Windows 11 24H2 to enforce HW requirement

[LukeTbk]

Windows obviously has access to the data, but it runs locally and has no reason to send user data anywhere.

I feel windows telemetry exist without copilot:
https://www.extremetech.com/computi...lects-an-awful-lot-of-telemetry-about-your-pc

Would copilot augment that, should be easy enough to spot on the traffic that get out ( I get not just wanting to take time to check if that the case too, if we really do not want it anyway, what is mind-boggling it is the intensity of the reaction to it)

 

[Elf_Boy]

It honestly wouldn't surprise me if this is their strategy after the discourse that happened when they initially revealed the intention of integrating Copilot into Windows 12. I have to wonder how many people are actually using it right now. As in, interacting with it on a regular basis vs. not disabling it.

I use copilot.

It has been very helpful for generating images I use for D&D and for Work Projects.

It also has the ability to look things up and find relevant information that I find useful.

 

[Zarathustra[H]]

?


This is what I was referring to. They cut off a LOT of perfectly capable CPUs.

Ah, I thought you were referring to making SSE4.2 a hard requirement per this thread.

Yeah, I agree, not supporting many more recent CPU's is just plain evil and wasteful.

I don't think it has to do with planned obsolescence. Microsoft couldn't give a rats ass whether or not Intel or AMD are selling CPU's.

I think it has more to do with creating a false reason for people to adopt Windows 11 instead of staying with Windows 10. Otherwise the Windows 11 adoption rate would be even worse than it is (and it is already pretty bad). That, and it probably doesn't hurt that they are getting rid of some maintenance and testing costs in the process by not needing to support and test older hardware.

In other words, it's all about their interests, not about the customer's interests, which illustrates how broken the market is. In a functioning market businesses should be falling over themselves trying to be the one that wins by giving the customer what they want. Time and time again we see that this model no longer works, and that's when it is appropriate to start talking about burning it all down and starting over.

We need to go Ma Bell on their asses. Every last one of them that is not responsive to every whim of their customer base. Breaking up Facebook (Meta) , Google (Alphabet), Microsoft, Amazon, etc. etc. Make like 10 different companies out of each of them and destroy their ability to distort markets. If they go out of business as a result, too bad. If they weren't giving the consumer what they want, then they shouldn't exist anyway. It's better for the consumer, and that should be all that matters.

Someone needs to tear through Silicon Valley like Sherman through Atlanta.

 

[LukeTbk]

Not sure it help to increase Windows 11 adoption to make Windows 11 harder to run on some hardware, maybe I do not follow.

Some of it could be simple legit new code important that need it (and easier to not support an older path or make 2 solutions if it is a new feature) but in general for pushing hardware requirement for computer that run windows (say like in the dual channel ram example for new laptop) it can be to stop being a branding that windows is a cheap&slow computing experience.

It's better for the consumer, and that should be all that matters.

When you read about Bell Labs history, the idea that breaking up giant company is obviously and automatically a good thing is not that obvious. Break google and it is possible that none of the new smaller trying to survive entity have 50 years in the future vision and plan that include cold fusion to power their power center, superconductor to make their chips/cable/battery, quantum computing and give humanity AlphaFold to humanity opensource just like that. There a long list of advantage to the existence of even monopolistic giant.

 

[Zarathustra[H]]

I mean what uninstalling it do versus never using it ?

Basic common sense. Don't leave hardware installed you don't use. It wastes power, and could result in vulnerabilities if you don't keep up with drivers. Same with BIOS settings you don't use. Disable all the ones that are not in use. And the same with software. Software that is not actively used should not have binaries present on a drive. It is wasteful, and potentially causes vulnerabilities.

It is basic engineering principle #1. KISS or Keep It Simple, Stupid. Minimize complexity whenever possible. The simplest solution (not the simplest interface or the simplest to use, but the solution that is the simplest) is always the best solution regardless of what it is you are working on. Whenever you add complexity you add cost, opportunities for failure/defects and lower reliability. Pair everything down to its absolute minimum with complete and utter abandon and contempt for things like aesthetics or convenience.

Do this for everything, regardless of the product or industry.

Only keep what is used, remove everything else. Kill the bloat. It is wasteful, risky when it comes to security, hurts performance and just plain annoying.

 

[Elf_Boy]

I use copilot.

