Windows 11 requires a TPM (Trusted Platform Module) chip because it needs it to by-pass software privacy systems and to correctly and uniquely identify your computer.
The TPM attestation key is unique (world-wide across systems) and NOT changable, its permanent like the IMEI serial number on mobile phones.
Windows 11 TPM attenstation runs via the Azure cloud and all TPM keys are stored there. Every time an app is run, the TPM API is being used to match the app with the PC.
I’m worried that Fedora is being led towards a similar future, I now see that the ‘tpm2*’ packages can’t be removed from the system (they are hard dependencies) and even if removed via “rpm –nodeps -e …” then DNF stops working completely.
Does this imply that DNF, now or in the future, will use TPM attenstation to uniquely identify our PCs?
No, DNF → rpm → sequoia-pgp does not involve a TPM for OpenPGP operations.
Correct - including RPM itself, which supports using TPM backend for signing packages, or GnuPG, which has an optional TPM backend too. Neither should affect DNF, but I’m not sure if just ripping out the libraries without considering dependencies won’t just break your system (dynamic linking is … complicated).
Source? I’m certain MS doesn’t tout a TPM requirement for spyware
I’ve kept TPM disabled for years Windows 10, every Linux, and FreeBSD no problem (even F43); Linux dmesg has this (if dnf isn’t a contender, other parts of Linux/kernel/security probably already rely on a TPM):
