Microsoft to Ban Unsupported Machines from Windows 11 Updates

[ValenOne]

That's Zen+, not original Zen, though.

Not correct,

Read AMD's web link for Ryzen 3 3250U https://www.amd.com/en/products/apu/amd-ryzen-3-3250u

Zen = 14 nm
Zen+ = 12 nm

Ryzen 3 3250U is Zen 1 APU. Zen 1 APU has a single CCX module which is different from dual CCX modules (2 cores +2 cores) Ryzen 3 Zen 1 desktops.

AMD treating APUs like Radeon rename PR BS.

From https://docs.microsoft.com/en-au/wi...supported/windows-11-supported-amd-processors

Ryzen 3 3200U and Ryzen 3 3250U are 14 nm Zen APUs and these SKUs are supported in Windows 11's AMD CPU support list.

 

[R-T-B]

Microsoft Windows Government Backdoor edition. Nobody is asking for these TPM 2.0 modules and they will hurt W11 adoption massively, the only safe assumption is that someone is putting the pressure on MS to require them.

Yes, but it isn't the government you are looking for. It's private sector. Think DRM.

 

[lexluthermiester]

I realize I'm in the minority but I love this change. Yes, let me control which app opens which extension easily.

I love that feature too! Fine-grained controls are exactly what I've been asking for since the Windows 8 garbage. These are not meant to not make anything more difficult. What it means is that things take a little more time to configure. But on the upside, users get to set things up exactly the way we want them. That feature is part of what I love about Windows 11. While it might take more time to set up, it makes a ton of things much easier and less cumbersome!

I don't think it will be a problem for anyone.

Only the whiners who don't understand the feature will complain.(no offense to anyone here)

That era ended. Since Windows 10 you have to use the system settings to change associations. The apps can no longer make the changes themselves.

It's been brought back, but in a way that is not perfectly clear, YET. As discussed above, those settings are easily available to the user to change, it's just a little bit of a learning curve which I'm sure everyone will learn quickly and appreciate.

You'll have 5 years to continue using windows 10

Ah, the ultimatum argument. We really don't want to go there..

but in the end what's more expensive, upgrade the computers or pay the extended support fees like with windows 7?

You don't seem to understand how the things work, and I'm not going to detail it here. However, dropping the hammer on $16million worth of computers is not something most budgets will deal with. And that is but one facility.

Sure it wasn't entirely free, did people really pay for it?

Oh yes. For my personal systems I have 3 retail copies and 4 digital download CDKeys bought from key sellers. And that is for Windows 10 alone. For all other versions of Windows, dozens of COAs for either retail or OEMs. I am far from alone, so yes lots people actually buy Windows.

Think DRM.

Do you really think that might be a possibility? Can think of a dozen or so ways why that wouldn't work. I think it's microsoft trying to control the OS in a way that the normal user would have no idea how to change.

 

[Bomby569]

Yep, DRM is my bet for why they are so completely into shoving this thing into w11.

 

[Ametitu]

Now, that's a good feature.

 

[lexluthermiester]

Now, that's a good feature.

What is? You didn't quote anyone so we no idea what you are talking about or who you are responding to.. Please use the "Reply" button.

Hope that didn't seem rude, no offense was intended. You're a new user, it's understandable that you need a pointer about a site feature.

And Welcome to TPU!

 

[95Viper]

What is? You didn't quote anyone so we no idea what you are talking about or who you are responding to.. Please use the "Reply" button.

Hope that didn't seem rude, no offense was intended. You're a new user, it's understandable that you need a pointer about a site feature.

And Welcome to TPU!

I, believe, he/she is responding, with his/her opinion, to the topic (Microsoft to Ban Unsupported Machines from Windows 11 Updates).

 

[lexluthermiester]

I, believe, he/she is responding, with his/her opinion, to the topic (Microsoft to Ban Unsupported Machines from Windows 11 Updates).

Ah ok. Would not have guessed that 4 pages in.

 

[windwhirl]

Not correct,

Read AMD's web link for Ryzen 3 3250U https://www.amd.com/en/products/apu/amd-ryzen-3-3250u
View attachment 214877

Zen = 14 nm
Zen+ = 12 nm

Ryzen 3 3250U is Zen 1 APU. Zen 1 APU has a single CCX module which is different from dual CCX modules (2 cores +2 cores) Ryzen 3 Zen 1 desktops.

AMD treating APUs like Radeon rename PR BS.

From https://docs.microsoft.com/en-au/wi...supported/windows-11-supported-amd-processors

Ryzen 3 3200U and Ryzen 3 3250U are 14 nm Zen APUs and these SKUs are supported in Windows 11's AMD CPU support list.

Well, I did a bit of sleuthing around and it seems you're right. Sorry about that.

Though, now it begs the question of why that processor (which is, on top of being Zen1, a low end one) is on the list but the others are not. I mean, I'd understand it if all Zen1 processors were not supported, as one could simply make the assumption that Microsoft was not satisfied with their single thread performance (back when it launched it seemed to be somewhere pre-speculative execution mitigations Haswell's level). And as silly as it would sound, at least it would have been somewhat consistent. But with this... I don't know. Maybe for embedded or mobile applications, but it's strange nonetheless.

