You're absolutely right that this is basically the same technology some vendors tried to leverage to prevent us from running whatever we want on our own computers.
Luckily that mostly didn't happen (at least outside of the mobile ecosystem...), and the same technology is now very widely deployed to give users _more_ control over what runs on their computer.
Sure, that use lets me verify what my computer is running. But the way it's implemented would let the MAFIAA have the same kind of verification power. The only way I can see TPMs not being evil is if the standard added a requirement for them to support owner override <https://boingboing.net/2003/11/15/owner-override-a-pro.html>.
Most backend services get an identity assigned to them by having a token tied to a service account. This accomplishes the same goal, just in a more secure way.
Right, it's the method I want to avoid, not the goal. Just like you'd want to avoid products made with slave labor, which accomplishes the same goal of making consumer goods, but in a less expensive way.
I can see the argument for implementing DRM or similar on a personal computer. Do you feel the same outcome applies to a cloud application environment?
The outcome isn't my concern. As an analogy, consider if some industrial use were found for VX nerve agent. Would you be comfortable with production of it being massively enhanced?
