TPM 2.0 is actually cool

It is indeed cool tech. But be aware that e.g. building weapons is also playing with cool tech.

The main problem I see: Who is the attacker and who is the defender. The presented scenario has the machine owner (renter?) as defender, so no problem. In quite a lot of cases, the machine owner is the attacker, and e.g. Microsoft is the defender. That's where things get nasty.

It sucks, until I understood what it was -Author

> Every modern motherboard ships with a tiny cryptoprocessor

The majority of implementations for quite a few years now are fTPM, that is TPM on the CPU package rather than the motherboard.