Trusted computing is great if you're an IT admin (or even an "IT admin of one") and you order devices with an open/unsealed boot-key store from your hardware vendor. You can install your own boot keys on your fleet of devices, seal the boot key store, modify OS images/updates to your heart's content, and then sign those modified images with those same keys. Now only the images you've created will run on those computers. People won't even be able to install the original, unmodified OS on those machines; they'll now only ever run the version you've signed.

This isn't just about employees not being able to futz with the MDM. Even the OS vendor won't be able to push updates to your managed devices without your consent. You'll truly have taken control over what code the devices will (or more importantly, won't) run.

In any situation where the person intended to have physical access to the device is not the same as the owner-operator of the device, this kind of thing is essential. Obviously, public-use computers in libraries et al. But also, ATMs. Kiosks. Digital workplace control panels and dashboards. On all of those, nobody's around to monitor the hardware to ensure that someone doesn't just open the back and swap the hard drive out for their own. With TCB, swapping the hard drive out just makes the device not boot.

Because the two go hand in hand in the wild already. Just look at all android phones. Where you have to make a pact with the devil to get your unlock keys (if possible at all) and that still doesnt give you full override capabilities and also marks your device as "tainted" so you can say goodbye to banking apps and increasingly more stuff.

I'm not concerned about enterprise deployments because companies had a lot of tools to (rightfully) lock down devices given to their employees since the dawn of computing.

However I am concerned about the philosophy coming over from phones to the desktop space with announcements like https://news.ycombinator.com/item?id=25191319

Consumer electronics — phones, game consoles, etc. — these are places where people choose to buy the dang thing in the first place, despite the restrictions the manufacturer imposes. Trusted computing isn’t the problem, it’s a tool used by an abuser against their Stockholm-syndrome victims. The abuser themselves — and society having no social norms that protect against developing this particular Stockholm-syndrome — are the problems.

The stuff people want from these devices — the reason they buy into these locked-down ecosystems — is almost always just the platform-locked software that runs on them, not the distinctive hardware (that the software doesn’t usually even take advantage of!) But that fact is great for the end-user: it means that, as long as one person figures out how to defeat the platform’s software DRM, and another person figures out how to write an emulator for the hardware, then there’ll never a reason to lock yourself into these ecosystems. When software is the USP, users can just use an alternative conformant implementation of the same platform (from the software’s perspective) that isn’t locked down, to run said software.

If that happens, it will create a market opportunity for websites without DRM or such checks. If you fuck with the ergonomics, you necessarily always create a market opportunity for competitors IMO. That being said, I also would rather use open computing platforms where I can easily install whatever OS, drivers, hardware or userland software I please.

There's the theory of how incentives should work in free markets, and then there's the practice of exactly how savvy consumers can really be, and whether non-consumer interests can organize themselves in a way that easily overpowers the consumers.

I've thought about this recently regarding hardware DRM in Android phones. Google has Widevine which has different levels of support, and Netflix, for example, will only send high definition streams if your device supports L1 Widevine which means it will only be decrypted in "secure" sections of hardware and the user cannot access these areas. This is intended to stop user access to the unencrypted media.

This hardware is widely available in Android devices already, so why would Netflix* do otherwise? And if you want to stream HD from Netflix then you'll get a device that supports it because Netflix require it. However, how did our devices end up with this technology to begin with? If consumers acted in their own best interest, why would they pay to have this extra technology in their devices that protects somebody else's interest? If this technology wasn't on our devices already, do we think that Netflix wouldn't be offering HD streams anyway? Basically, if consumers could organize as effectively as corporate interest, would this technology have made it to our devices at all?

It's possible that it would have. Perhaps overall people would deem it worthwhile to acknowledge and protect corporate rights holders so that they can continue to produce the media they want to consume and stop people consuming it for free. Personally, I would not have accepted this bargain and I would have left it up to the media companies to manage their own risks and rewards, and I strongly suspect that they would have found profitable ways of doing so that would include non-DRM HD streaming. I think it's tough to say what an educated consumer would think on average because so few consumers think about these things and those that do may have a strong bias that led them to research it in the first place.

* I'm saying Netflix here because it's easier, but in reality I'm sure a lot of the content they licence will require DRM so it's not entirely up to them