Reason I’m asking is because there are some people claiming that the TPM is a backdoor or something. I wonder if people on Lemmy subscribe to that belief, or no?
Reason I’m asking is because there are some people claiming that the TPM is a backdoor or something. I wonder if people on Lemmy subscribe to that belief, or no?
I use heads firmware, which seals an otp key in the tpm to let you verify the integrity of the firmware, which then uses your gpg pubkey written into the firmware to verify the integrity of the boot partition.
An open, self-controlled equivalent to secure boot that relies on the tpm and your own gpg key, instead of on vendor secure boot signing keys. Very cool project!