPM Module

The Sinister Truth About TPM?

Microsoft surprised (shocked?) a lot of people when announcing the requirements for Windows 11, not the least of which was the requirement for TPM (Trusted Platform Module). TPM is an obscure security protocol (at least it was until Windows 11) that has been the cause of much confusion. Even in PCs that have supported TPM it has always been disabled by default in BIOS, which tells you exactly how much importance manufacturers placed on it.

I, for one, could not see the logic behind TPM’s introduction as a mandatory requirement and have theorized for some time that it must have been part of an attempt to boost new PC sales. However, I have been researching this previously little known security protocol and it seems that Microsoft’s decision might well be more about DRM (Digital Rights Management) and control than security.

Trusted Computing or Treacherous Computing?

trusted computing

TPM is an integral part of the “Trusted Computing” initiative which has come under fire from many respected critics. One of the most eye-opening dissertations I’ve read was published by well-known free software activist and programmer Richard Stallman, a man with a long list of achievements, a brilliant mind, and a history steeped in technology. His dissertation is scathingly critical of “Trusted Computing” referring to it throughout as “Treacherous Computing“. Here is an excerpt:

The technical idea underlying treacherous computing is that the computer includes a digital encryption and signature device, and the keys are kept secret from you. Proprietary programs will use this device to control which other programs you can run, which documents or data you can access, and what programs you can pass them to.

Of course, Hollywood and the record companies plan to use treacherous computing for Digital Restrictions Management (DRM), so that downloaded videos and music can be played only on one specified computer. Sharing will be entirely impossible, at least using the authorized files that you would get from those companies ~ source

And Mr. Stallman is certainly not alone in his criticisms. This from Wikipedia:

Some security experts, such as Alan Cox and Bruce Schneier, have spoken out against Trusted Computing, believing it will provide computer manufacturers and software authors with increased control to impose restrictions on what users are able to do with their computers.

There is concern amongst critics that it will not always be possible to examine the hardware components on which Trusted Computing relies, the Trusted Platform Module, which is the ultimate hardware system where the core ‘root’ of trust in the platform has to reside. If not implemented correctly, it presents a security risk to overall platform integrity and protected data ~ source

Much of what I’ve read and quoted here is quite dated. However, the question must be asked-  are these early concerns regarding Trusted Computing and, by association, TPM, now coming to fruition?

As I mentioned earlier, the introduction of TPM as a mandatory requirement has always baffled me. However, as a result of my recent research, I’ve canned my initial theory that TPM was introduced by Microsoft simply to boost the sale of new PCs and am now of the opinion it has come about as the result of pressure from powerful digital rights advocates, such as major media organizations and software venders.

NOTE: I must emphasize that there is currently no evidence to suggest TPM will be used for sinister purposes and the opinions expressed herein are theories based solely on its “potential” for abuse. Still, as far as “trust” is concerned, I would not trust the money-grubbing media organizations one iota.

Something to Ponder

Combination DVD Player HDD Recorder

What follows is a true story. One of the many devices I’ve always owned is a combination DVD player/HDD recorder with twin tuners. Early on these devices came with multiple input jacks to allow recording from external devices such as a camcorder, VCR, etc.

Some years back, when my current DVD/HDD recording device broke, I went into a major electronic store to buy a replacement only to find, much to my dismay, that the new models did not include any input jacks at all. When I queried the salesman about this he informed that it had come about as a result of pressure on manufacturers from the media organizations. A prime example of the massive influence exerted by these money-grubbing moguls.

12 thoughts on “The Sinister Truth About TPM?”

  1. And now every time I do a W10 update, I am reminded that my PC does not meet W11
    requirements, and it never will, short of a complete PC rebuild.

