Just transfer your OS over to the new PC.

Ursprünglich geschrieben von Crashed:

Ursprünglich geschrieben von Morkonan:

^--- This.

It's likely someone bought a motherboard from dead stock that didn't have a TPM module and it's showing as "unsupported" in the Win11 pre-check.



See above: Whatever article you read lied to you or you didn't properly understand what it was trying to say.

TPM: https://docs.microsoft.com/en-us/windows/security/information-protection/tpm/trusted-platform-module-overview

https://support.microsoft.com/en-us/windows/enable-tpm-2-0-on-your-pc-1fd5a332-360d-4f46-a1e7-ae6b0c90645c

Not all motherboards have a TPM chip. And, some can be supported with a sort of TPM-software solution, IIRC. But, the latter sort of acts to defeat the purpose of TPM. TPM is not, however, some panacea in terms of a security measure. But, it's an attempt to provide unique hardware encryption at the lowest level possible that is "tamper resistant." (It's not tamper or malware proof. But, it is stronger than software based measures.) It's also possible there are certain privacy issues, too. "What are you doing, TPM chip?" :)

This "software solution" for TPM is actually a firmware-based solution based on the internal chipset such as the Management Engine which is outside of accessibility by any software on the PC.

As for TPM not being tamper-proof, the idea behind Secure Boot is to ideally exclude the loading of any malicious boot or kernel modules that could read the keys released by the TPM, for instance BitLocker Disk Encryption keys.

All the security functionality that the system requirements are based on are already supported in Windows 10 however Microsoft has decided that these standards should now be baseline. Windows 11 will boot and run without these components, however Microsoft considers this an unsupported state and will most likely show a warning watermark on the desktop wallpaper and in Settings.

Correct. Discrete TPM is only supported by Skylake architecture and newer, unless your motherboard has a TPM socket.

I will say TPM implementation is likely a knee-jerk reaction to global computer virus pandemics such as ILOVEYOU etc. etc. although time will tell if this solution will actually work. Focus should be on the OS being bulletproof, not the hardware. Hardware pricing doesn't currently warrant the performance hit from things such as core isolation or memory integrity. I'm also intrigued about comments suggesting Windows 7 is a better OS in terms of privacy, unless you're not on the latest version which includes telemetry. I considered switching back to Win7 myself although for my purposes it seems Debian/Linux is the right way to go.

Ursprünglich geschrieben von xX_ClaymoreHumper_Xx:

Ursprünglich geschrieben von Crashed:

This "software solution" for TPM is actually a firmware-based solution based on the internal chipset such as the Management Engine which is outside of accessibility by any software on the PC.

As for TPM not being tamper-proof, the idea behind Secure Boot is to ideally exclude the loading of any malicious boot or kernel modules that could read the keys released by the TPM, for instance BitLocker Disk Encryption keys.

All the security functionality that the system requirements are based on are already supported in Windows 10 however Microsoft has decided that these standards should now be baseline. Windows 11 will boot and run without these components, however Microsoft considers this an unsupported state and will most likely show a warning watermark on the desktop wallpaper and in Settings.

Correct. Discrete TPM is only supported by Skylake architecture and newer, unless your motherboard has a TPM socket.

I will say TPM implementation is likely a knee-jerk reaction to global computer virus pandemics such as ILOVEYOU etc. etc. although time will tell if this solution will actually work. Focus should be on the OS being bulletproof, not the hardware. Hardware pricing doesn't currently warrant the performance hit from things such as core isolation or memory integrity. I'm also intrigued about comments suggesting Windows 7 is a better OS in terms of privacy, unless you're not on the latest version which includes telemetry. I considered switching back to Win7 myself although for my purposes it seems Debian/Linux is the right way to go.

But also 1 thing people keep getting wrong.
windows 11 doesn't require secure-boot.
Your system just has to support it. Not have to enable it.
Tpm on the other hand has to be enabled
So at least they didn't kill Linux dual-booting. (although Linux does support secureboot. Only Fedora and Ubuntu have it)

I talk from my own experience of upgrading to win 11 day one

Ursprünglich geschrieben von Monster:

What to do about Win11

Pee on it. That's all you should do with it.

