The article focuses a lot on the security of the boot process, but there’s no reason the TPM can’t be used for DRM as well (as an example, https://ieeexplore.ieee.org/document/5283799). It’s correct when it points out the locked down nature of consoles and phones.
We could conceivably be in for a future where Windows refuses to run code that’s not validated even after the OS boots. Or where it sees pirated software on the system and refuses to function in some manner until the software is removed/corrected to its liking.
There are so many possibilities here and all of them are bad.
- Forced online accounts so Microsoft always knows when/where you login
- Stored encryption keys so Microsoft could theoretically provide access to any computer the government requests
- Telemetry already reporting god only knows what metrics about what and how you use your software
- Forced AI that literally watches everything you do on your screen storing it in a known location making for a valuable target and also potentially/likely being used to create more telemetry and insights into your habits
- Eventual full control over your hardware by enforcing “trusted platform” restrictions
It’s so fucking brazen I’m gobsmacked. As an elder Millennial, I get it, I can already hear most of you tallying in your head if having to care about your OS is gonna be the final straw . This is no longer a nerdy request to please use Linux, this is a five alarm fire. Add to all this how much Microsoft is in bed with the US government and potential issues with all that on the horizon and I really, truly believe it’s time to switch, for your own good.
Please. Even if you’re not going to run out and install Linux tomorrow, you need to start mentally preparing yourself for the inevitability of the task. Get yourself accustomed to the idea and when you’re ready to dip your toes in, just know how many resources are out there for you.
And to the Linux community out there, there are going to be a lot of newcomers who don’t have the technical skills to undertake this and enjoy/appreciate this in the same way as you do. Be kind to them, the need for us to support each other has never been greater. Please.
DRM is already the primary purpose of trusted compute if you read shareholder meeting transcripts; security is a marketing side effect.
Ya boy Richard Stallman agrees and has been saying this for years (although this article is more recentish), https://www.gnu.org/philosophy/can-you-trust.en.html
“Treacherous computing” is a more appropriate name, because the plan is designed to make sure your computer will systematically disobey you. In fact, it is designed to stop your computer from functioning as a general-purpose computer. Every operation may require explicit permission.
As of 2022, the TPM2, a new “Trusted Platform Module”, really does support remote attestation and can support DRM. The threat I warned about in 2002 has become terrifyingly real.
Actual, honest to god reasons to upgrade to Windows 11 are already vague and questionable. Your average user probably doesn’t even see any particular reason and only perceives the nuisance of it. But it’s hard to fully close your iron fist around a platform when TPM enablement is so sparse in the consumer space. So what better way to do it than a mandatory OS upgrade with it as a system requirement and assure all (or a vast majority of) systems align at once?
Of course there are ways for stubborn users to skirt those requirements, but that misses the primary point of Trusted Computing. While the OS may baseline function to some degree, there’s no telling what functionality may be crippled by not being in a trusted state. EDIT: For example, this could easily tie into games with anti-cheat such that they will refuse to run on Windows 11 unless TPM is enabled.
I don’t know the future any better than anyone else, I’m just trying to read the winds at the moment. I suspect they may not try to pull the entire trap closed all at once and that Windows 11 may continue to more or less function as we’ve seen past iterations. But the pieces will be in place by then and it’s only a matter of time before some greedy exec gives the word …
I suspect they may not try to pull the entire trap closed all at once and that Windows 11 may continue to more or less function as we’ve seen past iterations
Microsoft will be taking a page from Google playbook. Google has be gradually reducing the “openness” of their android platform. They now have these “security checks” enforced on android. Meaning that it’s trivial for an application to determine if the phone a “genuine android” or not.
This’ll trickle into webbrowser too (if it’s not already in browsers like chrome). It’s only a matter of time before web pages will be able to determine if they’re running on a “secure OS” and fail to run. It’ll start out with your banking website, then expand to shopping websites, ultimately every page will enforce it (“oh, I see you have an unauthorized browser plug in installed. We care about your security, therefore we won’t run. Please restore your device to it’s secure defaults.”)
This future is so horrible and Linux with its 4% market share won’t change anything.
Agreed.
And what’s particularly galling about this is that it’s never made any sense to me. Are you telling me an Android app, on compromised hardware or otherwise, could send malformed data that would for instance deposit $1M into my bank account? That doesn’t sound like an issue of local security. An app is just a frontend, all validation would still be through the banking infrastructure.
I’ve been daily-driving Linux for over a decade at this point so you don’t need to convince me, and I’ll just spin up a Windows VM for things aren’t picky about baremetal OS installs, but also don’t play nice with WINE.
