The problem is that TPM is advocated by Intel, Microsoft, Apple and others who want to control your hardware and software. The term is their marketing term for something they control.
The concept of signed code has been around for a while and I think that some GNU/Linux distributions rely on md5 or sha1 sums to verify code along with the signed pgp key of the packager or code writer. I do know that quicklisp and asdf-install (package managers for common lisp) would check gpg signatures for code. Michael Faille <[email protected]> wrote: >Hello all, > >I think end users can control TPM since they must own private key. > >So, where is the probleme with TPM? It's like data encryption for me. > >The problem is the misuse of TPM (when motherboard owner didn't own the >privatekey). It's like the misuse of UEFI : >http://www.fsf.org/campaigns/secure-boot-vs-restricted-boot/ > -- Sent from my Android phone with K-9 Mail. Please excuse my brevity. _______________________________________________ fsfc-discuss mailing list [email protected] https://lists.gnu.org/mailman/listinfo/fsfc-discuss
