Hristo, you bring up good points. I could have been more clear. I had hoped the Engineers at Purism might come in and provide the more exact details.
While Librem Key is part of the using a Librem computer, I would guess they are glad to get any sales of the Librem Key for non-Librem computers.
From what I read that is easily available, the Librem Key has been modified to use the Pure Boot that is used by a Librem computers. Whether it works with Heads, or can be modified to work with Heads, and then Perhaps (I dunno) to start the auto decryption of Disk encryption. I dunno.
From what I read that is easily available; The other parts of Librem Key is supposed to be the same as Nitro Key Three.
Having an encrypted Password Safe on a USB key that can be accessed by different distros of Linux feels like a good option in choosing my personal security tools. (easier to say after I bought key, rather than before buying, when I agonized over spending the money)
Upgrades to Windows 11 tries to require one to use 'TPM 2" Intel firmware for the Intel “Trusted Platform Module,” known for allowing Intel to change the basic code firmware on the main processor, without our knowledge or consent. Which I guess everyone has heard about.
So I started researching what else is involved with Upgrading to TPM 2.0, and what I would be getting.
A technical paper: https://csrc.nist.gov/CSRC/media/Presentations/Why-TPM-2-0-Reasons-for-Upgrade-Use-Cases-for-th/images-media/day1_trusted-computing_330-420.pdf
Why Use a TPM 2.0?
Problems that can be solved/ameliorated with TPMs
Poor entropy leading to weak keys
Supply chain risks / Counterfeit hardware
Keeping bad guys off of your internal network
Keeping malware infected hardware off of your internal
network
Massive password database releases
Multi-factor authentication
Email Security
FIPS certified / Common criteria certified encryption engines
Securing your root certificates
Merging physical and logical controls
I read some other things. But Intel and M$ are admitting that the TPM has the Entropy - Randomization which is used to create PGP keys. And it should be upgraded to TPM 2.
Frankly I do not trust Intel to help me create strong PGP Keys.
I read the Nitro Key 3, and thereby (I hope) Librem Key can be used for the Entropy info to create Keys.
I am still experimenting.
The next question is why did I buy a Librem Key when I could have bought a Nitro Key? I am aware that companies, like Amazon sometimes sell counterfeit items. I am distrustful.
Ordering NitroKey directly from German manufacturer makes it obvious to the NSA that I am buying, some toy they might not want me to have. If I was running the NSA, I would have a workshop that could duplicate all kinds of hardware.
Would the NSA use it’s funds to target me? I am too small a fish. They might not realize who I am.
Part of my point being, that if it is profitable enough, perhaps Purism might document all the ways - future Librem Keys could be useful, as the means of shipping is, for those in US, perhaps could be more trustworthy as it does not flow through US customs. If it was also not shipped straight out the obvious public door of Librem. Perhaps selling the latest model Librem Key sold from a Kiosk at a computer security conference.
One wonders if the Librem Key could be converted into being a standard Nitro Key, with a Firmware Upgrade?
Documentation for different products, at different times can be in Flux.