It has been very helpful for generating images I use for D&D and for Work Projects.

It also has the ability to look things up and find relevant information that I find useful.

Here is an example, were I to google I would find various sites and articles maybe even an official MS KB on the topic and need to read though and parse the information, or I can ask copilot:

It isnt 100% accurate, neither are my friends and coworkers, and it is learning/growing. The few times I have needed to ask for it to correct a mistake the ai has both acknowledged the error I called it on was valid and corrected itself.

Not a tool for everyone and the stuck tot he side of the window and unmovable thing is atrocious.

 

[M76]

I feel windows telemetry exist without copilot:
https://www.extremetech.com/computi...lects-an-awful-lot-of-telemetry-about-your-pc

Would copilot augment that, should be easy enough to spot on the traffic that get out ( I get not just wanting to take time to check if that the case too, if we really do not want it anyway, what is mind-boggling it is the intensity of the reaction to it)

From what I found out Copilot runs server side, it doesn't even work offline. So there is your answer.

 

[Zarathustra[H]]

Not sure it help to increase Windows 11 adoption to make Windows 11 harder to run on some hardware, maybe I do not follow.

If you upgrade to a new CPU that lacks Windows 10 support, you have no choice but to "upgrade" to Windows 11.

(I mean, you can hack installers and shit like that, but the scheduler may be inefficient for modern CPU designs, and it could run poorly.)

 

[Sycraft]

I think it has more to do with creating a false reason for people to adopt Windows 11 instead of staying with Windows 10. Otherwise the Windows 11 adoption rate would be even worse than it is (and it is already pretty bad). That, and it probably doesn't hurt that they are getting rid of some maintenance and testing costs in the process by not needing to support and test older hardware.

No it's security reasons... but they are being silly about it. So the TPM and 8th gen or newer both come from HVCI/VBS. The idea is that the core of the OS runs in Ring -1, as a hypervisor, and you actually run in a virtual machine. The advantage is this allows things like kerberos tickets and other critical data to be held in memory that not even a rootkit can access. It is a real, no bullshit, good way of improving security against some kinds of attacks.

However that requires two things to be able to implement effectively:

1) Secure booting/code validation. After all, if a malicious program got in to that hypervisor, you'd have no way of detecting it. So it has to be secure. Hence they require secure boot and a TPM. That lets them make sure that the bootloader and kernel and such haven't been modified so they know they are loading up clean code.

2) Having sufficient virtualization performance such that the impact isn't a problem. I don't recall off the top of my head what the feature is the 8th gen gained but there is one and it matters to this. Without it, HVCI is going to be a whole lot slower.


So that's the reason. However, it is kinda stupid because you can always just run with HVCI off, many gamers do since it does have a performance impact, even if it is pretty small, and it breaks some hardware tuning tools since they no longer have direct hardware access. Also for home users the gains that HVCI gives aren't as important as business/domain users.

Thus they really should make it something that it will warn you about, and maybe either disable HVCI or say "Bro if you turn this on your are going to have problems," but they shouldn't flat out stop you from running on older systems.

 

[Lakados]

Ah, I thought you were referring to making SSE4.2 a hard requirement per this thread.

Yeah, I agree, not supporting many more recent CPU's is just plain evil and wasteful.

I don't think it has to do with planned obsolescence. Microsoft couldn't give a rats ass whether or not Intel or AMD are selling CPU's.

I think it has more to do with creating a false reason for people to adopt Windows 11 instead of staying with Windows 10. Otherwise the Windows 11 adoption rate would be even worse than it is (and it is already pretty bad). That, and it probably doesn't hurt that they are getting rid of some maintenance and testing costs in the process by not needing to support and test older hardware.

In other words, it's all about their interests, not about the customer's interests, which illustrates how broken the market is. In a functioning market businesses should be falling over themselves trying to be the one that wins by giving the customer what they want. Time and time again we see that this model no longer works, and that's when it is appropriate to start talking about burning it all down and starting over.

We need to go Ma Bell on their asses. Every last one of them that is not responsive to every whim of their customer base. Breaking up Facebook (Meta) , Google (Alphabet), Microsoft, Amazon, etc. etc. Make like 10 different companies out of each of them and destroy their ability to distort markets. If they go out of business as a result, too bad. If they weren't giving the consumer what they want, then they shouldn't exist anyway. It's better for the consumer, and that should be all that matters.

