TPM chips are not opensource, end user cannot simply check them for backdoors. Manufacturers of these chips are under heavy scrutiny of intelligence agencies. Governments around the world try their best to prevent people from using strong cryptography (eg. limiting effective key lengths in various ways).

Why should we trust such chips more than purely software based approach?

The real question is

"What's your threat model?"

If it's people stealing your laptop and fear of identity theft, use the TPM.

If it's the NSA, ¯\_(ツ)_/¯

Like most ordinary folks, my threat model is the use of TPM for DRM.

Netflix playing at lower resolution for example.

Widespread TPM is actively harmful for most people, and the biggest blow to general purpose computing in recent years.

> Like most ordinary folks, my threat model is the use of TPM for DRM.

TPM is pretty much useless for DRM.

The TPM allows Hollywood to verify that you're running an Approved(TM) operating system. It's also very useful for WEI, which is web DRM - it allows Google to verify that you're running an Approved(TM) operating system and browser.

Linux will never be approved, unless it's heavily locked down, by the way.

For what it is worth google has fortunately abandonded the WEI proposal, a quote from the README of https://github.com/RupertBenWiser/Web-Environment-Integrity/

  NOTE: This proposal is no longer pursued.
  Thank you for all the constructive feedback and engagement on the topic. An Android-specific API that does not target the open web is being considered here.

The android specific proposal is only adding support for it to WebView, which developers actually could already by combining the WebView and play integrity APIs, so that as much as I don't love it that doesn't seem too terrible if it is just saving developers from writing some boilerplate code to connect the two. Here is the recent discussion about the WebView changes https://news.ycombinator.com/item?id=38118627