| ▲ | CrossVR 6 hours ago |
| I don't think selling more hardware is the primary motivation. The motivation is ensuring everyone has TPM 2.0 enabled on their device. This allows Microsoft to protect parts of their software even from the user that owns the hardware it's running on. With TPM enabled you finally give up the last bit of control you had over the software running on your hardware. |
|
| ▲ | tapoxi 5 hours ago | parent | next [-] |
| Unbreakable DRM for software, such as for your $80 billion game business or your subscription office suite. As a bonus, it prevents those pesky Windows API compatibility tools like Wine from working if the application is designed to expect signed and trusted Windows. |
| |
| ▲ | com2kid 5 hours ago | parent | next [-] | | The mass exodus to Linux gaming is already causing a push back against kernel level anti-cheat. People who 5 years ago didn't give a hoot about computing outside of running steam games are now actively discussing their favorite Linux distro and giving advice to friends and family about how to make the jump. | | |
| ▲ | herdymerzbow 4 hours ago | parent | next [-] | | As much as I hope it to be mass exodus, and as someone who switched over to CachyOS as my main OS in Nov 2025, I'm not sure that 3% of the steam user base really qualifies as a 'mass' exodus. https://www.notebookcheck.net/Linux-gaming-growth-SteamOS-sh... Going back to my Windows install every now and then to do things feels uncomfortable. Almost like I'm sullying myself! The extent of Microsoft's intrusiveness kind of makes it feel like entering a poorly maintained public space...at least compared to my linux install. I'm not sure that the majority of people feel this way about Windows 11. They just put up with it in the same way as they do YouTube ads, web browsing without ublock origin, social media dark patterns etc. But certainly, never been a better time I think to move to linux for my kind of user, i.e. the only mildly technologically adept. | | |
| ▲ | com2kid an hour ago | parent | next [-] | | > I'm not sure that 3% of the steam user base really qualifies as a 'mass' exodus. Major tech reviewers are talking about Bazzite. Reddit gaming forums are full of people talking about Win11 vs Linux. Microsoft only has two strangle holds on PCs - gaming and office apps. For home users they literally have 0 lock in now days other than familiarity. No one is writing native windows apps outside of legacy productivity apps and games. Even Microsoft is writing Windows components in React now days. I moved to Linux earlier this year and literally none of my apps were unavailable. Everything is a browser window now days. 15 years ago that would've been crazy, I had tons of native windows apps I used every day. | |
| ▲ | marcus_holmes an hour ago | parent | prev [-] | | Yeah but which 3%? It's important. There are a lot of Steam gamers with 5 games in their library who log on once a month. There are a few Steam gamers with 5000 games in their library who are permanently logged in. There's folks who play one game obsessively, and folks who tinker around with many games. I'm willing to bet that the 3% are the kind of people who buy a lot of games. I'd love to see that "what percentage of games have been bought by people on which platform?" metric. I think it'd be a lot more than 3% on Linux, even if you count Steam Deck as a separate platform. |
| |
| ▲ | Hikikomori 2 hours ago | parent | prev [-] | | Unfortunately Linux requires zero effter to create cheats on, might as well run no anti cheat. And the root stuff is overblown as user space programs can already read all your files and process memory of that user. How many bother with multiple users? | | |
| ▲ | marcus_holmes an hour ago | parent | next [-] | | Not all gamers are playing games where cheating is an issue. It's really only the MOBA Call of Battlefield AAA crowd who care about that. That's not the largest group of gamers, and certainly not the largest market for games. | |
| ▲ | MindSpunk an hour ago | parent | prev [-] | | The push back on kernel level anti-cheat on security grounds has always felt odd to me. If you don't trust them to run kernel level code why do you trust them to run usermode code as your user? A rogue anticheat software could still do enormous damage in usermode, running as your user, no kernel access required. Being in kernel mode does give the rogue software more power, but the threat model is all wrong. If you're against kernel anti-cheat you should be against all anti-cheat. At the end of the day you have to chose to trust the software author no matter where the code runs. |
|
| |
| ▲ | blibble 4 hours ago | parent | prev [-] | | it will never be unbreakable, and only needs to be broken once intel can't even get SGX to work | | |
|
|
| ▲ | fluidcruft 5 hours ago | parent | prev | next [-] |