Someone needs to tear through Silicon Valley like Sherman through Atlanta.

I get why they cut it off where they did, Microsoft has some settings defaulted to on that requires things where they are and if they turn them off that gets them into some hot water with government and enterprise contracts because we reasonably require them to be on and if they are defaulted to off we need to essentially build up custom installers and images so we can ensure they are on otherwise we are playing a guessing game with did our GPO apply correctly on enrollment and its just a PITA. So default them to on and require the CPU to be newer, that said if you have an older CPU those security functions don't work but as they can still be toggled off it's not like the OS is dependent on them being there.

In regards to SSE4.2 it's about freeking time, for the overwhelming bulk of the SSE4 instruction set the overlapping commands are 2x faster at least and the new things and just good to have and more secure.

 

[LukeTbk]

From what I found out Copilot runs server side, it doesn't even work offline. So there is your answer.

Yes when you use it, if I ask it a question I know it will send a request (like if a do a search on google or any other service), I meant:
1) Data that is not explicitely in the request (what you typed, the screen shot you added or the website you asked it to take into account)
2) For someone that never use it.

Basic common sense.

I get all of that (if the action to remove them is not more complicated itself than the saved complication), but the difference in intensity toward the copilot versus the virtual desktop feature or notification zone, for example...

 

[bigdogchris]

It is still a jerk move. If you stayed on Win10 then you would continue to get security updates. If you upgraded to MS' new toy like you "expected to" you have painted yourself into a cover requiring a reinstall.

Those CPU's are not on the supported hardware list. If you decide to bypass that and install it anyways, that's a You issue.

Now, whether or not Microsoft should extend Security Updates for Windows 10 past 2025, that's a different discussion.

 

[Zarathustra[H]]

Here is an example, were I to google I would find various sites and articles maybe even an official MS KB on the topic and need to read though and parse the information, or I can ask copilot:

View attachment 635293

It isnt 100% accurate, neither are my friends and coworkers, and it is learning/growing. The few times I have needed to ask for it to correct a mistake the ai has both acknowledged the error I called it on was valid and corrected itself.

Not a tool for everyone and the stuck tot he side of the window and unmovable thing is atrocious.

I'd rather spend hours reading the source materials. I do not trust information I have not fully absorbed myself. AI will never be acceptable for me. I don't trust other humans to do it either. At least not unless they are subject matter experts on a given topic.

I'm a details person. The only way I trust anything is by reviewing all the data manually myself. I just don't understand how anyone can be so cavalier about information, especially if they are planning on making decisions based on it.

Sure, I mean, take a risk based approach. Use AI for trivial shit that does not matter if you get it wrong, and manually review everything else, but the truth is, I can't think of anything that is so trivial that I'd be willing to outsource the information gathering/summarizing process to a technology I have so little trust in.

Even if it is something trivial like using a voice recognition to add a calendar entry to my calendar, I don't trust it. My appointments are important to me, and I am unwilling to risk some dumb-ass AI model screwing up my day.

If I don't control the nitty gritty detail of 100% of everything, I want nothing to do with it.

 

[LukeTbk]

If you upgrade to a new CPU that lacks Windows 10 support, you have no choice but to "upgrade" to Windows 11.

Yes I did not follow, what would be a cpu that cannot run Windows 10 but can run Windows 11 would look like ?

 

[Zarathustra[H]]

I get why they cut it off where they did, Microsoft has some settings defaulted to on that requires things where they are and if they turn them off that gets them into some hot water with government and enterprise contracts because we reasonably require them to be on and if they are defaulted to off we need to essentially build up custom installers and images so we can ensure they are on otherwise we are playing a guessing game with did our GPO apply correctly on enrollment and its just a PITA. So default them to on and require the CPU to be newer, that said if you have an older CPU those security functions don't work but as they can still be toggled off it's not like the OS is dependent on them being there.

In regards to SSE4.2 it's about freeking time, for the overwhelming bulk of the SSE4 instruction set the overlapping commands are 2x faster at least and the new things and just good to have and more secure.

I'm curious. What default settings crucial for Enterprise use that require SSE4.2?

I would have guessed something to do with encryption, but does that require SSE4.2? I would have figured a lot of that stuff happens in AES-NI.

 

[Zarathustra[H]]

Yes I did not follow, what would be a cpu that cannot run Windows 10 but can run Windows 11 would look like ?

