Care to expand on that? I have a TPM in my machine. A TPM is an encryption device that creates a unique hash based on the configuration of the hardware in the system. That hash is 1024-bit (or longer) and is impossible to crack in any realistic or near-term time frame. If you enable the TPM with a unique password, it's more secure than any certificate or password ever could be.
Microsoft doesn't take over the TPM. The TPM is user-addressable but useless without the hardware its plugged into. Windows 8 takes over the EFI boot system, meaning you can't dual-boot your machine. That's it.
I run Linux myself. I have a Win7 machine for gaming, but I'll never upgrade to Win8. This is a bit more hysterical than technical. The BANE of the NSA is someone who uses a TPM properly. Most people don't realize they have a TPM installed in their machine. It's a personal encryption system if you know how to activate and utilize it.
Unless there's a back door you don't know about.
>Most people don’t realize they have a TPM installed in their machine.
Serously?
Which machines are those?
The article says the manufacturer has a copy of all the preloaded keys for TPM chips. So that might be a wee bit compromising.
“That hash is 1024-bit (or longer) and is impossible to crack in any realistic or near-term time frame.”
Done. People that say such nonsense as that have no clue what the NSA has or can do and simply repeat what other ignorant schmucks say on the Internet. The NSA has prime numbers well past a billion digits and can read your 1024 encrypted message faster than you can. They have a chip plant that is amazing and they do not use brute force computers to crack codes or messages. It is all math and wired in silicone, operating in frequencies that boggle the mind.
If the concern is encryption of PC data -
There are plenty of encryption systems implemented entirely in software, independent of TPM both for encryption and authentication, that permit whatever key lengths you want.