| ▲ | jama211 4 hours ago |
| You can bypass the warning really easily, I googled it the moment I saw it and it was very easy. A keyboard shortcut to open the command window during the install and one cheeky command. I agree though that it’s silly they don’t offer it officially. But I get the feeling you were on the edge of transitioning anyway, which is fine! Sounds more like the straw that broke the camels back. |
|
| ▲ | matja 4 hours ago | parent | next [-] |
| If you bypass the installer minimum hardware checks then you're making a gamble that the official statement from Microsoft won't affect you: > If Windows 11 is installed on ineligible hardware, your device won't receive support from Microsoft, and you should be comfortable assuming the risk of running into compatibility issues. > Devices that don't meet these system requirements might malfunction due to compatibility or other issues. Additionally, these devices aren't guaranteed to receive updates, including but not limited to security updates. |
| |
| ▲ | hparadiz 3 hours ago | parent | next [-] | | Aren't you guys actually talking about a TPM 2.0 device being present on the machine and not a CPU specifically? Cause the whole Windows 11 thing was (I thought) full disk encryption with TPM 2.0 attestation booted from a secure boot BIOS. That basically just means you can't take the disk and boot it on another machine. There would be no way to decrypt. | | |
| ▲ | ploxiln 3 hours ago | parent | next [-] | | Windows 11 officially requires TPM 2.0, secure-boot enabled, and an AMD Zen+ (Ryzen 2xxx) or later or an Intel Core Gen 8 or later. https://arstechnica.com/gadgets/2021/10/windows-11-the-ars-t... > ... the best rationale for the processor requirement is that these chips (mostly) support something called “mode-based execution control,” or MBEC. MBEC provides hardware acceleration for an optional memory integrity feature in Windows (also known as hypervisor-protected code integrity, or HVCI) that can be enabled on any Windows 10 or Windows 11 PC but can come with hefty performance penalties for older processors without MBEC support. > Another theory: older processors are more likely to be running in old systems that haven’t had their firmware updated to mitigate major hardware-level vulnerabilities that have been discovered in the last few years, like Spectre and Meltdown | |
| ▲ | RajT88 2 hours ago | parent | prev | next [-] | | I have a few machines which lack a supported CPU. There's CPU's only 6 years old which aren't supported. There may be some newer ones even (I didn't bother to look). If it was 2000 - it'd be like, "OK boss, you gotta upgrade that old dog of a CPU", but software bloat really hasn't kept up with CPU performance. I've got an i3 which is serviceable enough from 2014. Is it going to be able to keep up with modern SQL Server and Teams and VSCode and all that? Probably not all at once. But totally fine for basic computing. | |
| ▲ | tosti 3 hours ago | parent | prev | next [-] | | You can use a TPM for disk encryption with Linux if you want. You also get to use your own secureboot keys if you want. Your choice. I can't be bothered. My 80386 worked fine without any of the above and I still don't need any of it on a Zen%d (except Linux) | | |
| ▲ | hparadiz 2 hours ago | parent [-] | | Yea I was looking at this for work. We require full disk encryption for all operating systems but linux is the one where it's a passphrase or a yubikey. In my personal life it would just make managing my PC more annoying. Imagine a motherboard failure and boom there goes my entire disk. | | |
| ▲ | jacquesm 2 hours ago | parent | next [-] | | Yubikeys are very useful. I was pointed to them by a colleague and was a bit skeptical in the beginning but since then I am more than happy to use them, absolutely flawless execution. The only thing that I am a bit concerned about is that it isn't the key that I place on the device that governs all this so you can't be 100% sure that there isn't some kind of supply chain trick that would allow the manufacturer or one or more of their employees to create duplicate keys. | | |
| ▲ | plagiarist an hour ago | parent [-] | | With Linux I think you do have the option of encrypting with your own cert using the PCKS#11 module on the Yubikey. | | |
| |
| ▲ | Terr_ 2 hours ago | parent | prev [-] | | > Imagine a motherboard failure Hold up, I'm no expert on Secure Boot, but LUKS allows you to have multiple entry keys to the same drive. This means you can have one key of random gobbledegook which is kept and auto-used by the magic motherboard, and also a passphrase that you can memorize or write down, and either one is totally sufficient on its own. You don't even need to set them up at the same time, you can start with one and then add the other as an option later. | | |
| ▲ | hparadiz 2 hours ago | parent [-] | | Secureboot is something else. It verifies the boot loader at the BIOS. This can be broken by the system itself (like if it's hacked). So it's protecting you against modifications to the boot loader. This is where kernel modules can be injected. TPM 2.0 is something else. It's typically soldered onto the motherboard as a physical device and the key can be generated and then used to encrypt the disk. The private key can not be extracted. Only the signature and you can ask the TPM to sign a binary blob with the private key while providing you the public key to verify. This protects you against physical access to your device. No one can take your disk and decrypt it. | | |
| ▲ | Terr_ 39 minutes ago | parent [-] | | > the key can be generated and then used to encrypt the disk Right, you can't recover or copy that specific key, but you also don't have to for accessing your data, if you set up some redundancy before disaster struck. AFAIK: 99% of your storage is encrypted by a giant fixed unchanging master-key, and that is itself encrypted again with a non-master key/LS or passphrase, which is stored in the remaining "LUKS header". There's room to store multiple copies of the same master-key encrypted with different non-master options. In that model, the TPM is simply providing (in a convoluted way) its own passphrase for one of those co-equal slots, so having one or more alternates prepared is sufficient to protect your drive from motherboard failure. |
