The protection of FDE is the carrot they give to get you to enable TPM 2.0. The stick is the remote attestation which can be used for nefarious purposes like DRM and other types of denial/system lockdown at Microsoft’s discretion.
It’s true it’s hard to motivate people into taking a better security posture for themselves but forcing them like this doesn’t come from a good and sincere place.
The protection of FDE is the carrot they give to get you to enable TPM 2.0. The stick is the remote attestation which can be used for nefarious purposes like DRM and other types of denial/system lockdown at Microsoft’s discretion.
It’s true it’s hard to motivate people into taking a better security posture for themselves but forcing them like this doesn’t come from a good and sincere place.