It certainly can be a pain in the proverbials. It’s one of those things that can be good or bad. When it’s the end user deliberately choosing to use it, it can provide extra peace of mind and lock down certain attack vectors, when it’s the vendor doing it, it’s just a way to make it harder to service your machine. That it also still locks down certain attack vectors is almost a byproduct in that scenario.

It’s a way of tying an encryption key to the processor. Depending on how you look at it that’s either a good way to ensure your disks aren’t readable if they’re separated from your machine or a vendor lock-in.