Yep, exactly this. You can bypass the TPM and Processor requirements, but at some point it will come back to bite someone in the butt.
Microsoft with the 24H2 update broke Windows 11 for older systems (like Core2Duo, which are already ancient) due to a lack of required processor instructions. I’ve seen systems running under QEMU, and also on newer systems like the AMD Ryzen Zen1 platform experience “Unsupported Processor” BSODs preventing the system from booting.
Even outside of that, Microsoft doesn’t deploy the yearly feature roll-ups to systems with unsupported hardware, even if Windows 11 is already installed. I’ve seen many unsupported systems end up stuck 1-2 builds behind, and they never see the update. They have to be manually updated using the same mechanisms that got Windows 11 installed in the first place.
Microsoft I believe, expects Windows 11 to be running on a minimum set of hardware, and that’s all they are qualifying it for. So older systems are going to eat it at some point if they are used in production.
The TPM checks are for security but, certainly not required if someone is willing to drop system security for some reason.
TPM is more about securing data from PC owners rather than for them. Since it’s there anyways, it is used to support bitlocker, but the reason they are pushing it so much is because it might (depending on whether it actually is secure) be able to allow content providers to allow users to view their content without needing to give them access to copy or edit it.
And there isn’t any guarantee that the uses that do benefit the user’s security don’t have some backdoor for approved crackers to get in. Like doesn’t the MS account store a copy of the recovery key for bitlocker? Which is nice for when the user needs it, but also comes in handy if MS wants to grant access to anyone else.
Microsoft does on Home Edition without even asking, and it doesn’t provide the users with a choice to store the key locally OR put it on the Cloud account, like Windows Pro does. I’m sure Microsoft has a master key to an account as well. But one can hope they do not, and they are also storing those BitLocker keys in an encrypted fashion in whatever database runs the backend.
Also agree with you on TPMs. They are useful when invoked by the user. DRM on content and software is, and always will be, anti-consumer. As for now secure TPMs are, I know Infineon did have that Random Number Generator bug which basically broke the TPMs. So there’s that.
Yep, exactly this. You can bypass the TPM and Processor requirements, but at some point it will come back to bite someone in the butt.
Microsoft with the 24H2 update broke Windows 11 for older systems (like Core2Duo, which are already ancient) due to a lack of required processor instructions. I’ve seen systems running under QEMU, and also on newer systems like the AMD Ryzen Zen1 platform experience “Unsupported Processor” BSODs preventing the system from booting.
Even outside of that, Microsoft doesn’t deploy the yearly feature roll-ups to systems with unsupported hardware, even if Windows 11 is already installed. I’ve seen many unsupported systems end up stuck 1-2 builds behind, and they never see the update. They have to be manually updated using the same mechanisms that got Windows 11 installed in the first place.
Microsoft I believe, expects Windows 11 to be running on a minimum set of hardware, and that’s all they are qualifying it for. So older systems are going to eat it at some point if they are used in production.
The TPM checks are for security but, certainly not required if someone is willing to drop system security for some reason.
TPM is more about securing data from PC owners rather than for them. Since it’s there anyways, it is used to support bitlocker, but the reason they are pushing it so much is because it might (depending on whether it actually is secure) be able to allow content providers to allow users to view their content without needing to give them access to copy or edit it.
And there isn’t any guarantee that the uses that do benefit the user’s security don’t have some backdoor for approved crackers to get in. Like doesn’t the MS account store a copy of the recovery key for bitlocker? Which is nice for when the user needs it, but also comes in handy if MS wants to grant access to anyone else.
Microsoft does on Home Edition without even asking, and it doesn’t provide the users with a choice to store the key locally OR put it on the Cloud account, like Windows Pro does. I’m sure Microsoft has a master key to an account as well. But one can hope they do not, and they are also storing those BitLocker keys in an encrypted fashion in whatever database runs the backend.
Also agree with you on TPMs. They are useful when invoked by the user. DRM on content and software is, and always will be, anti-consumer. As for now secure TPMs are, I know Infineon did have that Random Number Generator bug which basically broke the TPMs. So there’s that.