I don’t, because I have better control over my disks. With TPM, the keys are stored within the chip itself, and I won’t be able to unlock it if I boot into another OS (re-installing, dual boot, etc). With password, while inconvenient, I know that I can always unlock it, ans the chance of locking myself out is negligible.

TPM being a backdoor doesn’t seem likely to me. Worst case scenario, transparent mode is just as bad as unencrypted disk. Most of the time, it adds extra security, though you are at the risk of locking yourself out.

“TPM is a backdoor” was something that got bandied around during the Vista era psrtially by people not understanding and partially (imo) to muddy the waters.

Secure Boot was maligned as at the time only MS were allowed to sign for it, so it was just an anti-linux locker. Later, after much haranguing, they backpedaled and allowed Canonical and Redhat to sign things, much much later, we could self sign.

TPM was also maligned around the same since MS (allegedly) had aspersions to only allow signed software which would be encrypted so that ‘bad actors’ (the users themselves) couldn’t change ‘protected’ (any) executables. I think the closest we’ve ever seen of that is Windows S.

The concept of secure boot and the TPM and BitLocker and all that stuff is somewhere between protection against hackers with hands on access to your system, protection against rootkits infecting the boot sector, protecting the average amateur end user from themselves doing something dumb, and keeping you in the Micro$haft ecosystem.

If you’re fairly comfortable that none of these should be a significant risk to you, then I’d say disable it and do whatever you want with your own system without all the headaches.

None. I just install os and use it without any encryption and such. It’s more important for me to be able to access data on device failure than encrypt it.

Off, and integrated TPM’s have been pwnd multiple ways for a while now

Off. My system won’t boot with it turned on. It just hangs at a black screen. From what I’ve been able to find out, it’s due to unsigned video drivers.

I don’t use either of those. If I were to use anything I’d use Linux’s LUKS disk encryption, but as others have said, I’d rather error on the side of data recovery if I lose the keys.

Full disk encryption with LUKS. Don’t really see much point in a TPM for booting my personal device, although it definitely has use cases and I don’t know what’s backdoorsy about it.