Security Expert Explains TPM 2.0 & Secure Boot | Ask A PC Expert

preview_player
Показать описание
With the recent announcement that Windows 11 will require TPM 2.0 and Secure Boot to be enabled, many of us are confused and left feeling frustrated. Luckily Adam called up his friend and security professional Mike Danseglio to help explain it all, along with offering practical advice and his thoughts on if Microsoft will keep this requirement.

00:00 - Intro
00:57 - What is TPM?
01:36 - The different forms of TPM
02:55 - What is Secure Boot?
04:37 - Why is TPM and Secure Boot important?
06:13 - TPM and Secure Boot vs anti-malware software
07:35 - What does TPM guard against?
08:27 - TPM and Secure Boot requirements in Windows 11
10:45 - Is Microsoft going to keep these requirements?
15:11 - How do you find out if you have TPM
17:05 - How to find out if your PC support Secure Boot
18:15 - What to do if you don't have TPM
21:40 - Does TPM and Secure Boot impact gaming?

Follow PCWorld for all things PC!
------------------------------­----

#Windows11 #TPM #SecureBoot
  1. PCWorld
  2. pcworld
  3. pc
  4. tech
  5. windows 11
  6. tpm
Рекомендации по теме
Security Expert Explains 0:24:07

Security Expert Explains TPM 2.0 & Secure Boot | Ask A PC Expert

TPM (Trusted Platform 0:13:11

TPM (Trusted Platform Module) - Computerphile

The Big Problem 0:05:45

The Big Problem With Windows 11 - TPMs

Windows 11 and 0:03:26

Windows 11 and TPM 2.0 Explained (How to Enable TPM / PTT on your PC)

what is tpm 0:06:11

what is tpm 2.0 ? is it important for installing windows 11

TMP 2.0 Vulnerability 0:00:43

TMP 2.0 Vulnerability

Securing Embedded Linux 0:51:17

Securing Embedded Linux Systems with TPM 2.0 - Philip Tricca, Intel

How to Pull 0:00:32

How to Pull the Sword out of the Stone at DISNEY 😱

Pluton vs TPM: 0:13:51

Pluton vs TPM: The Future of Computer Security - What You Need to Know

SAFe Explained in 0:05:29

SAFe Explained in Five Minutes

TPM 2.0 Unveiled: 0:21:12

TPM 2.0 Unveiled: Empowering IT Pros with Trusted Platform Module Insights

Little boy with 0:00:17

Little boy with special needs made a new best friend at Disney World ❤️

The resume structure 0:00:16

The resume structure that got me my dream job | Wonsulting

Growing up Pentecostal... 0:00:15

Growing up Pentecostal... #short

What Happens If 0:00:20

What Happens If A Disney Character’s Head Falls Off | Disney Experts Sharing Disney Facts #disney

GRANNY CHAPTER 2 0:00:14

GRANNY CHAPTER 2 JUMPSCARES | #shorts

Security Expert Talks 1:49:47

Security Expert Talks Windows 11, TPM, VBS & Much More | The Full Nerd Special Edition

Using TPM 2.0 0:52:51

Using TPM 2.0 As a Secure Keystore on your Laptop It's not as difficult as you think!

deleting system32 (don't 0:00:46

deleting system32 (don't try this at home) #shorts

TPM 2 CVE 0:00:33

TPM 2 CVE #shorts

Severe TPM 2.0 0:00:54

Severe TPM 2.0 Vulnerability

TPM 2.0 Demystified: 0:18:50

TPM 2.0 Demystified: IT Admins' Guide to Windows 11 and Windows 10 Security

How to Change 0:00:23

How to Change SATA Operation on Dell Optiplex 780/790/7010 or above model.

TPM 2.0 Software 0:36:21

TPM 2.0 Software Stack — Philip Tricca — Platform Security Summit 2018

Комментарии
Автор

Would like to see more of this person in the future, great conversation!

kristianau
Автор

Way too many Tech Channels are overlooking this level of USEFUL dialog & communication.👏👏 They're way too engrossed in the next expensive gadget to push.🙄

EagleEye-MJG
Автор

Are there any TPM modules with RGB on them? This is a very important question!

KubeSquared
Автор

TPM is responsible for countless people thinking they had a USB 3.0 header on their circa 2010 mobo.

