the “infection protection” relies on you to trust Microsoft that they check everything you want to do to your PC. For computer illiterate users this may be a benefit, but only if MS doesn’t turn evil or negligent or stupid and blocks apps that you need. You can brick a PC from remote with TPM.
Comment on Will Microsoft drop the TPM requirement for Win 11 once Win 12 rolls around?
Andi@feddit.uk 11 months ago
No chance.
You concentrate on the TPM but ignore the CPU requirements…? If you have a CPU that is up to spec, you have a TPM - they’re built in the CPU. Most people just need to turn it on in the BIOS (or uodate their BIOS as motherboard manufacturers have turned on the TPM as “Windows 11 support”
The truth of it is, every “jump” OS, i.e. 95, XP, 7, 10 has run really poorly on >5 year old chips at the time of launching. And MS got panned at “how slow” is was. But it was also the norm to update your PC more often. Now speed increases have slowed and Moore’s Law has ended, it’s about security and performance hit of said security. The truth is, the kernel hardening and malware protection and encryption built into 11 to make it far less likely to get infected than 10 and 7 means it needs the hardware support to do it. Without it, it runs far slower or is less secure. Neither anyone wants.
When 10 support ends in 2 years time, the lowest supported processor for 11 will be nearly 9 years old…
ceiphas@feddit.de 11 months ago
Blaster_M@lemmy.world 11 months ago
You can brick a pc from remote with a boot virus, without needing the TPM to do it.
wmassingham@lemmy.world 11 months ago
How? You could certainly temporarily break the boot process, but I can’t see how you’d completely brick it.
Apothecary@lemmy.world 11 months ago
I have an INTEL I9-10850K installed on a MSI MAG Z490 mobo that I bought in 2020 and neither have A TPM.
What is your definition of ‘up to spec’?
Andi@feddit.uk 11 months ago
30 seconds on Google would’ve answered your question.
The TPM is part of the Intel Management Engine.
In your motherboard UEFI firmware, goto Security - Trusted Computing and enable Security Device support.
Et voilà.
Apothecary@lemmy.world 11 months ago
Yep, you’re right I can enable it.
I was going off of MSI’s spec page for my motherboard and it says it has a connector for the TPM module so I assumed that meant it wasn’t there by default. Image
Andi@feddit.uk 11 months ago
To quote Under Siege 2 “assumption is the mother of all fuck ups”.
3 years, dude! 😁
Enjoy giving Windows 11 a proper spin. I recommend choosing “English (World)” as the language/location, then you don’t get any of the post install bloat / sponsored apps, etc installed too. Then when you log in, just change your locale to the correct one if you want to use the Microsoft Store. Or don’t, if you want that to remain disabled.
stealth_cookies@lemmy.ca 11 months ago
I wonder how many people are suffering from terrible performance due to the AMD fTPU being a piece of shit? I’ve tried to turn it on for two different CPUs of different generations (3700X and 5800X) and they both had horrible stuttering. Even if I wanted to I couldn’t upgrade to Windows 11 like Microsoft wants because the experience would be unacceptable.
Do you have any references for the reduced malware infections provided by Win 11 that requires the TPU?
Andi@feddit.uk 11 months ago
It’s not directly the TPU - it’s the enhanced security instructions in the newer chips (which is the real reason for the very definite line drawn).
Read arstechnica.com/…/why-windows-11-has-such-strict-… from “A towering stack of security acronyms”
HidingCat@kbin.social 11 months ago
Damn, some sense around these parts. Always felt the TPM issue was overblown. Unless you wanted Win11 on day 1, and no sensible user should be doing that anyway!