Ursprünglich geschrieben von xX_ClaymoreHumper_Xx:

Ursprünglich geschrieben von Crashed:

This "software solution" for TPM is actually a firmware-based solution based on the internal chipset such as the Management Engine which is outside of accessibility by any software on the PC.

As for TPM not being tamper-proof, the idea behind Secure Boot is to ideally exclude the loading of any malicious boot or kernel modules that could read the keys released by the TPM, for instance BitLocker Disk Encryption keys.

All the security functionality that the system requirements are based on are already supported in Windows 10 however Microsoft has decided that these standards should now be baseline. Windows 11 will boot and run without these components, however Microsoft considers this an unsupported state and will most likely show a warning watermark on the desktop wallpaper and in Settings.

Correct. Discrete TPM is only supported by Skylake architecture and newer, unless your motherboard has a TPM socket.

I will say TPM implementation is likely a knee-jerk reaction to global computer virus pandemics such as ILOVEYOU etc. etc. although time will tell if this solution will actually work. Focus should be on the OS being bulletproof, not the hardware. Hardware pricing doesn't currently warrant the performance hit from things such as core isolation or memory integrity. I'm also intrigued about comments suggesting Windows 7 is a better OS in terms of privacy, unless you're not on the latest version which includes telemetry. I considered switching back to Win7 myself although for my purposes it seems Debian/Linux is the right way to go.

Skylake and newer has a form of fTPM. As for TPM this describes how Windows uses it:
https://docs.microsoft.com/en-us/windows/security/information-protection/tpm/how-windows-uses-the-tpm

The claims of Windows 7 being better for privacy are quite short-sighted as Windows 7 is considered end-of-life and consumer editions are no longer eligible to be patched against newly discovered threats.

As for core isolation/memory integrity, this can be turned off in Windows Security, as well as even setting a bcdedit flag to completely disable virtualization.

Ursprünglich geschrieben von Ghost Robertson:

My system said it supported windows 11, But i just checked and now it says it doesn't.

Dunno why because i haven't changed any major settings, and yes my system is custom built.

To check why it isn't supported run PC Health Check - https://support.microsoft.com/en-us/windows/how-to-use-the-pc-health-check-app-9c8abd9b-03ba-4e67-81ef-36f37caa7844

Alternatively you could try WhyNotWin11 - https://github.com/rcmaehl/WhyNotWin11/releases/tag/2.4.3.1

If the only issue is the processor then look to https://support.microsoft.com/en-us/windows/ways-to-install-windows-11-e0edbbfb-cfc5-4011-868b-2ce77ac7c70e for a registry setting to bypass the processor check and reduce the minimum TPM version to 1.2.

Ursprünglich geschrieben von Crashed:

To check why it isn't supported run PC Health Check - https://support.microsoft.com/en-us/windows/how-to-use-the-pc-health-check-app-9c8abd9b-03ba-4e67-81ef-36f37caa7844

Alternatively you could try WhyNotWin11 - https://github.com/rcmaehl/WhyNotWin11/releases/tag/2.4.3.1

If the only issue is the processor then look to https://support.microsoft.com/en-us/windows/ways-to-install-windows-11-e0edbbfb-cfc5-4011-868b-2ce77ac7c70e for a registry setting to bypass the processor check and reduce the minimum TPM version to 1.2.

Sorry i got confused with two of my computers, my 11th gen system still says it supports win 11 but my 9th series never did.

Ursprünglich geschrieben von Monster:

So microsoft once again delivers a blow to PC users they and their crumby companies lining their pockets that are whispering in their ear, to not allow custom built (non PC company built, Dell, Acer, ETC.) PC's to run Win11. This is absolutely terrible! To bad AMD is not making their own OS as they are for the PC users. It's like microsoft aims to irritate their users and try to further monopolize anything and everything that they possibly can. What can we do as users?! How do we change their mind?!

It's about control. They want control over your PC, so they can delete what they want to delete on there. It's why you should back up everything.
>What can we do as users?!
Switch to Linux. Archive everything. Boycott companies that engage in the manner of fascism that Microsoft is engaging in. Bully tyrants and the cowards that enable them, as to drive them out of society.

>How do we change their mind?!
Without a paradigm shift you won't. You've got the keys, use them.