You’re making up scenarios so you can get outraged over them and push linux lol.
Hey man, yeah, I get it. I worry a lot about sounding like a conspiracy theorist; a real Chicken Little.
But when I look internally and ask myself why I make these posts, why I conspire so much about unknown futures, I come to two most likely outcomes:
- I’m trying to trick you into installing Linux for some reason. Selfishly I guess if there’s a larger userbase demanding support for things then I can expect better support for myself. Or I’m just trying to sound like a pompous smartass in front of internet strangers. But those are a little obtuse.
- I see a bunch of people standing in what I perceive (possibly incorrectly, but nonetheless) a trap and I’m shouting, “Hey, get outta there now before it springs!” because I have general empathy towards other people.
Worst case I’m wrong and I look a fool. I really don’t have a problem with that. I know who I’d trust if the positions were switched 💯
Didn’t Apple brick ipods if they had pirated audio files?
Didn’t Microsoft push a few updates that BSOD Windows OS if you weren’t setup for their OneDrive cloud?
Doesnt seem very made up.
I had an ipod that was filled with “pirated” (ripped) audio files, never owned a single itunes purchased song, and have used Windows on many computers that didnt have OneDrive setup and never experienced either of those.
Do you have some sources for those cause I’d be interested to read about them.
I currently have a modded iPod mini with 128Gb of music, around 1Gb of which was bought from iTunes.
It works perfectly fine. Remarkably so, in fact. Damn things 20 years old, I can plug it into my M2 Macbook and sync music like always.
Strange cause that must be bricked according to the person I replied to lol
Apple are shithouses under Cook, but they’re not that bad.
Yet.
This may come to shock you but not everyone has the same experiences as you.
Which is why I asked you for some sources for your claims. I told you my experience and that I’d never heard of what you’re saying happened.
So do you have any sources or did you just make it up?
I can hear the ‘just use Linux/BSD/etc.’ crowd already clamoring in the comments, and will preface this by saying that although I use Linux and BSD on a nearly daily basis, I would not want to use it as my primary desktop system for too many reasons to go into here.
Still though.
🐧
This rings a little hollow to me. Most of the people I know that understand Linux can quickly summarize why they might not use it as their daily driver (eg staying on macOS for graphics/video or staying on Windows for desktop Word/Excel). If you can’t summarize that quickly, it really makes me wonder if you really understand it. I’m not trying to No True Scotsman my way around it; I really don’t understand.
The reasons I personally know are “I have to use an app for work, there is no interoperable alternative, I have no leverage to replace that entire ecosystem and it won’t run with wine” and “It’s a company-issued device where I have no rights to change anything anyway.” Combined, they make the reason that my work Laptop runs Win11, but my private PC is Linux through and through. I’d like to be able to use said app on my private PC too, but if it doesn’t, no big deal.
Right? I tried to switch my primary computer (framework laptop) to Linux earlier this year and ended up going back to windows after I had absolute nightmares with my type-c KVM. Coupled with performance issues while gaming (and the absolute hassle of having to force games to use my graphics card). Add in whatever random issues I was getting trying to remote into other windows machines on my domain (for CAD work). My day job is in software engineering/ programming, so I’m not exactly a stranger to digging through documentation and fixing computer issues, but spending time fixing my computer instead of using it got old pretty quick.
Perfectly happy with Linux in my HomeLab and on my steamdeck though!
See‽ Easy explanation. I get it, absolutely reasonable issues, and one of several areas Linux just isn’t great with. “Too many issues to explain here” doesn’t click with me.
Personally, I’m sticking with macOS as my primary OS until the point that Asahi solves DP alt mode and I can run two displays from it.
My 2014 Mac mini runs Mint, so I’m more than happy to dive in to Linux as my main.
Word
LibreOffice Write
I just switched to Linux mint as a HTPC and it works great! Wine and Bottles bridged most of the gaps in software availability.
Try winegui as well…
nice!
Ive personally used proton as well for the one program that I need in windows land. It works really well.
I would not want to use it [Linux or BSD] as my primary desktop system for too many reasons to go into here.
https://twitter.com/MayaPosch/status/1809311467545735654
The Linux kernel not having a stable driver ABI is why Linux will never amount to anything outside of some embedded and server applications.
— Maya Posch, author of the submitted article
I guess maybe that’s their reason.
never
That tweet must be some kind of joke, because I don’t know what to make of the many people who use Linux outside of embedded and server applications. And it doesn’t even have to be my hearsay because the Steam Deck is exactly such a device.