I can't seem to find the news stories that were going around right before the Windows 11 launch, but I distinctly recall Microsoft, AMD and Intel announcing new CPU's launched after Windows 11 was launched would not be getting drivers or scheduler optimizations in Windows 10.

This means anything Alder Lake (12th gen) or newer on the Intel side or any of the AMD Ryzen 5000 series X3D CPU's or newer do not have proper support in Windows 10.

The driver model is the same in Windows 10 and Windows 11, so you should probably be able to hack in Windows 11 drivers into Windows 10, but that may not work right.

Also, Intel introduced their Big/Little design after this, meaning the Windows 10 Scheduler will not be aware of or know what to do with P-Cores vs E-Cores which could be a big performance problem.

You might be able to solve these by hacking your way there, but the official answer from Microsoft, Intel and AMD is that any CPU released after October 2021 does not support Windows 10 and thus requires Windows 11.

On the AMD side we see this evidenced with pretty bad game performance unless you happen to be running the Windows 11 version of the Xbox app in the background. Wrong cores are used, and used improperly, and it is kind of a mess.

 

[uOpt]

On the bright side though they would be phasing out the SSE2 instructions they currently use and replacing them with SSE4, SSE4 executes roughly 2x faster than SSE2 on those same commands so, net positive to performance and security.

Yeah, but just a couple of places in the OS-supplied DLLs won't make the Kohl fett.

If this was open source you could recompile the world with flags for instructions of your choice yourself.

 

[Lakados]

I'm curious. What default settings crucial for Enterprise use that require SSE4.2?

I would have guessed something to do with encryption, but does that require SSE4.2? I would have figured a lot of that stuff happens in AES-NI.

SSE4 is not so much a feature thing but the instruction set itself is more secure, less buggy, runs faster, and has better support for VM and virtual hardware.
Windows 10 and 11 up to now still use a lot of SSE2 instructions and Microsoft maintains a lot of internal security to counter their known issues. Remove support for them and you can remove the security workarounds that are in place to secure it and that further improves performance.

 

[Zarathustra[H]]

SSE4 is not so much a feature thing but the instruction set itself is more secure, less buggy, runs faster, and has better support for VM and virtual hardware.
Windows 10 and 11 up to now still use a lot of SSE2 instructions and Microsoft maintains a lot of internal security to counter their known issues. Remove support for them and you can remove the security workarounds that are in place to secure it and that further improves performance.

Thanks for the explanation. I did not know that.

So this should allow them to slowly recompile things to get rid of the need for old SSE instructions.

 

[Armenius]

Just for perspective: Trying to run a processor on Windows 11 with instruction sets older than SSE4 would be like trying to run Windows 98 on an Intel 8086.

 

[DukenukemX]

Windows 11 is a 2021 OS, not 2024, even if these CPUs are ancient, changing HW requirements in an update should be a no-no. If the precedent is set they might alter the deal further later.

This is the problem right here. You can't make hardware requirements stricter while people are already using the OS.

 

[Zarathustra[H]]

Windows 11 is a 2021 OS, not 2024, even if these CPUs are ancient, changing HW requirements in an update should be a no-no. If the precedent is set they might alter the deal further later.

This is the problem right here. You can't make hardware requirements stricter while people are already using the OS.

This I do agree with.

I guess this has to do with Microsoft not considering this to be a continuation of Windows 11, even though they are naming it that way. It is what they intended to be Windows 12.

Changing the requirements mid stream is profoundly shitty.

That said, I wonder how many users this really applies to though. It really has to be a very tiny sliver of systems. Too old and they won't have NX bit and other things already required since Windows 10 (I think. May have been 8) The list of CPU's that have NX bit and other Win10 requirements but don't have SSE4.2 has to be pretty small.

 

[uOpt]

SSE4 is not so much a feature thing but the instruction set itself is more secure, less buggy, runs faster, and has better support for VM and virtual hardware.
Windows 10 and 11 up to now still use a lot of SSE2 instructions and Microsoft maintains a lot of internal security to counter their known issues. Remove support for them and you can remove the security workarounds that are in place to secure it and that further improves performance.

No, you can't drop the mitigations. You provide some code without SSE2, but the application (or even drivers) that the user installs will still have them.

