Uh.... 6 minutes in and he's described an RDP attack and the mitigation for such an attack has nothing to with TPM. Who the hell cares what an attacker does when they already have admin privs at what essentially is the console? It's game over at that point.
Later, it's funny to hear this guy tell us what then "can't happen" because <new security tech here>. No, that tech helps raise the bar against such attacks. Who's deluded enough to think that Microsoft + TPM has just made a flawless security model?
It seemed to me that the only attack described that Win11 may help protect against was the fingerprint one. I'm curious to know how Secure Boot on its own doesn't help protect against the boot loader attacks.