In fact, I have a USB audio interface which I use near daily on Linux that has no driver support in modern Windows, because the vendor only provided beta support for Windows 7 as that OS was releasing. By Windows 8 it was unsupported. So the journey of that device is XP->Stable, Vista->Stable, 7->Unstable, 8±> Non-functioning. If the driver ABI were so stable, why does my device not work on Windows anymore?
FreeBSD has stable ABIs (inside one major version).
Anyway, this is not an answer, NVidia drivers had a binary part and a part compiled during installation for the specific kernel version, that’s one possible solution. Linux developers are ideologically against this, yes, and don’t want binary drivers to be first-class citizens.
Switch to Linux, today. It’s always been the better option, but for the last decade it’s been the easier option as well. Installing Linux is a walk in the park whereas windows is a Hilarious clown show from hell with no end.
That reminds me that now in the office we’re dealing with windows machines where the network card just stops working, drivers are suddenly gone. Don’t ask, it’s windows, it’s Microsoft abd this is just considered normal. If a Linux machine has a bug it’s “oh my god Linux sucks sooo hard, it’s impossible to get it to work!” but this Microsoft bullshit just gets handwaved away with “well computers are complicated, let’s just reinstall this”
Yes, there is still a limited set of specialty hardware that may not have drivers available for Linux, but the vast majority of people can easily run Linux and have a much MUCH better experience than windows, and that is ignoring the spyware, the adware, the ads, the plain security nightmare of having a windows machine…
Switch to Linux, it’s easy, it’s beautiful, it’s fun. Come to Linux, come to the dark side, we have cookies
Installing Linux is a walk in the park whereas windows is a Hilarious clown show from hell with no end.
As a server maybe. Switching everything on my desktop to Linux has been a constant fight against all kinds of problems and there’s several things I haven’t been able to get working at all. Microsoft’s constant enshittification is closing the gap and it’s currently a tossup between which one I’m going to land on but that’s not Linux improving so much as Windows getting worse.
It’s very hardware dependent with a few problem’s like Nvidia. For Best results go established brands that support Linux like thinkpads.
That advice doesn’t help much when I already have all the hardware. The whole point is not having to buy new shit.
I wasn’t trying to give you advice, I was describing the situation in general. 🤷
Exactly, I have a bunch of weird issues when running Linux on my Lenovo Legion 5 Pro with an RTX3060. So unfortunately I w9nt be switching until the situation improves.
It’s not even about gaming either, virtually all animations are like 2fps, no matter the drivers or power management. I wasted days on this with some guys from the Lenovo Legion Linux discord server, and some with exactly the same laptop don’t have the same issue, but windows runs fine.
It’s a real shame that, maybe on the next laptop!
Is your model covered by a NixOS module?
https://github.com/NixOS/nixos-hardware/tree/master/lenovo/legion
Could give one of these a twirl and see if it fixes the issues you’ve been seeing.
Thanks for the lead, but I’m afraid I don’t know what to do with these modules. Do they only work with NixOS?
Yeah sorry should have listed that, they do require a NixOS installation.
Pick a DE for the installer, and if you want to change DE the installer will guide you through the process.
Then it will leave you with a config file and some man pages, it’s a bit much at first but spend some time with it. In my eyes easily one of the better distros out there.
That reminds me that now in the office we’re dealing with windows machines where the network card just stops working, drivers are suddenly gone. Don’t ask, it’s windows, it’s Microsoft abd this is just considered normal. If a Linux machine has a bug it’s “oh my god Linux sucks sooo hard, it’s impossible to get it to work!” but this Microsoft bullshit just gets handwaved away with “well computers are complicated, let’s just reinstall this”
Ah, yes, that. I switched in 2011 and the first impressions were about how flawless everything is compared to Windows.
the plain security nightmare of having a windows machine…
Eh, about that - Linux really isn’t immune to that. Just right now Windows is still by far the more profitable target.
It’s better now but twenty years ago some Linux distros were so insecure out of the box that you could be fully owned if you logged into the wrong network.
Even still, I don’t see most distros leverage the security capabilities that running Linux enables. Linux runs the server side of the internet, being a niche os isn’t the security silver bullet it once was.
Pretty sure this guy didn’t use Linux twenty years ago. Outside of very basic computing, Linux wasn’t very useful.
I’ve been running Linux exclusively since 2001 or so. It was rough around the edges back then, but it was useful enough for what I needed.
You had to choose a good distro on that note; redhat, mandrake, etc broke on me so many times, and I was only able to fully switch after finding slackware, which was rock solid.