 

[Lakados]

No, you can't drop the mitigations. You provide some code without SSE2, but the application (or even drivers) that the user installs will still have them.

I suppose but if you give everybody deprecation messages for hardware and basically announce dropping support for SSE 2 and 3 then they could. Not right away but down the road.

 

[M76]

Just for perspective: Trying to run a processor on Windows 11 with instruction sets older than SSE4 would be like trying to run Windows 98 on an Intel 8086.

A 8086 was virtually useless by 2001, a core2 is still capable of some tasks in 2024. Progress has slowed down significantly since the nineties, that is probably why they went with the planned obsolescence route with W11. Until now it was just on paper, but now everyone running "unsupported" CPUs can count the days until they come for their CPU. There are CPUs on the unsupported list that were sold new up to 2019.

 

[GotNoRice]

It's kind of depressing, as this will be the end of quite a few Core2Quad-era systems that have otherwise continued to be useful. I had been testing Canary builds on a Pentium 4 until recently, but nothing lasts forever I guess.

On one hand are my hobby/enthusiast motivations, where I've enjoyed trying to keep older computer hardware useful as long as possible ever since I was a kid. It will always make me sad to see hardware get cut-off. On the other hand, the reality is that the prices of older hardware (that supports SSE4a/4.2) is extremely low. It's hard to justify once you take nostalgia out of the equation. The few ultra-old systems that are still useful are all nearing the end of their useful lives anyway, and they've still got ~20 months left. There is a lot of cheap used hardware that does support SSE4a/4.2. E-Recycling companies dump old decommissioned dell office workstations on eBay for almost nothing.

It is still a jerk move. If you stayed on Win10 then you would continue to get security updates. If you upgraded to MS' new toy like you "expected to" you have painted yourself into a cover requiring a reinstall.

Windows 10 hits End of Life in October 2025, Windows 11 23H2 hits End of Life in November 2025, so you actually get an extra month even if you end up stuck on Windows 11 23H2. You're not getting updates longer by sticking with 10.

The only way you would get Windows 10 updates past October 2025 is with an LTSC version. Windows 11 will have an LTSC version releasing this year. It will be interesting to see if the Windows 11 LTSC version is based on 23H2 or 24H2.

 

[Dopamin3]

Windows 11 is a 2021 OS, not 2024, even if these CPUs are ancient, changing HW requirements in an update should be a no-no. If the precedent is set they might alter the deal further later.

Except.... this doesn't change the supported processors for Windows 11. If you are already on an officially supported architecture you won't have any issues on this update.

This is only going to affect people who bypassed the TPM 2.0 requirement, in which case Windows 11 wasn't even supported in the first place. This is not changing the requirement, just actually enforcing it. And again some of these architectures didn't even support Windows 10.

 

[equinox654]

This thread reminded me to check on the state of Linux. I installed Nobara Linux and it is looking good. Proton is trivial to enable in steam now.
This weekend I am going to try to setup the steam deck ui for when I am playing on a controller on my tv.

 

[M76]

Except.... this doesn't change the supported processors for Windows 11. If you are already on an officially supported architecture you won't have any issues on this update.

This is only going to affect people who bypassed the TPM 2.0 requirement, in which case Windows 11 wasn't even supported in the first place. This is not changing the requirement, just actually enforcing it. And again some of these architectures didn't even support Windows 10.

Official support is just like an EULA, good to hide behind, but meaningless in reality. It's not the people who used workarounds to bypass arbitrary HW requirement who are in the wrong, it is MS for thinking it would be a good idea to cut support for a bunch of perfectly capable computers.

Or do you think people with Kaby Lake CPUs should just add their laptops and computers to a landfill and buy something new? It wouldn't be so ironic if MS didn't preach about sustainability like all major corporations.

 

[LurkerLito]

I have TPM 2.0 off in my system and I won't enable it. I just don't get how people are okay with it. It's a security option where YOU the OWNER of the PC don't get to have the keys to the device and have to trust MS that something is okay to install on YOUR system. I don't think I am paranoid but FFS everyone goes on and on about zero trust computing, when the ONLY person you should be trusting is YOURSELF. I should be the ONLY person who can okay and sign a boot loader that can install something on my system NOT MS. Where is that ability?

