As SS said, don't trust TPMs made in China.
As some Germans said, don't trust TPMs operated by MS.
The standard can be awesome. Although the Germans were complaining about various flaws that weren't fixed. But even assuming the best, it doesn't necessarily matter.
It's the sovereigns, the manufacturers and the software companies that can undermine trust.
Yes. Someone needs to be trusted. The problem is that when it comes to data security, the US was trusted and no longer is.
So the issue is a big one. It will only be solved by policy, in my view.
If TCG is seen to be tainted by NSA, then it's unlikely to be adopted. Some folks say "repudiate NSA". I think that's pointless. I think you have to redesign the policy root of trust.
Until then, sales only within the upas tree influence of the USG.