PimptatoPCs
Автор

I’m only 5 minutes into the video and already learned a lot. Awesome interview and guest!

MasterKoala
Автор

Thing that gets me about this requirement. Even if your keys are secured in the TPM; for say Bitlocker; once you're in userland those keys become memory resident. Most exploits are software based; its not that hard to execute manage-bde -protectors C: -get or various powershell commands to get the recovery key.

For me in the past 20yrs maybe only 5% of security breaches have been physical thief. Most are like hafnium; an exploit on an already running (unlocked) system. I 100% get this for HIPPA/PCI compliance, business clients, and mobile devices. For home desktop users though, hmmm.

SinisterPuppy
Автор

It looks like Microsoft didn't back down on their requirements for security features after all.

thomaspedersen
Автор

Gotta love how the expert carefully and clearly explains what those technologies are, just to pull the rug and say with 100% confidence that Microsoft is not gonna require them 😂

JaquesBobe
Автор

16:15 - Note that you do need to be logged in as an administrator for the TPM Console to work. It will say so if you're not.

Trifler
Автор

If you go to the Advanced or Security options in the BIOS of your DIY computer, and you are using, let's say, 8th Gen Intel, chances are that you will be able to turn on the Intel PTT (Platform Trust Technology, equivalent to TPM) functionality. It depends much more on firmware/BIOS settings than in own processor's settings.

adgarza
Автор

right now, TPM modules are extremely hard to buy. I have a MSI motherboard, and when I bought mine in 2011, I added the TPM module at that time. Now 10 years later, windows 11 come out and the module is outdated. I tried to check to see if the newer module was available, and it wasn't. when I enable the existing TPM, windows 10 doesn't see it. can't tell if the module is good or not. for a lot of computers, the TPM module is missing, its was offered as an option and was available until; now. MSI, Asus, and others are having issues with this requirement. a lot of people don't even know what this is all about...this is really causing issues with consumers.

johnstancliff
Автор

it should be an option, not mandatory. A very good interview, thanks for doing it. Helped me understanding it better.

DangerGnom
Автор

This was a really nice interview, you should have him on again!

yamilabugattas
Автор

In your BIOS/UEFI, there might be this kind of options to choose from:
* Firmware TPM (with the help of your CPU)
* Dedicated TPM (done by external Module on the motherboad)
* Nothing.

Firmware TPM:
* AMD: *fTPM* (at least *Zen+* i.e. 2000-series Ryzen Desktop from 2018)
* Intel: *PTT* (at least *8th Gen* i.e. Core ix-8xxx Desktop from 2017 & 2018)


One way to check TPM's status: Run > *tpm.msc*

eukariootti
Автор

With or without tpm or secure boot, I for one will not be updating to windows 11 no matter what. Nothing ever works properly when released by corporations these days. I’m fed up with paying top dollar for shit that doesn’t work as advertised and to a standard that I agreed to when making my purchasing decision.

kwl
Автор

Yes, no need for a hardware TPM module for Win11. Simply enable TPM in the BIOS [FTPM] - several videos on YT to show you how to do this.

synthwave
Автор

This was an excellent video. I didn't expect to enjoy this video as much as I did. 24 minutes just flew by. I never felt the need to move forward in the video manually, which I usually do on other YouTube videos. Excellent & conversation between the two individuals. Both interviewer and interviewee were great.

SamsMediaCenter
Автор

TPM also supports authentication, remote attestation etc. so it is a very important building block for WebAuthn TPM variants, Microsoft Azure Attestation, etc. if you want to increase the level of services provided securely, with some percent of clients malware infected, you have to have a trusted computing base to only release keys and attests to correctly booted OS:es.

randomgeocacher
Автор

how can TPM 2.0 protect us from microsoft

williammurdock
Автор

Secure boot is going to cause a lot of problems. Once you turn it on, now it might not recognize your your drives, your GPU or even your memory. And you won't even be able to boot into BIOS to turn it back off. In essence rendering your mother board into a paper weight. And the solution by Microsoft will be to replace your computer with one that has windows 11 already loaded! I suggest to anyone trying to make these adjustments in their BIOS to have a dual BIOS board such as gigabyte so when you destroy one BIOS you have another one left to try to run windows 11 or switch back to windows 10.

jamest