 

[pendragon1]

I have TPM 2.0 off in my system and I won't enable it. I just don't get how people are okay with it. It's a security option where YOU the OWNER of the PC don't get to have the keys to the device and have to trust MS that something is okay to install on YOUR system. I don't think I am paranoid but FFS everyone goes on and on about zero trust computing, when the ONLY person you should be trusting is YOURSELF. I should be the ONLY person who can okay and sign a boot loader that can install something on my system NOT MS. Where is that ability?

when you enable tpm it gives YOU the key....

 

[Dopamin3]

Official support is just like an EULA, good to hide behind, but meaningless in reality. It's not the people who used workarounds to bypass arbitrary HW requirement who are in the wrong, it is MS for thinking it would be a good idea to cut support for a bunch of perfectly capable computers.

Or do you think people with Kaby Lake CPUs should just add their laptops and computers to a landfill and buy something new? It wouldn't be so ironic if MS didn't preach about sustainability like all major corporations.

An OS's supported hardware is 100% meaningful. Should every piece of hardware ever made be supported on every OS ever? EULAs are lengthy and often disregarded by end users but also aren't meaningless.

You act as if Windows 11 is the only option for people with older hardware. Absolutely not. Feel free to use Linux, which at this current time most distros still support i386. You can even continue running your older version of Windows after the support date ends if you choose. Throwing away older laptops and desktops is not necessary when options like this exist.

 

[d3athf1sh]

I don't think it has to do with planned obsolescence. Microsoft couldn't give a rats ass whether or not Intel or AMD are selling CPU's.

but most people/users don't just change processors. they buy whole new computers which in turn get's a copy of windows and they hope people will be dumb enough to subscribe to O365 instead of just using the copy of office 2010 they had on their old pc for years. win/win for both MS and amd/intel

 

[M76]

An OS's supported hardware is 100% meaningful. Should every piece of hardware ever made be supported on every OS ever? EULAs are lengthy and often disregarded by end users but also aren't meaningless.

Kaby Lake is not every hardware ever made, but a relatively recent and capable family of CPUs, especially at the time of W11's first release. A mainstream OS should support all HW, that is not EOL. Intel only ends support for kaby lake in 2024, yet it wasn't good enough for W11 in 2021.

An EULA cannot set worse conditions for the consumer than existing consumer rights. Any clause that would remove rights is automatically void.

You act as if Windows 11 is the only option for people with older hardware. Absolutely not. Feel free to use Linux, which at this current time most distros still support i386. You can even continue running your older version of Windows after the support date ends if you choose. Throwing away older laptops and desktops is not necessary when options like this exist.

You act as if switching to linux is a genuine option to average computer users. Especially if you don't want to replace your whole software suite. If you even have suitable alternatives.

 

[LukeTbk]

I have TPM 2.0 off in my system and I won't enable it. I just don't get how people are okay with it. It's a security option where YOU the OWNER of the PC don't get to have the keys to the device and have to trust MS that something is okay to install on YOUR system. I don't think I am paranoid but FFS everyone goes on and on about zero trust computing, when the ONLY person you should be trusting is YOURSELF. I should be the ONLY person who can okay and sign a boot loader that can install something on my system NOT MS. Where is that ability?

Isn't that on the application side ? An app is registrered and require TPM or they do not, Linux-Windows offer user the ability to use said application if they want to. Does having TPM 2.0 on just not increase the amount of application you can install and not reduce it in anyway ? I have tpm enabled I think, I still can make an application without ever talking to microsoft and install it and run it on my computer. Maybe I do not understand how it work or what you mean.

If I did not made my own compiler, to compile the compiler that I will use to compile application only from source code I can read and understand on hardware-bios-etc... that I also made myself, I cannot be in a situation that I will only be trusting myself and certainly not something that would be worth the pain. Would I be wanting to make concentrated Uranium with a very powerful international community filled with the best hardware-software trying to stop me, maybe I would be in a trusting only myself to build the compute needed mode, but the regular guy... I would trust AMD-intel-massively used open source code-the compiler I use to compile it, etc...

 

[Zarathustra[H]]

but most people/users don't just change processors. they buy whole new computers which in turn get's a copy of windows and they hope people will be dumb enough to subscribe to O365 instead of just using the copy of office 2010 they had on their old pc for years. win/win for both MS and amd/intel

I'm getting more and more that most people just don't buy computers at all anymore.

They are happy with their phones and tablet media consumption devices.

