• Baut [she/her] auf.@lemmy.blahaj.zone
    link
    fedilink
    arrow-up
    1
    ·
    10 months ago

    I think Heads (osresearch.net) uses security keys as a kind of substitute TPM, however that only works if you replace your - supported - PCs firmware with it.
    I don’t know too much about how this works in particular, so I can’t really compare it. safeboot.dev recommends Heads where possible, which I understand is partly due to safeboot relying on proprietary firmware implementations, while Heads uses libre software for the most part. Sadly the Heads firmware only supports older models/CPUs, which afaik don’t receive (all) microcode updates, including one which weakens the IOMMU.