Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

This has nothing to do with TFA, you're thinking of the TPM2.0 which is unrelated to secure boot.

Secure Boot is part of UEFI. TPM2.0 is used only by bitlocker (at least for the average person, enterprises do store other keys in it).



Windows 11's system requirements include both SecureBoot and TPM2, so yes it is in fact relevant.


> TPM2.0 is used only by bitlocker

This isn't true at all, Windows Hello uses it as a secure credentials store.


Oh, should I disable TPM2?


The TPM2 spec allows it to do much more than just hold private keys, it can act as a device identifier for attestation. If that's something you care about, then you might want to disable it.

The fact that Windows 11 won't work without a TPM is a bonus.


Guess I'm only worried about it being used against me. Don't know enough about any threats it might enable.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: