**If You’re Running Windows 11, Your Computer Has a TPM Chip Version 2.0 — Here’s What That Means for Your Privacy**
*By E. Pluribus Unum | Posted on YouTube.com via Rob Braxman Tech | Oct 29, 2025*
If you’re running Windows 11, your computer includes a TPM chip, Trusted Platform Module Version 2.0. This chip is one of the requirements for using Windows 11, especially now that Windows 10 has been declared “End-Of-Life.” While many think Windows 11 is an improvement, wait until you find out what this TPM chip is really about. It represents such a significant invasion of privacy that I turned mine off.
This is a classic example where cybersecurity does not equal privacy. Just remember: whoever sets the rules for cybersecurity — big tech companies in this case — may not have the same priorities as you do. Their definition of cybersecurity could very well equate to your loss of privacy.
Today, I will walk you through exactly what I found with this TPM chip, step by step, including technical details. You’ll learn about the APIs involved, which are apparently tied to the cloud. I’ll explain new terms connected to the TPM such as PCRs, PCP, EK, and UUIDs, plus the cloud calls it interacts with. Everything you need to know. You will be surprised. Stay with me.
—
### What Happened When I Bought a New Lenovo ThinkPad X1 Carbon Gen 13
I bought a brand-new Lenovo ThinkPad X1 Carbon Gen 13, the newest model, which came preloaded with Windows 11. Like I always do, my first step was to dual-boot with Ubuntu — something I’ve done for over a decade. Typically, on older Windows versions, installing Ubuntu takes about 20 minutes, though restoring data takes longer.
After the setup, I turned off Secure Boot because, as a developer who runs custom kernels and tests software, Secure Boot — which blocks unsigned bootloaders — was restrictive. It also ties you to operating systems signed only with Microsoft’s keys.
But to my surprise, without any warning, the entire drive locked up. My Ubuntu partition became inaccessible. The GRUB bootloader was wiped. The only way to recover was to download a Lenovo Recovery USB and start over. I lost not just Ubuntu but all my data since this recovery process reformatted the hard drive.
Why did this happen? Because BitLocker is now enabled by default on Copilot Plus PCs, and BitLocker is hardwired to the TPM.
—
### The Problem with BitLocker and the TPM Endorsement Key (EK)
When the drive locked, the bootloader presented a recovery option: visit aka.ms/bitlockerrecovery and sign in with your Microsoft account. This was problematic for me, as I use a local account and had difficulty signing in. Despite my suspicions, I proceeded—and there it was in plain text: my device name, my 48-digit BitLocker recovery key, and the TPM chip’s Endorsement Key (EK), a 2048-bit RSA public key.
Pay close attention to the EK.
The TPM Endorsement Key is a unique identifier of your machine. It’s burned into the TPM factory chip and never changes. Once you use BitLocker, this EK becomes your digital passport. You cannot change or delete it.
The EK is tied to your Microsoft ID, Windows Hello, any cloud service using Microsoft’s TPM APIs, and some Azure services.
Currently, Microsoft is the primary company using the EK at scale — for BitLocker recovery, cloud services, gaming anti-cheat systems like Valorant and Fortnite, and more.
—
### Open API Exposure of EK: A Privacy Risk
Microsoft exposes an open API allowing any application to call the TPM and reveal the Endorsement Key. You can run a PowerShell command yourself to retrieve the EK. Unlike smartphone IMEI numbers, which are tightly locked down, on a PC, any app with admin rights can pull your EK.
Yes, gaming anti-cheat systems are already using this.
—
### Microsoft Cloud Cryptography and the Platform CryptoProvider (PCP)
Next, the rabbit hole deepens. The Microsoft Platform CryptoProvider (PCP) routes all TPM operations through Microsoft’s cloud. It’s not just a driver; it’s a cloud service.
Microsoft provides an API for applications to interact with the TPM’s security functions, but these interactions go through Microsoft’s cloud infrastructure. This means Microsoft knows every security interaction, including Windows Hello authentications, BitLocker boots, and any use of TPM-backed keys in apps like games.
When you generate a key sealed to the TPM, it’s registered on Microsoft’s cloud servers. All TPM operations route through Microsoft’s attestation infrastructure, allowing Microsoft to build a comprehensive database of every Windows 11 machine it encounters, know when these keys are used, and track device activity.
—
### Platform Configuration Registers (PCRs): Hardware Monitoring You Didn’t Ask For
My second major issue happened when I swapped SSDs. I routinely swap NVMe drives for backups and testing. When I installed a second SSD with a dual-boot Windows 11 and Ubuntu 24.04 setup, I noticed GRUB was again wiped on boot — and Ubuntu was inaccessible.
This is due to the Platform Configuration Registers (PCRs) in the TPM. The TPM measures your hardware configuration on every boot and stores it in PCRs. This record can be queried locally or remotely by the bootloader.
PCR 1 is particularly important. It includes CPU microcode, motherboard firmware, NVMe drive UUIDs, and partition GUIDs. When I swapped SSDs, the drive UUID changed, leading the TPM to detect a mismatch in PCR 1. This apparently signaled Windows 11’s bootloader to wipe out GRUB.
You can check PCR 1 yourself with PowerShell; it changes with hardware modifications.