Ursprünglich geschrieben von Ghost Robertson:

Ursprünglich geschrieben von Crashed:

To check why it isn't supported run PC Health Check - https://support.microsoft.com/en-us/windows/how-to-use-the-pc-health-check-app-9c8abd9b-03ba-4e67-81ef-36f37caa7844

Alternatively you could try WhyNotWin11 - https://github.com/rcmaehl/WhyNotWin11/releases/tag/2.4.3.1

If the only issue is the processor then look to https://support.microsoft.com/en-us/windows/ways-to-install-windows-11-e0edbbfb-cfc5-4011-868b-2ce77ac7c70e for a registry setting to bypass the processor check and reduce the minimum TPM version to 1.2.

Sorry i got confused with two of my computers, my 11th gen system still says it supports win 11 but my 9th series never did.

9th Gen is supposed to be supported as long as you have a DX12 capable GPU with proper Windows 10 drivers and have Intel Platform Trust Technology (PTT) or a discrete TPM enabled.

Use Linux

Ursprünglich geschrieben von Crashed:

...
As for TPM not being tamper-proof, the idea behind Secure Boot is to ideally exclude the loading of any malicious boot or kernel modules that could read the keys released by the TPM, for instance BitLocker Disk Encryption keys.

From what I understand, Micro$oft will be sent these on initial registration by default, unless that option is customized/overwritten by the user. (For "recovery" purposes. AND so the guys at the telemetry center can see nekkid pics of your dog.)

Ursprünglich geschrieben von xX_ClaymoreHumper_Xx:

... I'm also intrigued about comments suggesting Windows 7 is a better OS in terms of privacy, unless you're not on the latest version which includes telemetry. I considered switching back to Win7 myself although for my purposes it seems Debian/Linux is the right way to go.

Win10&11 are much more secure. Win7 certainly has telemetry, but it's a bit less and isn't as murderized by Micro$oft's newer EULA. It also doesn't have fifty-eleven crap-apps installed on it by default. And, it was more a joke to give me an opportunity to rant about Micro$oft. :) Though, I don't use my Win7Pro machine for anything other than some productivity hobby stuff with apps I only have for that OS atm. It's airgapped.

Ursprünglich geschrieben von Morkonan:

Ursprünglich geschrieben von Crashed:

...
As for TPM not being tamper-proof, the idea behind Secure Boot is to ideally exclude the loading of any malicious boot or kernel modules that could read the keys released by the TPM, for instance BitLocker Disk Encryption keys.

From what I understand, Micro$oft will be sent these on initial registration by default, unless that option is customized/overwritten by the user. (For "recovery" purposes. AND so the guys at the telemetry center can see nekkid pics of your dog.)

Microsoft doesn't look at your files. That is nothing more than a rumor. In fact they changed their policies when it comes to searching their own cloud storage after an outcry.

While Device Encryption, the limited version of BitLocker for home users, backs up its key to your online account, BitLocker prompts for a key backup method on setup unless overridden by Active Directory.

Ursprünglich geschrieben von Ellisar:

Try fedora, arch, zorin or POP
maybe with dual boot for now.

why arch? you can just say endeavouros but i still wont recommend even manjaro. maybe mint like any other ubuntu based distro

Ursprünglich geschrieben von Crashed:

Microsoft doesn't look at your files. That is nothing more than a rumor. In fact they changed their policies when it comes to searching their own cloud storage after an outcry.

Source, please?

They reserve the right to do so whenever they wish. Are you saying that they've specifically contractually reserved that right to do so whenever they wish, for whatever purposes they feel like, but they're pinky-swearing that they really, probably, won't do that?

I feel much better, now...

But, if you have a link to a source with binding statements, I'd truly be thankful and would love to read it. (I haven't checked in on this in a couple of months, so if they have officially announced policy and TOS/EULA retractions, I'd really love to know that.)

I don't use cloud storage nor do I do distasteful stuffs, so I could care less if they're reporting hashes for criminal investigation. At least, "in specifics." In principle, I'm not comfortable with "third-party" law enforcement and the erosion of Rights as well as privacy that entails.

Ursprünglich geschrieben von Morkonan:

They reserve the right to do so whenever they wish.

And where in their policies do they say that? Facts should be given instead of tin-foil hat politics.