Think DRM.

That could be one possibility. Outside of DRM and Bitlocker, what other applications are there for a TPM? That don't require the user to go into configuring it or anything, an "it justs works" approach, a la Apple.

I love that feature too! Fine-grained controls are exactly what I've been asking for since the Windows 8 garbage. These to not make anything more difficult. What it means is that things take a little more time to configure. But on the upside, users get to set things up exactly the way we want them. That feature is part of what I love about Windows 11. While it might take more time to set up, it makes a ton of things much easier and less cumbersome!

Be that as it may, I'd have liked it if they had left the Windows 10 global association controls for less experienced users. And in general, it was a time saver, it set up most of the associations and then you could go in and change what you needed, but without having to go one by one.

It's been brought back, but in a way that is not perfectly clear, YET. As discussed above, thus setting are easily available to the user to change, it's just a little bit of a learning curve which I'm sure everyone will learn quickly and appreciate.

Well, that would be a game changer, I guess. I take it applications will have to be updated to do it? At least Foobar2000 still doesn't do it.
The text is in Spanish but it's basically pointing me to go to Settings to do the changes.

I mean, you tell me if you want to go one-by-one setting associations for Foobar200 when scrolling down the list of filetypes as fast as possible takes over 30 seconds lol

 

[lexluthermiester]

I mean, you tell me if you want to go one-by-one setting associations for Foobar200 when scrolling down the list of filetypes as fast as possible takes over 30 seconds lol

I've already been doing that. It takes an extra minute or two and it needs to be done only once.

However, I agree, the one click easy setting should be side by side with the fine-grained settings.

 

[ThrashZone]

Ah ok. Would not have guessed that 4 pages in.

Hi,
If you reply to the op nothing shows up in the reply it should of been above your quoted message
Don't believe you can quote a news thread either.

 

[Valent117]

when the w11 iso was released i immediately wiped my laptop ssd (had w11 installed from w10 and laggy af) and made a dual boot w10 w11 instead, w11 is clearly running better althought there are some slowdown but it's cpu related as it's a (weak) i3 6100u

 

[lexluthermiester]

Don't believe you can quote a news thread either.

Sure you can, it's easy.

 

[R-T-B]

That could be one possibility. Outside of DRM and Bitlocker, what other applications are there for a TPM? That don't require the user to go into configuring it or anything, an "it justs works" approach, a la Apple.

It's a glorified keylocker. Not much.

Do you really think that might be a possibility? Can think of a dozen or so ways why that wouldn't work.

It would work. I don't know why you think it wouldn't. But it'd just be another reason to avoid the ms-store.

I think it's microsoft trying to control the OS in a way that the normal user would have no idea how to change.

I doubt this. TPMs aren't really much more than hardware keylockers.

 

[trsttte]

You don't seem to understand how the things work, and I'm not going to detail it here. However, dropping the hammer on $16million worth of computers is not something most budgets will deal with. And that is but one facility.

Absolutely, upgrading a computer park costs a lot of money but like I said no one wants to work for free and at a certain point microsoft will want to sell another license to keep churning updates along. The alternative is a subscription model which I don't think we want either.

So what's the solution here right? In this case the easy answer would be for microsoft to not try to sell computers and just sell their software licenses (no free upgrades) and let manufacturers figure their business out (computers will still need to be bought anyway!), but they seem to have done a different deal. With how chromebooks are taking off maybe not the best plan to pull this kind of stunts but let's see how it goes I guess

 

[lexluthermiester]

It would work. I don't know why you think it wouldn't.

No really, explain how/where ANY form of DRM would depend in TPM and SecureBoot?

I doubt this. TPMs aren't really much more than hardware keylockers.

Oh? Please review the following and continue on till post #1031. This is not an isolated incident. Using SecureBoot to lock people out of their own PC makes troubleshooting impossible unless you crack the drive, but then that install of Windows will never boot again. SecureBoot does nothing for the average user. It only prevents people from modifying the data on their OS drive from outside the OS. There is no purpose to this other than for microsoft to lock an installation down from being altered. It is nothing but a slimy form of control. It also prevents use of all drive data encryption other than microsoft's own Bitlocker, which is known to have a back-door. Back-doors are NOT secure and running software that is not secure is, naturally, NOT good security.

So what's the solution here right?

The solution is telling microsoft that these requirements are wildly inappropriate & unacceptable, followed by a metaphoric foot in the butt-crack, starting with the CEO.

and just sell their software licenses (no free upgrades) and let manufacturers figure their business out (computers will still need to be bought anyway!),

That too!

 

[karakarga]

nVidia probably released their final drivers at August 31 2021 to their 6xx and 7xx series of graphics cards for Windows 7 and Windows 10, (maybe one more can come before October 2021). This is also a premature give up. Because, Windows 7 has one more year for paid customers. This means that, their paid Windows 7 will have no updates by means of graphics drivers by nVidia. They must logically have to extend 6xx and 7xx support at least for one more year, because there is a shortage at production we all know and the prices are too high. We will throw away whatever we got after 5 to 10 years, so paying too high for a new card is a truly money waste. Also, there is Windows 8.1, it's end of support date not yet reached either, which is 10 January 2023.