Or at the very least they cant justify spending more money when those devices already do most of what they need.

PC Gaming - stupid as it has become with all of its streaming and RGB - has been in a huge resurgence in the last decade. The market is massively larger now than it was in the 90's and early 2000's that most of us consider the golden period of PC gaming. At the same time, overall home PC sales are not what they used to be.

I guess what I am saying is, I think the percentage of DIY:ers who build their own PC's, is probably the highest now it has been at any time in the last 20-25 years. Not as high as back in the early 90's, but...

 

[LukeTbk]

e, overall home PC sales are not what they used to be.

In 1997 your 1991 PC felt quite outdated, no CD player, not really the capability to browse the html web, in a way that has not been true for a while now, a high end 2018 pc will not feel outdated outside high end gaming-very compute heavy affair.

Laptop gained a lot over desktop, it probably peaked around 2011-2012...

That said:
Worldwide PC shipments totaled 64.3 million units in the third quarter of 2023

That still around 250millions unit a year and because 350 millions were sold in 2021 from the pandemic demand a lot of people were on new stuff.

DIY is big, but laptop is still also quite big and DIY is quite rare in that compute format.

 

[LurkerLito]

Isn't that on the application side ? An app is registrered and require TPM or they do not, Linux-Windows offer user the ability to use said application if they want to. Does having TPM 2.0 on just not increase the amount of application you can install and not reduce it in anyway ? I have tpm enabled I think, I still can make an application without ever talking to microsoft and install it and run it on my computer. Maybe I do not understand how it work or what you mean.

If I did not made my own compiler, to compile the compiler that I will use to compile application only from source code I can read and understand on hardware-bios-etc... that I also made myself, I cannot be in a situation that I will only be trusting myself and certainly not something that would be worth the pain. Would I be wanting to make concentrated Uranium with a very powerful international community filled with the best hardware-software trying to stop me, maybe I would be in a trusting only myself to build the compute needed mode, but the regular guy... I would trust AMD-intel-massively used open source code-the compiler I use to compile it, etc...

No it should be bios side. When you boot a new system and want TPM enabled you should need a USB flash drive for a backup. Then it should require you to put in a password for the ability to sign boot loaders you as the owner of the system approve of. After that setup it should then back up that data to the USB flash drive. Then when you try and install say Windows, the bios should prompt you that a boot loader with a MS signature is asking to be allowed to be installed on the system. Then it should prompt you for your trust level Full, Partial, One Time only. If Full trust is given it'll work as it does today. MS has full access to the system and can install whatever they want cause you gave them full admin access. If Partial, it will only allow the current files being installed to boot on the system, every update to the boot loader or key stores will require you to approve it again. The one time only option will require you to sign it on every boot and a good option for testing.

It shouldn't be Linux who has to beg MS to sign their boot loaders so you can install Linux on your computer, it should be everyone including MS that should be begging to you to sign and approve of their software so they can be allowed to put their software on your system. All these Trusted systems are all designed incorrectly as they are only trusting the corporation who don't own the device. You as the buyer are the only thing the trusted system in the hardware should trust, and unless you approve of the software, it should never assume you trust Apple, MS, Google, or anything else till you actually sign it and approve it. In other words, it's my hardware I AM GOD here, you ask for my permission, I don't ask for yours. That is how a trusted platform module should work.

 

[GoodBoy]

I have TPM 2.0 off in my system and I won't enable it. I just don't get how people are okay with it. It's a security option where YOU the OWNER of the PC don't get to have the keys to the device and have to trust MS that something is okay to install on YOUR system. I don't think I am paranoid but FFS everyone goes on and on about zero trust computing, when the ONLY person you should be trusting is YOURSELF. I should be the ONLY person who can okay and sign a boot loader that can install something on my system NOT MS. Where is that ability?

You have the keys, they are stored in the TPM chip on the motherboard.

"TPM can securely store cryptographic keys that are specific to the host system and provide restricted access to the stored keys and secrets."
https://community.infineon.com/t5/B...-and-cryptographic-keys-in-TPM2-0/ba-p/408020

 

[LukeTbk]

It shouldn't be Linux who has to beg MS to sign their boot loaders so you can install Linux on your computer,

Isn't the Trust computing group that sign boot loader ? Not sure microsoft is involved in the loop at all (for sure it does not need to be, maybe some laptop maker make it so, but that on them).