• Para_lyzed@lemmy.world
    link
    fedilink
    arrow-up
    1
    ·
    10 months ago

    You don’t seem to understand how TPM works at all. You cannot extract keys from the TPM, it provides protection against any attack that involves removing the hard drive from the computer it is installed in. This is not like storing an encryption key on a USB drive, as you seem to think. I recommend you actually do some reading on TPM before you attempt to talk with any authority. I don’t personally think it’s a great solution (for me, at least), but not for any of the reasons you’ve listed in your comments.

    LUKS encrypted portable backup drive

    You can’t use TPM-based encryption on a portable drive, that isn’t even possible. That’s exactly the point of TPM to begin with. You know, the whole Trusted Platform Module? That exists to ensure your hard drive (or whatever other use you have for the TPM) cannot boot or be read by any machine other than the one it was set up with. That’s the entire premise of establishing a root of trust. What are you on about?

    Please, read about how TPM works.