I have looked the new one, it is well not really good. I have installed open shell, and it placed it's start button to the left. The system either can be shut down from the left, or from the new menu. Seeing double menus made me laugh a bit! Stupid thing, I said....

Windows 10 is good, but I know how to update Windows 7 as well like paid customers with ESU bypass. I have started to think, do I have to use Windows 7 one more year or go through Windows 10. I have nVidia 670, 680, 770 and 780Ti on various machines based on Xeon v2, v3 and v4 CPU's. My latest is in my HP notebook, which carries a 3GB 1050. It has TPM 2.0 and Intel i7-1065G7 CPU. I will install Windows 11 to it, and see how it goes.

 

[R-T-B]

No really, explain how/where ANY form of DRM would depend in TPM and SecureBoot?

Encryption keys. Keys you can't easily get at.
Need I say more?

Oh? Please review the following and continue on till post #1031.

You are confusing three seperate concepts in that post. TPM, edrive, and SecureBoot. Yes they can work together but his core issue appears to be edrive not tpm or secure boot.

 

[lexluthermiester]

I know how to update Windows 7 as well like paid customers with ESU bypass.

Nice!

go through Windows 10.

Unless you need DX12/RTX for gaming, stick with 7 if you know how to keep it secure.

Encryption keys. Keys you can't easily get at.

That's not an example.

Need I say more?

Yuppers.

You are confusing three seperate concepts in that post. TPM, edrive, and SecureBoot.

No, I'm not. I'm not talking out of my butt. This is years worth of experience. SecureBoot is the runtime that locks a drive from casual outside access. SecureBoot requires TPM. Troubleshooting an installation from an external EBD is NOT possible with SecureBoot enabled. Using third party drive encryption with SecureBoot enabled is NOT possible(currently).

 

[R-T-B]

That's not an example.

Ok. I encrypt a game with keys stored in the TPM that can only be unlocked via a master key from something like ms store, steam, etc.

It can be done. Not sure how much more simple I can make it for you.

SecureBoot is the runtime that locks a drive from casual outside access.

No, it's a boot binary hash verifier. It's design is purely to protect against "evil-maid" attacks.
Now I know you are talking out of your butt, sorry.

PS: SecureBoot is something I use daily, and without a TPM I might add. We enroll our own TGC opal bootloader based on sedutil. No you can't see it.

 

[lexluthermiester]

Ok. I encrypt a game with keys stored in the TPM that can only be unlocked via a master key from something like ms store, steam, etc.

That's not exactly what TPM was designed for, but you're right, I don't see any reason why it can't be adapted.

No, it's a boot binary hash verifier. It's design is purely to protect against "evil-maid" attacks.

If that were true, an attacker could easily disable TPM & SecureBoot, boot a USB drive, alter or steal data from the host drive, reboot and reenable the TPM & SecureBoot and act like it's not there. This would work because the keys in the TPM module were not replaced. And if we were talking about TPM 1.x it would work flawlessly. However, with TPM2.0 the dynamic changes...

SecureBoot is something I use daily, and without a TPM I might add.

...and here it is. YOUR use-case-scenario is NOT what microsoft is doing.

Don't believe me? Install Windows 11 on a compliant system with everything enabled. Then, without changing any settings, try to boot a EBD like Hirens. When that fails, disable SecureBoot and try again. Let's see what happens when you get into the WinPE desktop... Yeah, have fun!

Now I know you are talking out of your butt, sorry.

Stop being childish.

 

[R-T-B]

If that were true, an attacker could easily disable TPM & SecureBoot, boot a USB drive, alter or steal data from the host drive, reboot and reenable the TPM & SecureBoot and act like it's not there. This would work because the keys in the TPM module were not replaced. And if we were talking about TPM 1.x it would work flawlessly. However, with TPM2.0 the dynamic changes...

They can.

That's where edrive fills the gaps. TCQ opal and its ilk.

Stop being childish.

I'm really not trying to be but I was quoting you, for the record

 

[lexluthermiester]

They can.

Ok...

Don't believe me? Install Windows 11 on a compliant system with everything enabled. Then, without changing any settings, try to boot a EBD like Hirens. When that fails, disable SecureBoot and try again. Let's see what happens when you get into the WinPE desktop... Yeah, have fun!

...go for it.

I'm really not trying to be but I was quoting you, for the record

...

 

[R-T-B]

Ok...

...go for it.

...

I'm unsure what you are aiming to prove with that. Of course it won't work. The encryption keys are likely in the TPM on a Windows 11 device. Secure boot isn't whats stopping you though, encryption is.

I've lost track of what you're even trying to establish, so out.

 

[lexluthermiester]

I'm unsure what you are aiming to prove with that. Of course it won't work.

That's what I've been saying. Tada!

The encryption keys are likely in the TPM on a Windows 11 device. Secure boot isn't whats stopping you though, encryption is.

The encryption scheme microsoft is employing doesn't work without SecureBoot. Tada!

I've lost track of what you're even trying to establish, so out.

That's because you didn't seem to understand the context to begin with.