If you use BitLocker, this triggers a lock. Even if you don’t, Windows can take over the boot sequence. This is not a bug; it’s by design and quite concerning.
—
### Remote Attestation: Microsoft Can Remotely Verify Your Hardware State
The scariest part is remote attestation. Using Microsoft’s PCP service, any application can remotely query your TPM and get a signed PCR quote.
Here’s how it works:
1. An app calls **GetTPMAttestationQuote**.
2. TPM signs all PCRs with an Attestation Identity Key.
3. The quote is sent to Microsoft’s Azure Attestation Service.
4. Microsoft confirms device details—such as Windows version, Secure Boot status, and the presence or absence of Linux bootloaders.
This technology is live. The Azure Attestation Service powers Windows Device Health Attestation, and any app can use it.
For example, a bank app might check if you’re running Linux by querying PCR 4 for a GRUB signature. If detected, the app denies login.
Google does something similar on Android with the Play Integrity API, which replaced Safety Net. This API prevents apps from running on non-approved OS versions.
Microsoft is building the same power for PCs.
—
### What Data Does Microsoft See?
Every time you use BitLocker, enroll in Windows Hello, use a TPM-protected certificate, or run Copilot PC features, Microsoft receives your device’s EK and PCR data.
There is no need for hacking because you voluntarily transmit this data.
To use attestation-dependent apps, you must be signed in with a Microsoft account. Attestation fails on local accounts because these processes require signatures verified through the Microsoft PCP.
Microsoft is literally in the middle of everything.
—
### Windows Copilot: The AI That Never Forgets
You can’t talk about TPM without mentioning Windows Copilot.
Windows Recall takes screenshots every three seconds and stores their analysis in encrypted SQLite databases, encrypted with TPM and BitLocker. This means your behavior is logged, your identity is tied to the TPM, and your system configuration is attested.
Microsoft claims this data stays local. However, there is no technical barrier preventing the AI companion from analyzing your Recall database locally and reporting findings back to Microsoft headquarters.
Apple demonstrated a similar concept with NeuralHash, scanning photos locally and reporting matches to CSAM hashes. Although Apple suspended their project, this proves the concept is technologically feasible.
With today’s large language models (LLMs), Microsoft could, for example, instruct Copilot to summarize your recent activities, including privacy-related actions such as disabling TPM or using Tor. Zero technical difficulty.
—
### The Kill Chain: Identity, Configuration, Behavior, Control
1. **Identity**
You now have an inescapable identity via the Microsoft key and permanent TPM EK.
2. **Configuration**
PCRs allow applications and Microsoft to certify your device’s configuration.
3. **Behavior**
The AI companion and Recall observe your actions.
4. **Control**
This can lead to a new era of “debaking” or blacklisting, like what has happened to political figures and groups in other countries.
—
### How to Fight Back
You don’t have to play this invasive game.
Here are some practical takeaways:
– **Don’t use Windows 11 as your main OS.**
Stay on Windows 10 or use Windows 11 only in a virtual machine (VM). Use Linux for everything else.
– **Disable or reset the TPM.**
The TPM Endorsement Key (EK) is permanent—it is burned into the chip at the factory and cannot be changed. However, you can:
– **Option A: Disable TPM in BIOS (Recommended).**
For Lenovo ThinkPads: reboot, press F1 to enter BIOS, navigate to Security > Trusted Computing, set TPM state to Disabled, and save changes. BitLocker will suspend itself. Some apps may refuse to run.
– **Option B: Clear TPM ownership** using elevated PowerShell commands—but only if you never sign in again with a Microsoft account on the device. Clearing TPM deletes all attestation keys and invalidates BitLocker protectors. Signing in with the same Microsoft account will re-link your EK and begin tracking again.
– **Never use embedded AI like Copilot, Apple Intelligence, or Google Gemini.**
Instead, use local AI models, such as LLaMA, where you control data and interactions.
– **Boycott apps that require attestation.**
If banks or government services require TPM attestation, demand alternatives. If social platforms use attestation, consider leaving.
—
### Final Thoughts
This technology is not coming—it’s already here. Every new PC ships with TPM 2.0 and generally has BitLocker enabled by default. Microsoft’s Copilot watches your activity.
Remember, **you are not the user; you are the product.**
Disable your TPM, switch to Linux, reject embedded AI companions, and take back control. Because soon, your PC may decide whether or not you are allowed to log in.
—
Thank you for watching and reading. As many of you know, this channel does not have sponsors and sustains itself primarily through products and services that help defend user privacy.
I invite you to visit our community site, BraxMe, a growing group of privacy enthusiasts from many backgrounds supporting each other on privacy issues. We offer services including Brax virtual phone service, BraxMail, BytesVPN, Google phones, OS flashing, and more. You can connect with real users without identifying yourself.
The Brax 3 phone is available for pre-order in its second batch after selling out the first. Visit Braxtech.net for details.
Thanks also to those who support us on Patreon, Locals, and YouTube memberships. Your support is appreciated.
See you next time.
—
*Disclaimer: Opinions expressed here are those of the author and do not necessarily represent the views of Free Republic or its management.*
https://freerepublic.com/focus/f-chat/4350514/posts