You do know those are trivially bypassed with a signal processor, right? If physical access is outside your threat model, that's OK, but it makes (for example) the forced Win11 upgrade for DRM^H^H^H boot integrity enforcement seem ridiculous.

https://pulsesecurity.co.nz/articles/TPM-sniffing

The article you link to explains how to defeat the sniffing with TPM 2.0. But also, there’s no reason a physical TPM has to be a separate IC package.