undefined | Better HN

0 pointsSSLy1y ago0 comments

vast majority of fTPM 2.0's are chips placed on the CPU die anyway

0 comments

p_l1y ago

it's a misnomer, a bit.

fTPM is a firmware-based TPM implemented, usually, by coprocessor (or trustzone style enclave) inside the CPU, yes. It's not related to what TPM standard it implements

You can also have external TPM 2.0 compliant devices (commonly referred to as dTPM, probably brought the naming from iGPU/dGPU), and in fact many options offered for making desktops fully compliant with windows 11 (which requires TPM 2.0) involve a dedicated TPM 2.0 chip.

Ultimately, TPM standard does not care where the chip is, it just provides mechanisms for their use, which do include encrypted tamper protected interface... if one wants to use it.

SSLyOP1y ago

You're correct, but also I'm reasonably certain that, as much bullshit the list of Win 11 supported CPUs is, all the CPUs on it have fTPM 2.0 available.

p_l1y ago

In practice it's a matter of how the motherboard firmware is set up, so there's a lot of possible breakage.

j / k navigate · click thread line to collapse

0 comments

p_l1y ago

it's a misnomer, a bit.

fTPM is a firmware-based TPM implemented, usually, by coprocessor (or trustzone style enclave) inside the CPU, yes. It's not related to what TPM standard it implements

Ultimately, TPM standard does not care where the chip is, it just provides mechanisms for their use, which do include encrypted tamper protected interface... if one wants to use it.

SSLyOP1y ago

You're correct, but also I'm reasonably certain that, as much bullshit the list of Win 11 supported CPUs is, all the CPUs on it have fTPM 2.0 available.

p_l1y ago

In practice it's a matter of how the motherboard firmware is set up, so there's a lot of possible breakage.

j / k navigate · click thread line to collapse