New
#740
Watch what is next for Windows event on June 24, 2021
-
-
New #741
-
New #742
Just a couple more data points:
I did a clean install, with SB and TPM on, but non-qualifying CPU. It went fine, but installed the Home version.
I did an in place upgrade on a well set up Win10 system, this time with SB off. It went fine, and resulted in a Pro system. This one I aim to dog-food for a while and really see what's going on (knowing full well that it's early days).
What we don't know is how much more strictly the 'requirements' will be enforced for the Insider version coming up. And this is especially true for the ultimate RTM version whenever that floats along.
-
New #743
Wrong. It's not just UEFI that they want. As for the point of the betas - uh, what's the point of trial software? What's the point of free samples?
They want you to like it so that you 'll get it. As every corporation in the world - they want you to use their products.
Technically speaking,m we don't really know. We only have a leaked DEV build, which M$ has stated in clear terms can be installed in unsupported hardware throughout the Insider Preview phase.
IOW, right now, the leak should probably install pretty much on any device that also run Windows 10. Future builds may or may not.
It does seem arbitrary - but Intel open sourced TPM in 2018. I suspect that has a lot to do with it, because their 2017 launch of 8th gen CPUs was probably already tailored to make use of firmware-based TPM, which is why 7th gen and 8th gen are so closely similar. And why the 2017 releases of AMD Ryzen and TR 1st gen CPUs did not make the cut - because they were developed before AMD had the knowledge that TPM Was about to be open sourced and firmware TPM was about to be usable by anyone.
No offense, but I'll take security over speed. What's the point in driving 150 mph if your brakes don't work?
I live near Atlanta, GA - the Colonial Pipeline shutdown due to a ransomware attack Fd us big time. No gas station within 30 miles of my home had gas - and the prices were $1 more than they were before the pipeline shutdown. People were stockpiling, and violence had already started at pumps as people got irate with stockpilers when they needed gas for the work week.
I'd much rather have better security and a chance to prevent infrastructure attacks (as much as possible - let's face it, they are extremely vulnerable here in the US) than go through that mess again, only for an extended period - no electricity and chaos would ensure within hours.
Nice find.
Keep going on about it. In a sense, you're right - TPM is no magic bullet, and neither is Secure Boot. Neither are both of them together.
But with the whole SolarWinds debacle, plus the much more resent one about a Microsoft issued security certificate for the Netfilter rootkit (see Microsoft admits to signing rootkit malware in supply-chain fiasco ) they need a win for investors. They definitely are a corporation and they definitely answer to said investors.
That being said, though, they do need to do something. And my comments above show that they are at least trying to impress some folks with all of this (the investors).
but the level of security for PCs HAS TO GET BETTER. Period.
Because users ain't gonna do it themselves. Just look above at the forward security and backward speed comment for an example. Too many users complain at the restrictions security measures put on them - and don't bother with using them as they should. Then the Pandemic came, and Work from Home became a thing - and all of a sudden, all that corporate data was much, much more easily accessible PRECISELY BECAUSEthose users who don't care about security at home were access corporate and enterprise networks.
And a bad situation was made that much worse because of it.
Well, I've presented plenty of evidence and reasoning as to why they are doing it. But if every user not happy with the security requirements were to move to Linux, that would STILL make their PCs better secured than they currently are, IMO.
Well, all except those who foolishly try to login and run as root 24/7 (a la XP)....
-
New #744
Linux is no magic bullet either, it's only saving grace (security wise) is that it's less interesting to exploit holes. If you are not careful, some distros can be downright dangerous because too many fingers in it, some of distros are made by amateurs and not under scrutiny of anyone. Windows are at least made by serious company with many looking at safety features or holes,not all with nefarious goals which enables fast patching of vulnerabilities.
-
-
New #746
No offense taken John.
Everyone has a right to their opinion.
Now why was the pipeline hacked? Bad security ? we weren't there and news outlets don't tell the full story all the time.
Intel has been letting security flaws pass buy for many years. What happened with meltdown is a classic example. A fix was found and then my high end Asus laptop lost 20%-30% efficiency. If a fix would have been put in place in a timely manner it probably would not have cost in efficiency and speed.
It's always about the$$. If companies (and some do) develop with quality as much as $$ in mind it would be a win win for them. Some companies are gouging customers in ridiculous ways because there aren't other options for customers.
But when you spit in the air, .... you know the rest. I'm all for security but not at the expense of efficiency and speed. What can be coded, can be de coded. (of course the more complex the code...)
