From the blog:

> If you want security here you're paying attention to the values measured into the TPM, and thanks to Microsoft's own specification for measurements made into PCR 7, switching from booting Windows to booting something signed with the 3rd party signing key will change the measurements and invalidate any sealed secrets.

This is a new "feature" of Pluton Coprocessor.

It is not a new feature, has been done for at least a decade now. It's intentional however that tampering seals the keys permanently.

At worst you'll have to enter a Bitlocker recovery key...

Yeah but this is pretty bad in itself (really long number) when you're traveling. And needing the recovery key so often will lead to people writing it down and keeping it with the laptop so they're not locked out next time. Which invalidates the whole point of FDE.

The last time I had this the key didn't even work, my work rotates it regularly so something must have been out of sync.. Every Linux update seemed to break bitlocker this way so I stopped dualbooting.

Regular users would probably get their key from their Microsoft account.

But yeah, it takes effort to have a working recovery option if your configuration isn't painfully average.

But this has nothing to do with being able to boot Windows. The license key isn't in there. The TPM is used by apps to store secure data, which you wouldn't necessarily expect to even survive a reboot.

First, this is a feature of TPM (PCR 7 checks), even before Pluton existed. This literally existed in 2008 (and FSF was so scared of it because in theory it can be used for DRM, which is a valid opinion). You're spewing misinformation.

Also, for some people, they will trade-off the possibility of data loss as long as the data can be reliably destroyed if the data falls into the wrong hands. Maybe not for you, but it's there for enterprise.