Windows 11 requiring a TPM of some sort seems more like a DRM preventing me from duplicating a W11 Virtual Machine on multiple systems and distributing it versus any tangible benefit to the end-user.
What benefits does the TPM bring to the end-user, and are these justifiably enough to make the OS not even function if there isn't one present?
Am I missing something?
What benefits does the TPM bring to the end-user, and are these justifiably enough to make the OS not even function if there isn't one present?
OS can function perfectly fine without TPM. What you are seeing is a design choice, not a functional requirement.
TPM allows the vendor to make sure its OS will not run on non-approved devices. It can block non-approved kernel modules from being executed. It can charge third party vendors for allowing their hardware or software to be loaded. It's not all on the interest of the user, but on the vendor.
But TPM can help the user too. TPM can protect the full disk encryption key, so it's very difficult (or even impossible) to execute an Evil Maid Attack. TPM attestation will detect a modified bootloader, and Secure Boot will (in theory) not let it load.
There are some caveats, some implementation issues and bypasses, so TPM isn't viewed as perfect solution, but another defense layer.
