this post was submitted on 06 Dec 2023
109 points (87.6% liked)

Technology

59626 readers
3064 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

Or maybe they will launch Win 12 with optional TPM support.

Imho making the OS(es) TPM only cannot be good for their business, many people are still on Win 10 with no intention to switch, since their motheboard does not support TPM and do not want to upgrade PC / waste PCI-E slot on TPM extension.

you are viewing a single comment's thread
view the rest of the comments
[–] Andi@feddit.uk 10 points 11 months ago* (last edited 11 months ago) (3 children)

No chance.

You concentrate on the TPM but ignore the CPU requirements...? If you have a CPU that is up to spec, you have a TPM - they're built in the CPU. Most people just need to turn it on in the BIOS (or update their BIOS as motherboard manufacturers have turned on the TPM as "Windows 11 support")

The truth of it is, every "jump" OS, i.e. 95, XP, 7, 10 has run really poorly on >5 year old chips at the time of launching. And MS got panned at "how slow" is was. But it was also the norm to update your PC more often. Now speed increases have slowed and Moore's Law has ended, it's about security and performance hit of said security. The truth is, the kernel hardening and malware protection and encryption built into 11 to make it far less likely to get infected than 10 and 7 means it needs the hardware support to do it. Without it, it runs far slower or is less secure. Neither anyone wants.

When 10 support ends in 2 years time, the lowest supported processor for 11 will be nearly 9 years old...

[–] Apothecary@lemmy.world 1 points 11 months ago (1 children)

I have an INTEL I9-10850K installed on a MSI MAG Z490 mobo that I bought in 2020 and neither have A TPM.

What is your definition of 'up to spec'?

[–] Andi@feddit.uk 2 points 11 months ago* (last edited 11 months ago) (1 children)

30 seconds on Google would've answered your question.

The TPM is part of the Intel Management Engine in your CPU.

In your motherboard UEFI firmware, goto Security - Trusted Computing and enable Security Device support.

Et voilà.

[–] Apothecary@lemmy.world 1 points 11 months ago (1 children)

Yep, you're right I can enable it.

I was going off of MSI's spec page for my motherboard and it says it has a connector for the TPM module so I assumed that meant it wasn't there by default.

[–] Andi@feddit.uk 2 points 11 months ago

To quote Under Siege 2 "assumption is the mother of all fuck ups".

3 years, dude! 😁

Enjoy giving Windows 11 a proper spin. I recommend choosing "English (World)" as the language/location, then you don't get any of the post install bloat / sponsored apps, etc installed too. Then when you log in, just change your locale to the correct one if you want to use the Microsoft Store. Or don't, if you want that to remain disabled.

[–] stealth_cookies@lemmy.ca 1 points 11 months ago (1 children)

I wonder how many people are suffering from terrible performance due to the AMD fTPU being a piece of shit? I've tried to turn it on for two different CPUs of different generations (3700X and 5800X) and they both had horrible stuttering. Even if I wanted to I couldn't upgrade to Windows 11 like Microsoft wants because the experience would be unacceptable.

Do you have any references for the reduced malware infections provided by Win 11 that requires the TPU?

[–] Andi@feddit.uk 3 points 11 months ago* (last edited 11 months ago)

It's not directly the TPM - it's the enhanced security instructions in the newer chips (which is the real reason for the very definite line drawn).

Read https://arstechnica.com/gadgets/2021/08/why-windows-11-has-such-strict-hardware-requirements-according-to-microsoft/ from "A towering stack of security acronyms"

[–] ceiphas@feddit.de -1 points 11 months ago (2 children)

the "infection protection" relies on you to trust Microsoft that they check everything you want to do to your PC. For computer illiterate users this may be a benefit, but only if MS doesn't turn evil or negligent or stupid and blocks apps that you need. You can brick a PC from remote with TPM.

[–] Blaster_M@lemmy.world 3 points 11 months ago

You can brick a pc from remote with a boot virus, without needing the TPM to do it.

[–] wmassingham@lemmy.world 1 points 11 months ago

How? You could certainly temporarily break the boot process, but I can't see how you'd completely brick it.