WW 730: The New Windows 11

It does not currently work in Win11. Possibly a bug more than a feature but only time will tell.

1 Like

I kinda think they’re mandating it to ensure a consistent experience during display rotation. The taskbar has been a bit of a kludge in the past with that sort of usage unless you had it on the bottom.

Installed with no issues last night in my VMware Fusion VM. Originally got an email from Windows Insider saying my PC wasn’t compatible (I only have the VM), but had another email last night saying the update was available. Haven’t touched any TPM settings, just added a bit of RAM.

1 Like

They relaxed the requirements to allow testing of some older hardware to see if compatibility was going to be an issue. Possibly the more people who test the preview on older hardware the more lax they will be with the final release. Only time will tell.

I have it installed on a 2nd Gen Surface Book with 8th gen processor and TPM 2 and everything works fine on there. I also have it installed on a 6th gen Processor TPM 2 Dell laptop that everything is functioning fine on it as well. I’m going to try installing it on a older 4th gen processor with no TPM probably this weekend and see how that goes. Others have installed it on stuff going back to Core 2 Duo and everything has worked decently but a little slow. Time will tell what all will be available and what gets locked down.

I was doing some reading today, and it seems that the 8th generation processor requirement might not be so arbitrary. It looks, from the reading I did, that the 8th generation processor was the first to include hardware protection against Meltdown and Spectre v2.

interesting theory but how many of us share workloads with random clients on our personal PCs? hard to understand what they are thinking over there.

1 Like

You don’t have any family photos, you don’t want encrypted and held to ransom? You don’t do online banking on your PC?

There are lots of reasons why increased security is a good idea. The problem is, that is just conjecture, on my part, because Microsoft won’t make an explicit statement about why Gen 8 is the cutoff.

1 Like

That is what was originally said but when they released the insider preview they said they were relaxing the requirements to see what older gen processors and hardware it could run on. My guess is they will let gen 7 processors in maybe gen 6 though I wouldn’t hold my breath on the gen 6. So not really such a hard cut off atleast not yet.

1 Like

I don’t think anyone is against increased security, but give users the option to bypass extraneous security features if they wish. Especially arbitrary ones.

The problem is, if the security is optional, it is useless. If there is a way for the user to legitimately deactivate or workaround the security, that same route is open to bad actors.

We have to learn that good security has to be baked in and you can’t circumvent it.

At the moment, if you don’t want the added security of 11, stay with 10… If your machine doesn’t have the required minimum hardware level for good security, stay with 10, until you get a new PC.

I’m saying that as someone who will have to replace all of their PCs in order to “turn it up to 11”.

As I said above, if this really is about hardware features introduced in Gen 8, and that is the price for increased security, I am okay with that, even if I have to replace my PCs. On the other hand, if it is just a marketing gimmick to get us to buy newer hardware, I will seriously look at putting Linux on my PC again.

1 Like

I’m not sure if I subscribe to this, at least in terms of the general population. By this logic, we shouldn’t even let people use computers. The majority of security incidents are still attacks of opportunity rather than calculated APTs - things sitting on the WAN that were never meant to be, poor judgement, or simple coding oversight.

Regardless, the things that Microsoft are proposing here wouldn’t address any of that. Features provided utilizing TPM are entirely optional and will remain so in Win11. They’re just making it so the only part that’s not optional is needing an extraneous piece of hardware sitting on my mainboard for no reason. I can’t wait for the thing to crap out on me; had a TPM on a Surface Book die on me and had to replace the whole thing.

Security, in my mind, starts with hardening. Stripping out things that aren’t necessary in order to limit attack vectors (like the print spooler service!). Adding hardware doesn’t help with that.

This is the idea behind the principle of defense in depth. I have no problem with the OS offering additional layers of security, and I agree that it can’t really be optional while remaining effective. There are too many people who will read something BS on the Internet and then think they need to disable the “spying of the MS firewall” or some BS like that. As ever, it’s a tradeoff between effective security and user stupidity … oops I mean user friendliness… It seems you can’t have nice things because users are too willing to click the cute button to install that cyrpto-malware backdrop with kitties.

1 Like

It is always a trade-off. But designing secure means that the system is more secure and robust and less susceptible to user errors. If the security is built in as an afterthought or it can optionally be disabled, the malware can disable it. If that security is built in from the get-go, then there is no chance for the malware to get a foothold by simply turning off those security features.

That isn’t to say it will be 100% secure or that there can’t be errors that can be used. But the whole art of computer security is to reduce your attack surface to the minimum. If that means that the security has to be baked in on by default, as per iOS, Android and, more and more, macOS. Windows is still in the “we can add security, for those that want it,” and by doing that they are building in weaknesses that the users who use those features don’t expect.

The biggest weakness of Windows, though, is that they make the first user added duing installation the administrator! That is the stupidist thing you can do in security terms. Especially as that user is also a Microsoft Online user, at least for Home installations, these days. The first thing every user should do is add a real administration account, preferably a local account, and remove the administration abilities from their own account.

But only a fraction of users ever do that. It really needs Microsoft to step up their game and do security right, from the start. But they have done it wrong for over 3 decades and people are resistant to change, even if it is there to make their lives better and simpler, in the long run.

2 Likes

I’m saying spectre and meltdown remediation aren’t reasonable motivations to force cpu upgrades for typical PCs. if we have a process on our PC that can take advantage of those flaws we are already badly compromised.

1 Like

This may be of some interest about Windows 11 and the absolute need for some of the requirements communicated so far. It gives work-arounds to get it installed (as of right now) on machines that may not appear to be allowable.

Yeah that was an interesting video, they even showed running Windows 11 on a C2D Processor which is pretty significant.

Is anyone being forced to upgrade? Windows 10 is being supported for another 4+ years.

1 Like

Exactly - they’re just trying to drum up interest in 11

No one is being forced that I can see right now. Windows 10 looks to still be a viable option for the foreseeable future. I’m sure a time will come that they will be pushing Windows 11 a lot more but there isn’t much they can do at the moment as most people don’t have hardware new enough or at the very least dont have the TPM requirements as that was not normal for most consumer grade hardware.
Hopefully what they are doing has real implications of reducing security risks and will help to eliminate a lot of the security issues in the future and not just a push to sell newer hardware. I guess only time will tell.

2 Likes

It also seems that a lot of people seem to think this has to do with Microsoft’s push for Windows 365 (cloud based OS) a either upgrade all of your equipment or just subscribe to our service and don’t worry about upgrading equipment anymore type of approach.

Introducing a new era of hybrid personal computing: the Windows 365 Cloud PC | Microsoft 365 Blog