• maynarkh@feddit.nl
    link
    fedilink
    English
    arrow-up
    6
    ·
    1 year ago

    Your TPM unit in the motherboard has more privileges than you do. It attests to the integrity of the kernel, graphics driver included, and the kernel attests to the integrity of the browser and any peripherals.

    • kadu@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      2
      ·
      1 year ago

      That’s not what the TPM does, though you could theoretically build up a chain of trust based, partially, on the TPM.

      That being said, this doesn’t change the level at which the browser runs, how much it’s aware of my screen, and most importantly, it’s once again obviously not going to be anywhere near required unless Google is about to halve Chrome usage worldwide.