1stnflight
As I understand it there is very limited memory in the TPM. This was designed so as to minimize the complexity and cost of the chip. The TPM really just has to keep two secrets absolutely secure inside the TPM, not counting the platform configuration registers(PCRs). Those are the Private endorsement key and the Storage Root Key. Any other secrets are made secure by wrapping (encoding) them with a public key of a newly generated asymetric key pair and storing the encoded object outside of the TPM (hard disk, floppy, whatever). The private key of that pair can then be encoded as well and then stored on the platform (not in the TPM). It's hard to explain, but this process can be repeated many times, creating a storage hierarchy, with the secret data at the end-point. This way only one storage root key is required.
Once the secret has been unwrapped and exported from the TPM it would be vulnerable to software attack, but this is where an attestable software state comes in. The owner of the secret would establish that the secret only be released if the software state of the platform is the same as when the secret was created. Measuring and reporting on the software state are core functionalities, and the associated data are stored in the TPM PCRs. So the TPM can't stop spyware from executing, but it can keep secrets safe from it.
I hope this helped.
AI