| Maybe instead Microsoft could allow Windows 11 to install and run on machines that are otherwise capable and just flash red screens at you all the time where otherwise ads would show up that constantly nag that "THIS COMPUTER IS FUCKING INSECURE!" or something. It would be equally as annoying but I'm sure running latest Windows 11 but with TPM 1.0 instead of TPM 2.0 will be more secure than running Windows 10 without bug fixes and security patches. (But my understanding is there were other things like bumping minimum supported instruction sets that happened to mismatch a few CPUs that support the newer instruction sets but were shipped with chipsets using the older TPM) |
| |
| ▲ | will4274 5 hours ago | parent [-] | | We want to delete the fallback code paths... You'll just get failures from bitlocker instead of install failures, or windows hello failures, or ... |
|
|
| ▲ | sixtyj 6 hours ago | parent | prev | next [-] |
| And clever people found out the way - https://www.tomshardware.com/how-to/bypass-windows-11-tpm-re... |
| |
| ▲ | zamadatix 5 hours ago | parent | next [-] | | Registry keys and autoattend.xml config keys are not clever people finding a way, it's people using stuff Microsoft put there to do just this for now. I.e. Windows 11 has not been strictly enforcing these yet, they are just "officially" requirements so when they eventually decide to enforce in a newer version (be it an 11 update or some other number) they'll then be able to say "well it's really been an official requirement for many years now, and over 99% of Windows 11 installs which has been the only supported OS for a while now are working that way" at that time. If they just went straight from Windows 10 to strictly enforced Windows 11 options it'd've been harder to defend. | |
| ▲ | CrossVR 5 hours ago | parent | prev | next [-] | | You're missing the point, the TPM 2.0 requirement is there to drive adoption, not to actually prevent you from installing Windows 11. | |
| ▲ | bitwize 6 hours ago | parent | prev [-] | | Windows 12 will close the loophole: your CPU will require a signed code path from boot down to application level code. No option to disable Secure Boot or install your own keys. But there needs to be an installed base of secure hardware for this to happen, hence the TPM 2.0 requirements for Windows 11. | | |
| ▲ | sixtyj 4 hours ago | parent [-] | | Since Windows 12 hasn't even been mentioned yet, I wouldn't worry about what you're describing at all. |
|
|
|
| ▲ | will4274 5 hours ago | parent | prev | next [-] |
| Hardware key storage is a low level security primitive. Both Android and iOS have mandated it for far longer. It's a low level security primitive that enables a lot of scenarios, not just DRM. For example - it's not possible to protect SSH keys from malware that achieves root without hardware storage. Only hardware storage can offer the "Unplug It" guarantee - that unplugging a compromised machine ends the compromise. |
| |
| ▲ | anthk 4 hours ago | parent | next [-] | | 9front with factotum tells a different story. | |
| ▲ | LtWorf 5 hours ago | parent | prev | next [-] | | If you want to protect keys you get a yubikey or something like that. | | |
| ▲ | will4274 3 hours ago | parent [-] | | And if you want to play sound, you buy a sound card. Computers integrate components that approximately everybody needs. Hardware storage for keys is just the latest example |
| |
| ▲ | CrossVR 5 hours ago | parent | prev [-] | | Ah yes Android and iOS, they have truly become bastions of user freedom since mandating secure enclaves. That really puts my worries to rest. /s | | |
| ▲ | hollerith 3 hours ago | parent [-] | | User freedom is not the only axis by which we judge operating systems. | | |
| ▲ | CrossVR an hour ago | parent [-] | | It is not, but to me personally it is a very important one and it is not one I will give up without a fight. |
|
|
|
|
| ▲ | 9dev 4 hours ago | parent | prev [-] |
| > With TPM enabled you finally give up the last bit of control you had over the software running on your hardware. The overwhelming majority of users never had any kind of control over the software running on their hardware, because they don’t know (and don’t want to know) how the magical thinking machine works. These people will benefit from a secure subsystem that the OS can entrust with private key material. I absolutely see your point, but this will improve the overall security of most people. |
| |
| ▲ | Terr_ 4 hours ago | parent [-] | | > The overwhelming majority of users never had any kind of control Uninterested is vastly different than unable, especially when that majority is still latently "able" to use some software that a knowledgeable-minority creates to Help Do The Thing. The corporate goal is to block anyone else from providing users that control if/when the situation becomes intolerable enough for the majority to desire it. Most people don't move away from their state of residence either, but we should be very concerned if someone floats a law stating that you are not permitted to leave without prior approval. |
|
