I'm not sure if I understand your argument. As long as you can put your own things on your TPM and use it for your own good it's not too bad right? And in corporate environments it's reasonable to not own your own device right?
Sure Infineon can probably get my data, but that's far beyond the scope of my threat model.
As long as the system is open to putting your own keys on there I'm fine with it.
> I'm not sure if I understand your argument. As long as you can put your own things on your TPM and use it for your own good it's not too bad right?
As long as software that uses the TPM cannot detect whether you tampered with the TPM or not, it is principally all right.
But as I wrote down: this is exactly the opposite of what trusted computing was invented for: make the machine trustable (for the companies that have control over the TPM/trusted computing), because the user is distrusted.
Sure Infineon can probably get my data, but that's far beyond the scope of my threat model.
As long as the system is open to putting your own keys on there I'm fine with it.