Skip to main content

Even the Surface Laptop Studio doesn’t come with a hardware TPM chip

This story is part of our complete Microsoft Events coverage

Microsoft just announced the new Surface Laptop Studio at its fall Surface event. Sandwiched between updates to the Surface Pro and the Surface Duo, the Laptop Studio is an entirely new product that balances powerful hardware with the design language of the Surface range. And it even looks like a decent gaming machine.

One of the specs raises an eyebrow, though. The Surface Laptop Studio comes with firmware TPM, not hardware TPM. This tiny processor has been the center of some controversy since the Windows 11 announcement, and the launch of the new Surface Laptop Studio shows that the buzz around hardware TPM was mostly hot air.

Recommended Videos

Firmware TPM is the right call

Internals of Surface Laptop Studio.
Image used with permission by copyright holder

Before getting too deep into this issue, some background is important. A Trusted Platform Module (TPM) is a processor that serves as a root of trust on your device. It’s basically a vault for highly sensitive data like cryptographic keys. The best implementation for security is a dedicated chip that lives on your motherboard, separated from other parts of the machine so it can’t be breached.

However, many consumer TPM implementations don’t use hardware. They use firmware instead. Firmware TPM does the same thing as hardware TPM, but it stores the sensitive data in secured parts of software and uses the CPU’s power to handle any cryptographic functions. As the Trusted Computing Group says, “the downside to the … firmware TPM is that now the TPM is dependent on many additional aspects to keep it secure.”

Basically, there’s a trade-off. Firmware TPM is easier to use and cheaper to implement, but it’s less secure than a dedicated chip.

For consumer devices, firmware TPM is all you need. Things like passwords and biometric data aren’t valuable enough for attackers to use sophisticated attacks to get them. Hardware TPM is meant for the data center and enterprises, where hacking groups are more likely to utilize complex tactics to steal data.

The Surface Laptop Studio comes with firmware TPM on the consumer version and hardware TPM on the enterprise version — and that’s the right call. The irony is that TPM caused a big fuss when Windows 11 was announced, with dedicated TPM modules shooting up to four times their price on the secondhand market. The Surface Laptop Studio shows that even Microsoft knows that hardware TPM isn’t necessary for most people.

Poetic justice

asus tpm chip in motherboard.
A TPM is usually soldered to the motherboard, but add-on modules are available, too. Image used with permission by copyright holder
When Microsoft announced Windows 11, DIY PC builders were sent into a frenzy when they thought they couldn’t run the new operating system on their high-end hardware. They could by enabling firmware TPM, but Microsoft’s PC Health Check app said otherwise at the time. Microsoft quickly removed its Windows 11 compatibility checking app to avoid further confusion.

A couple of months later, Microsoft resurfaced and held its ground on the TPM requirement. To be clear, Windows 11 supports hardware and firmware TPM — the OS recognizes them as the exact same thing. As scalpers showed around the time of the announcement, though, there were a lot of people that didn’t understand that.

The announcement of the Surface Laptop Studio is a bit of poetic justice, and a recognition from Microsoft that the TPM requirement is less important than it was portrayed. I still have issues with the TPM requirement in the first place, but I’ve written about that plenty in the past.

Firmware TPM doesn’t change anything about the Surface Laptop Studio. It still looks as secure as it needs to be, and it uses TPM for the latest security features. Firmware TPM is also cheaper — it doesn’t require a separate processor on the motherboard — so it’s nice to see some level-headed thinking when extra manufacturing cost is on the table.

Security isn’t everything

Microsoft surface Laptop 4
Microsoft

Although security is vital in a world of increasing cyber threats, it comes at a cost. Sometimes it’s a time cost, like having to enter complex passwords manually, and other times it’s a monetary cost, like adding a dedicated security processor when software does the trick almost as well. Cybersecurity is inherently a risk assessment.

As the Surface Laptop Studio shows, the trade-off between firmware and hardware TPM isn’t relevant for the vast majority of people. Even Microsoft, the company pushing hard for updated security measures on the what’s been called the most secure version of Windows, recognizes that fact.

You don’t need to worry about TPM if you plan on picking up a Surface Laptop Studio. Before you go to check out, though, make sure to glance at the spec sheet so you know that TPM isn’t as important as Microsoft made it out to be.

Jacob Roach
Lead Reporter, PC Hardware
Jacob Roach is the lead reporter for PC hardware at Digital Trends. In addition to covering the latest PC components, from…
Microsoft September 2023 event: Copilot, Surface Laptop Studio 2, and more
Microsoft CEO Satya Nadella talks on stage during the Microsoft September event.

Microsoft's September event delivered a slew of exciting announcements. All things AI were a hot topic, ranging from the Microsoft Copilot to updates to Paint and Snipping Tool. Several new Surface products were also revealed, including the Surface Laptop Studio 2.

We were at the event and got all of the news firsthand. Here's everything that Microsoft unveiled as part of its September 2023 event.
A new category of computing

Read more
Huge leak reveals Microsoft’s new laptops coming next week
Leaked renderings of the Microsoft Surface Laptop Go 3, showing two laptops intersecting over each other.

We’re just a week away from Microsoft’s upcoming Surface event, yet a plethora of renders and information have just leaked out, spilling the beans on a new Surface Laptop Studio 2, updates to the Surface Laptop Go 3, and an all-new Surface Go 4.

According to the German website WinFuture (via OnMSFT), this information was gleaned from third-party retailers who have already been provided with official data from Microsoft. It’s a slip-up Microsoft would rather have avoided so close to launch day.

Read more
The most powerful Surface laptop ever may launch later this year
The back lid of the Surface Laptop Studio.

Microsoft's Surface line has become iconic in a few different ways, but performance was never its strong suit. However, according to rumors that have been building throughout this year, we'll be getting the most powerful Surface device we've ever seen later this year.

The product in question is the Surface Laptop Studio 2, a follow-up to the debut of the design in 2021. That initial Surface Laptop Studio was already the most powerful device in the lineup as the replacement of the previous Surface Book designs. Most importantly, these are the only Surface devices to get discrete graphics, making them the best options for creatives and gamers. Of course, that device was unique for its form factor -- but performance was a big selling point too.

Read more