  2. Jim,
    I’m one who has been using TPM enabled computers, mainly laptops, since Windows 7. When I found out about Bitlocker, I switched to the Pro version of Windows and starting using it. Bitlocker can be used without a TPM module, but requires either a key stored on a USB flashdrive or a password to unlock the drive. When it came time to replace the initial laptop, I looked for one that had a TPM module, which allowed the use of Bitlocker without having to enter a password or inserting a key when signing into Windows. I’ve continued the practice through Windows 8, 8.1, 10 and 11.
    Before I retired, my job kept me on the road 26 days out of 30. Setting up the laptops I used to require a BIOS password, as well as using Bitlocker, meant that the laptop was essentially a paper weight if it got stolen.
    The PC my wife is using and the one that it replaced, both Dells, were equipped with TPMs, and Bitlocker is used on it as well.
    Based on what I’ve been reading elsewhere, the TPM requirement is a security issue. In the future, software will be required to have a digital signature or something like that to be able to run in Windows, making it harder to introduce malware.
    As for DRM, up until about 3 years ago, I’d been using WinX MediaTrans to convert videos to .mp4. Then Apple changed the codex or something and it no longer works.
    I’ve got to check, but I heard there was a lawsuit filed against Apple over DRM filed in Federal Court here in the U.S. over limiting how videos purchased could be played, i.e., having to use iTunes or Apple Music exclusively. I don’t know the current status.

    1. Hey Mark,

      Yes, that’s the spin, that TPM makes it more difficult to introduce malware. However, TPM can also be used (abused?) to force users to run media files from a specific software and prevent users from sharing.

  3. Just look at all the adds for new computers on Microsoft websites involving Windows 11 – everything is geared towards getting you to buy a new PC with Windows 11 pre-installed. TPM is a total scam to make perfectly good computers artificially obsolete.

  4. It would be helpful to the reader to know why you disagree. We non tech guys depend on you technically aware people to keep us in the loop.

  5. Jim,
    At the head of your article on TPM there is a “picture” of what could be taken as an “add on module”. Is the picture an artist conception of a TPM add on module, or is there such a module available? My ASUS mother board, as fas as I can tell does not have TPM. so an add on would solve WIN 11 compatability and a perfectly good motherboard from the trash heap.
    Sherman

    1. I have the same issue with my Asus P8Z77-V LX socket 1155 mobo. I do believe
      the bios would also have to support TPM, and since my mobo is only a socket
      1155, it will not support the ninth generation cpu, that is also a W11 requirement.

    2. Hey Sherman,

      The image at the top of the article is a TPM module. The motherboard MUST include a TPM header, which houses the module. So, if the motherboard includes a TPM header then purchasing a TPM module is an option. If the motherboard does not include a TPM header, then the module would be useless.

      Hope that clarifies.

  6. Scary times Jim.

    We should not just be “accepting” this from Microsoft and blindly believe what they tell us. They are clearly trying to force everyone to embrace TPM over the next few years as we are eventually compelled to upgrade to a system that will have these chips built in. When you are forced to do something without any choice in the matter then it is time to start digging in and asking questions.

    Who knows what little backdoors this could potentially open onto your PC so that they could scan your PC for any particular information they might be seeking ? They tell us is just to prevent Malware getting in but who knows what else these little beauties are capable of ? Does anyone but Microsoft know exactly what these chips do ? This smacks of the equivalent of a computer “vaccine mandate” to me.

    Given the state of US politics at the moment and the fact that Microsoft has become a very “woke” organisation in recent times I wouldn’t be at all surprised we find that it could be used in future by Intelligence Agencies to access computers of anyone they deem a threat or for example, to search for copyright infringements. I wonder if anyone has anyone be able to do a full technical analysis of what these chips actually do, whether they can “phone home” and/or allow access remotely to the PC at BIOS level ? Is anyone capable of doing such an analysis or is the chip totally encrypted to all except Microsoft ?

    George Orwell might have been a few years off but his essential warning was correct. 1984 is pretty well here now and my tinfoil hat is firmly on because we are finding more and more that they really are necessary and not just the headgear of choice confined to “kooks” only any longer.

    1. Hey Reg,

      I’ve tried to find out more about TPM but am unable to locate any in-depth assessments, only basic descriptions of its security features. Still, when the likes of Richard Stallman and Bruce Schneier are warning about TPM and its potential for abuse, one has to sit up and take notice.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top

WHY NOT SUBSCRIBE TO OUR NEWSLETTER?

Get great content like this delivered to your inbox!

It's free, convenient, and delivered right to your inbox! We do not spam and we will not share your address. Period!