Sure, Intel can make their processors more secure but they don't have to be slower and you don't have to have the fort Knox model for the home user.
Having more secure machines is excellent, besides I'm just venting here. I'm sure they will keep in mind that users and especially companies don't want to sacrifice speed. ��
-
New #747
Our second laptop won't run W11 either. Good spec too. Although it is 2015. HP Spectre X360 13. It has UEFI and TPM 1.2. HP don't seem to have an option to upgrade it to TPM 2.0 for this model (although they do for some models of computer).
I wonder if manufacturers will start making TPM 2 firmware available for more machines. Probably not - they'll want you to buy a new one.
-
New #748
-
-
New #749
No offense taken John. Everyone has a right to their opinion.
Now why was the pipeline hacked? Bad security ? we weren't there and news outlets don't tell the full story all the time.
Intel has been letting security flaws pass buy for many years. What happened with meltdown is a classic example. A fix was found and then my high end Asus laptop lost 20%-30% efficiency. If a fix would have been put in place in a timely manner it probably would not have cost in efficiency and speed.
It's always about the$$. If companies (and some do) develop with quality as much as $$ in mind it would be a win win for them. Some companies are gouging customers in ridiculous ways because there aren't other options for customers.
But when you spit in the air, .... you know the rest. I'm all for security but not at the expense of efficiency and speed. What can be coded, can be de coded. (of course the more complex the code...)
Sure, Intel can make their processors more secure but they don't have to be slower and you don't have to have the fort Knox model for the home user.
Having more secure machines is excellent, besides I'm just venting here. I'm sure they will keep in mind that users and especially companies don't want to sacrifice speed. ��
A reader after my own heart.
Thing is, if Intel keeps ignoring CPU vulnerabilities, then isn't it a good thing that M$ turns around and says no to older Intel CPUs that have extended vulnerabilities that Intel refuses to fix?
I was one of the Bloomfield users that was left in the dirt after Intel finally started releasing CPUCODE patches for BIOSes for their CPUs. I was incensed (you can probably find more than a few rants of mine in these forums alone). SO I understand that full well.
As for making money -well, that is the only purpose left to large corporations and enterprises. Microsoft gave Win 10 away more so than they sold it, and yet they made it into the 2 Trillion USD club. They did something right. And their investors (aka shareholders) are the ones they answer to, not us.
I get that.
However, I also get just what a pathetic job Intel has done in supporting their own hardware in the first place - it's why, when I finally, after 9+ years running my Bloomfield rig, built a new machine, I went AMD. In fact, my signature was, until just a couple of hours ago, a link to the pics of my build - which I wryly call my "I Hate Intel Build". So, yeah, I'm totally off Intel.
As for the pipeline - taken solely, no, we don't really know. But if you look at the larger scheme of things, corporate and enterprise and municipal and infrastructure attacks took a massive rise almost perfectly aligned with the Work from Home timeframe. There were a lot of stories about how WfH was a great thing, about how businesses and corporations didn't see a massive drop in productivity that they were expecting. And yet those businesses who allow WfH are getting more and more antsy about getting their workers back in-house.
Because the average homeowner working for a corp doesn't know jack about home network security and how to ensure their kids can play on hte network and their IoT devices can access the network as they want and they can access their corporate resources - all without knowing about each other.
"Oh, I live in {XYZ large Metropolitan area} and I have {XXXX} high speed internet, so I can work from home just as easy as I can from the office!
BZZZZZZZZZZZZZZZZZ
Not that simple. And malicious actors took major advantage of this.
Now, I realize, as I mentioned above - corps gotta make the shareholders happy. And all of these so-called restrictions that M$ has given us thus far are mostly smoke and mirrors meant to appease the shareholders. I get that too.
But something sure needs to be done. We put people through a lengthy testing process to get a drivers license. And yet people promptly forget to verify their lights work, check their tires, keep their mirrors and windshields clean and watch traffic in all mirrors, etc. And anyone with $$$ can buy a computer, no tests, no security verification, almost nothing.
Why did M$ start including an antivirus program in with the OS?
Why did M$ develop UAC?
Why have they continually tried to bring better computing practices to the masses?
Because the masses don't care. They just want their Facebook, or WhatsApp, or their games, or Their work apps, or whatever they do, to work. They don't want to take the time to learn how to protect themselves.
Sad, but true.
If these restrictions turn out to be smoke and mirrors as they appear right now, so be it. But if they really do enforce a higher level of security than ever before?
I'm all for it.
Quote
Related Discussions
