This sort of thing is exactly the reason why I don’t want things like TMP and Pluton built into my computer hardware. Microsoft is incompetent at best and outright malicious at worst, and allowing them to add “security features” directly at the hardware level is madness IMO.
If you don’t trust Microsoft, why not use the TPM to your advantage and use your own keys? That way, even Microsoft-signed malware can’t boot on your machine.
This sort of thing is exactly the reason why I don’t want things like TMP and Pluton built into my computer hardware. Microsoft is incompetent at best and outright malicious at worst, and allowing them to add “security features” directly at the hardware level is madness IMO.
If you don’t trust Microsoft, why not use the TPM to your advantage and use your own keys? That way, even Microsoft-signed malware can’t boot on your machine.