Why does Windows 11 require a TPM module in the PC hardware?

There is no doubt that we are in an era in which the famous dilemma between freedom and security has reached the world of computing. Not only when it comes to the software, but also the hardware and there is nothing that bridges it to a higher level than an operating system. Which communicates the world of applications with that of hardware and from time to time creates new standards in that common space.

Mandatory TPM in Windows 11, the official explanation

If we look at the technical requirements of Windows 11 we will see that it is necessary to have a TPM 2.0 chip installed on our computer. In Microsoft’s own words, the motivations for this are the following:

“To protect encrypted keys, user credentials, and other data behind the hardware, so that malware cannot access or damage that data.”

Microsoft’s goal is to raise the level of security on the PC, and in a recent report and therefore Don Palomo have drawn the following conclusion to place the TPM 2.0 as a minimum requirement for Windows 11.

Our report shows that 83% of companies have suffered an attack on the firmware of their systems and only 29% of computers are investing resources to protect this critical part.

TPM chips have long been used in computing, but on PCs they had not become a minimum requirement. But they not only serve to create a secure environment for the keys, but also the creation of a reliable ecosystem and with this we are not talking about “secure” which is the first thing that would come to mind. Any platform with such a chip allows the creator of the operating system to control the software and hardware that you can run on your PC.

In other words, the increase in security at the hands of Microsoft means creating a fenced garden, based on changing its business model, but this change requires having a TPM module as a requirement.

The new business model for operating systems

Apple Windows Android

A few years ago, operating systems were sold to manufacturers and assemblers, who paid them a royalty for each copy. Back then Windows Mobile was the most widely used pocket operating system. In order to enter that market and drive Microsoft out of Google, they decided to change the business model. Where they went on to give away the operating system to assemblers in exchange for having the absolute monopoly of software distribution on the platform.

This monopoly came in the form of an application store, which was unique and where every time we buy an application then a part of the money goes to Google, which is the owner of the platform. This is the same business model that exists on consoles. In which both the physical manufacture of the games and their digital distribution is controlled by SONY, Nintendo and Microsoft. But it is something that cannot be done on PC due to the free nature in that regard.

Microsoft has been trying for years to transition to the Google and Apple models. It was first with Windows RT, later renamed as UWP. Both a huge failure, now they will try again with Windows 11 and the requirements of ordering a TPM chip, but we cannot forget either that we have around the corner APUs and CPUs from Intel and AMD with the HSP / Pluton processor at the top. around the corner. Which consists of a TPM chip not outside, but integrated inside the processor.

More security, but less freedom

CPU Security

We must not forget a particularity in x86 related to their privilege rings. Today there is hardware in your PC that gives remote access to its use and with the highest level of privileges. This in conjunction with a TPM module on the PC gives Microsoft the key of its own accord or by government order to block the use of certain applications. And it is already known that gaining security often means losing freedom.

It is still early to say how things will develop by Microsoft, what is clear is that the operating system has become something that the user does not recognize as a separate value, but integrated into the PC. On other platforms it is installed as standard and on the PC Windows has disappeared as a tangible product. So it can no longer capitalize on its operating system as before and requires the use of new sources of income, especially for a time when the distribution of software has changed, hence the TPM module is a minimum requirement in Windows 11 .

Related Articles