this post was submitted on 10 Oct 2025
97 points (100.0% liked)

Linux

10014 readers
514 users here now

A community for everything relating to the GNU/Linux operating system (except the memes!)

Also, check out:

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

founded 2 years ago
MODERATORS
Ategon@programming.dev
anzo@programming.dev
dwraf_of_ignorance@programming.dev
97
Linux Now Disabling TPM Bus Encryption By Default For Performance Reasons (www.phoronix.com)
submitted 3 weeks ago by cm0002@lemmy.zip to c/linux@programming.dev
22 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[โ€“] henfredemars 13 points 3 weeks ago (1 children)

Unlike many Linux users, I really liked the idea of the TPM. So long as I fully control the keys, integration with a security chip to authenticate my system would be a nice bonus and represents a natural extension to secure boot. We already take this approach in principle with smartphones.

On the other hand, it's becoming a lot harder to actually own your devices and run code of your own choosing on smartphones. It's a tool that so far has generally been used to serve the interests of the vendor over the user.

[โ€“] possiblylinux127@lemmy.zip 3 points 3 weeks ago

It would be a fine system if the keys were stored on the encrypted volume that the TPM decrypts