|
|
|
| |
| ▲ | jacquesm 2 hours ago | parent | prev [-] | | For some reason that risk never seemed larger than the one that Microsoft would force me into subscribing to more services because they hold my data hostage or that they would be more than happy to pass the keys to my machine to the USG. |
| |
| ▲ | jodrellblank 3 hours ago | parent | prev [-] | | But if your next move is to go to Linux where all that applies as well, why would that stop you? | | |
| ▲ | vanviegen 2 hours ago | parent [-] | | You are correct that a Linux installation is ineligible for support from Microsoft. Not that that means anything for private usage. Also, Linux has a great track record for not dropping support for older hardware. I think that is a lot more informative than whatever statement Microsoft's legal team has managed to come up with. |
|
|
|
| ▲ | mort96 3 hours ago | parent | prev | next [-] |
| There's a ton of outdated guides out there because Microsoft has been patching out workaround after workaround. It's likely that the simple solution you used doesn't work anymore. |
|
| ▲ | ufmace 3 hours ago | parent | prev | next [-] |
| There's a little bit of considering it already yeah. Plus what the sibling comments say of it being clearly against what Microsoft wants, so no guarantee they won't disable it or make it even harder in the future. And also, the factor of, doing any of these check-disabling hacks also seems to require a full OS reinstall instead of an in-place update. If I need to do a full reinstall anyways, why not do it with an OS I don't need to hack up to get it to install on a system the OS maintainer doesn't want it to be installed on. Apparently, fundamentally, Microsoft does not want me as a user. Hacking around their checks won't change that. I'd rather comply with their wishes and use an OS that actually wants me as a user. |
|
| ▲ | sdoering 4 hours ago | parent | prev | next [-] |
| I have two laptops that - even being 8 years and 4 years old fit the specs MS decided to set. I still kicked itin the can. Am a happy Arch User & Ubuntu (will probably migrate that one to an Arch derivate as well, though) nowadays. I still use WIN11 in my day job. And it is an okay OS. I had worse. I had better. What I find interesting is, that I gained on average 30 - 50% more battery time from the laptops I switched to Linux. It is quite unexpected and to me quite frankly amazing. I am writing this on my day job quite expensive Surface machine. I pulled it from the power connection to sit on the sofa about 20 minutes ago. My battery? At 73%. And I am running Firefox and PowerPoint at the moment (plus whatever corp crapware is installed underneath). Except for exactly one set of tools (older Affinity progs) I have no need for WIN anymore. And as my day job provides a WIN machine... |
| |
| ▲ | jacquesm 2 hours ago | parent [-] | | My daily driver is a second hand W540 that was made in 2014 or so. It's got the maximum RAM that it will take (32G), and a larger HD, other than that it's just the same old box. It's indestructible and rock solid, drives three monitors and I couldn't be happier with it. |
|
|
| ▲ | avgDev 4 hours ago | parent | prev [-] |
| I can confirm this. Honestly, I am really surprised this is a top comment here. This was an extremely easy work around. We are all mostly curious nerds here. All this work because one couldn't google a easy work around? Last time I tried Linux it sucked for gaming and I've spent hours trying to install a printer. Not to excuse Microsoft in this situation, Linux is obviously more open. |
| |
| ▲ | wholinator2 2 hours ago | parent | next [-] | | I can't speak to gaming but i was warned about printer issues as well. However after a hasty switch from win10 to xubuntu to save my phd work i was able to get the office printer working on ubuntu that i could never print to on windows. Sure, i installed a driver but the dialogue literally directed me to do so. My jaw hit the floor when the test page came out flawless. | | |
| ▲ | mlyle an hour ago | parent [-] | | Yah, I feel like Linux was way worse with printers in the past.. now the story is more like: you'll have a different set of printer issues across the major OSes but no OS is clearly better or worse. |
| |
| ▲ | sylos 3 hours ago | parent | prev | next [-] | | When was the last time you tried any of that on linux? Printers have been plug and play(which is impressive considering the hoops I had to jump through on windows) and with advent of proton, there's been no game I've played that's had any issues | | |
| ▲ | avgDev 3 hours ago | parent [-] | | It has been a few years to be fair. However, back when I ran into the issue people said the same thing. I might try it on one of my older laptops which are in the closet. | | |
| ▲ | bigstrat2003 2 hours ago | parent [-] | | Linux has been good for gaming for years now. I think I switched 4 or 5 years ago, and in all that time I've almost never had problems running games. |
|
| |
| ▲ | michaelmrose 2 hours ago | parent | prev | next [-] | | Steam now supports 1 click install of its entire library windows and Linux native and the majority work. The majority of printers either work or do not. It's not a reasonable expectation that all hardware will work but you won't need hours of work either. MS is free to deprecate your work around any given Tuesday when you have work to do leaving you in the same spot with less time available to do anything about it. You are wrongly assessing the value of the alternatives to boot if you think they were just too stupid to google. Based on the article they already viewed Windows negatively prior to this and thus already had a motivation to switch. | |
| ▲ | basch 4 hours ago | parent | prev [-] | | Which still leaves you in a state that at any time your OS stops updating because they decide to close the "loophole" or remove the "feature" |
|
