Remove TPM?

Is there a way to physically remove the Trusted Platform Module? I will be running a Linux-only system and will never have a need for it. Also, I don’t trust it as I’m an unreasonable, and cynical git. That said, my concerns are not without merit:


Should be enough to just remove the TPM module loaded by the Linux kernel. Without the “drivers” loaded, no application can access (theoretically).

That’s cool and all, but I want to “Physically” remove the chip, if possible.

1 Like

If it is soldered, it may be more complicated… :}

Not sure if the FW uses a discrete TPM module, as it may just be using the fTPM, which means that you’d need to rip out the processor to remove the TPM.


Pretty sure it’s using a firmware TPM. So you’d have to desolder the SoC…

I wouldn’t recommend that.


Apparently Linus Torvalds is not a fan of the TPM either.

1 Like

The TPM in the Framework 16 is integrated into the SoC. It’s a Microsoft Pluton TPM. Even though there is a kernel module loaded for it is not used by anything in Linux by default. You can interact with it using tpm2-tools. If you don’t want to use it, you can also block the tpm related kernel modules from loading as mentioned above.


Why is it the more I go down this TPM rabbit-hole, the more I am divided between “It’s probably fine.” and “Where is my tin-foil hat?” The Reddit posts alone are all over the place.

1 Like

My opinion is that in Windows the tin foil hat is more justified.

In Linux the only thing exposed is the TPM2 implementation. If you don’t use the TPM2 it’s some dormant RTL.


Amazing what the industry does to just remain in the “positive” list of some manufacturers - e.g. Microsoft …
It is amazing also, what the Opensource Community does, to evade the limitations put in place :} It is a perfect exercise to understand how it works, and know what it implies and finally realize what it will mean in the future to come…

I’m so happy I grew up in the 80ies… I made so much crap, but there is no recording of it available !!! :smiley: