How can you be sure that the software running on your computer has not been tampered with since you installed it? Even if your disk is encrypted, how can you be sure that the password prompt at boot is not a trap planted by an evil third-party that will exfiltrate all your data? Those are some of the questions that the field of “secure computing” tries to address. The answers are built through complex combinations of hardware (CPU, TPM, flash memory) and software (BIOS, OS) components.