Comment by brianpgordon
11 years ago
I'm not an expert on trusted computing, but I thought that TPMs can enforce secure boot and encrypt data that cannot be recovered if unauthorized software is running on the system. There are probably vulnerabilities in the implementation, but I thought that, in theory, it's airtight.
In principle, yes, if you know that the TPM's private key hasn't been compromised. At a minimum, you would need some way to verify that it's actually a tamper-resistant hardware chip, and not a software emulation.
I don't see how a software agent bidding on VPS hosting services could possibly know that.
It could just pay humans to go verify that for it. See http://slatestarcodex.com/2015/04/07/no-physical-substrate-n..., or just think about the fact that services like Mechanical Turk and Magic exist.