The much maligned “Trusted Computing” idea requires that the party you are supposed to trust deserves to be trusted, and Google is DEFINITELY NOT worthy of being trusted, this is a naked power grab to destroy the open web for Google’s ad profits no matter the consequences, this would put heavy surveillance in Google’s hands, this would eliminate ad-blocking, this would break any and all accessibility features, this would obliterate any competing platform, this is very much opposed to what the web is.
I’m afraid you are sorely mistaken. Here’s an RCE vulnerability in the TPM 2.0 reference implementation.
Your own article says it’s VMs. The tpm itself can be bricked. Ok that sucks. Still not persistent like you describe.