I though you were against FUD? this is all that video is selling. and as for the "only the user really knows what to trust" argument that is being put forward in that video - trusting a user to do the right thing all the time is a very dangerous road.

As for this trust system (and any other) it seems that it increases the difficulty for an attacker - which is the goal.

The problem is that the TPM hardware chip contains closed-source firmware, and is essentially a mini-computer. We don't know what it can access and what it's doing. All we know is that we can securely store and retrieve keys - but no way of knowing if it's actually secure, and whether or not there are backdoors.

There are those of us that want freedom and believe people are smart enough do decide what is best for them and there are those that believe others mainly government and institutions always know better than the people. THat being said trusting corporations to decide what is threat and what is not is always road to fascism (or as Mussolini named it corporationism) and sooner or later people end up with no choice.

Ideas are always great. Communism in its core also has great ideas.
So as long as I will have interface which would allow me to set what I believe is trustworthy and only defaults are set by corpo than it should be fine for everybody. Otherwise we should never allow it.

I 100% agree with you. It can however increase the difficulty of an attack against the computer (if it is used).

The RISC-V secure enclave stuff recently reported on should be a nice extra.

Does anyone know if there are any other hardware providers? You could then choose to trust someone other than Intel.

I think you went from philosophical to tinfoil hat pretty quickly there. The user experience should be "It just works, gets out of my way and keeps me safe". As always, you can choose to use those features or disable them.

We already rely on our governments (local, state, federal) to provide high levels of all sorts of services (Safety regulations, justice, law enforcement, education, transportation etc etc). Government is not inherently evil. It pays to keep this in mind. If your country is on the brink of falling into fascism and the only thing holding it back is a passionate discussion about TPM modules then I think there might be some other things that are wrong and should be fixed first!

There are also a multitude of scientific studies that should that people do not always behave in their own best interest. A prime example being windows UAC.

So, while a closed Secure Enclave is a good thing, an open one is better. It simply allows more people to verify and to assert their trust over the given architecture.

Choosing what to trust is your imperative and I agree we should be free to use these modules or not.

As for communism - it suffers from the same problems as capitalism and anarchy - those who are in power will abuse it if they are allowed to.

there was some news today about an open source RISC-V Secure Enclave...

Then this is about a "secure boot" mechanism, not really about disk encryption. A thieve stealing a notebook steals both the storage device and the TPM that contains the decryption key. Turning the machine on, booting the system installed on it means he is only one DMA access or cold-boot-attack away from the encryption key, which by then resides in ordinary DRAM. Had the encryption key not be stored in the TPM, but to be entered by the legitimate user, such attack would not be feasible.

Trusted by user of course. Intel doesn’t have to trust TPM, they know how it works. But users doesn’t know so they have to trust.

trusting them and trusted by them are two completely different things