I remember suse and Debian where ahead of the curve back then. Package managers really changed the game when they started showing up around then. I will admit I’m probably a little too cynical. But I had to run windows through college for various software, and until recently playing most games on Linux was quite the challenge. Steam has truly cracked the code. So I’m dipping my toes back into Linux for daily use. I’ve been running my truenas server for a few years now and run several Linux VM’s so I’m not starting from scratch.
I was pretty lucky in university as most of my profs were either using cross platform stuff or Linux exclusive software. I had a single class that wanted me using windows stuff and I just dropped that one.
Awesome that you’re getting back into it, it’s definitely the best it’s ever been (and you’re right that Steam cracked the code). It sounds like you probably know what you’re doing if you’re running Linux VMs and stuff, but feel free to shoot me a PM if you run into any questions or issues I might be able to point you in the right direction for.
Pretty sure this guy built a 5 user machine with 5 monitors, keyboards, audio, all on a single 2gig Celeron machine. Built the software for all of it in 3 months. That is not 1 user on a desktop but 5 at the same time. 1 user was even back then better, bect I remember all the Regex.exe posts that is sooooo much easier than typing a command somewhere
That was 17 years ago.
Linux security is not perfect, nothing is. But compared to windows security? Come on, seriously? Is .exe still the extension that’ll automatically execute a program?
I’m not sure this is anywhere near what a security comparison would look like.
And the fact that the traditional Unix security model is being augmented with ACLs and selinux and what not hints, that it’s not sufficient. And what these things are being used for is, well, similar to Windows security model.
Seriously. If you’re used to fiddling with Windows and especially if you have installed Windows recently, go try something like Linux Mint. Just the install process will blow your mind. And then wait until you get a system update and it doesn’t affect what you’re doing!
And you can say no if you want to!
Yeah I guess I left that part out! It’s funny because like so many things in Linux, you have all the power but you often don’t need to use it because the same problems just aren’t there.
You get to decide when to apply the updates, but they are so quick and unobtrusive that I choose to apply them immediately!
No cookies!
Punch and pie!
But what if we already use Linux? Can we still have some cookies? Or is this new users only?
You can have them, just click accept all on the cookie pop up.
what a bizare take to suggest hoping for ReactOS to mature before using Linux as daily driver. A lot of the current reactOS app compatibility depends on WINE implementation anyway.
ReactOS is a very fun project, but anyone expecting it to be a real useable OS is absolutely mad. It’s been going for almost 30 years, and they’re almost at the point of binary compatibility with Windows Server 2003…
Last I checked it didnt play very nicely in real hardware, and required running it in a VM
I had a Windows 10 laptop that has a CPU not supported by Windows 11. It’s not e-waste, though. It just runs Ubuntu now.
You can argue all you want about TPM and its ‘security’. I ALWAYS thought that forcing users to use TPM 2+ hardware is planned obsolescence and nothing/no one will convince me otherwise.
The only thing affected users can and should do is to leave that PoS of an ‘operating system’.
It’s not PoS. At its core Windows NT is very cool, and the Windows subsystem for it is not terrible.
What’s PoS is that the only way you get it is with such a heap of garbage, that you can’t see the good parts behind it.
And even its developers seem to have forgotten those good parts, I wonder if they ever change anything there other than “closing” vulnerabilities with yet another condition in some long-long switch … case … statements.
Fucking Christ, you have choices people. If windows won’t meet your needs anymore, USE SOMETHING ELSE! Why do these people pretend there are no alternatives to windows?!
There are no alternatives to Windows. You will join us. Embrace ☀️. Extend 🌈.Ȩ̷͙͙̺̰̦͊̏͜x̷̱̹̃t̶̡͉̍̋̌̿͗̈́͘í̴̡̼̱̫͚̺͙̉ň̶̛̮͠ģ̴̛̹̮͎̏̓u̷̢̢̜͊̆̈̉͐̑i̸̛̪͔̤̰͚̾͌̈̍͜ͅs̶̳̜͎͓͚̣̼̖͌̇̈́͊̌͋h̷͉̹̄͐̋̐͛🌚.
Think about all the people with computers that don’t know about Linux.
Why do these people pretend there are no alternatives to windows?!
They’d have to admit they were wrong.
Most people are incapable of doing this unless they literally have no choice.
yeah I’m over here trusting them to flood the scrap market with AM4 motherboards so I can build Linux machines
Where’s Microsoft’s Chief Sustainability Officer on this one? Too busy looking the other way on Copilot’s massive energy usage?
This is on top of potential tariffs which if enacted will make PC costs skyrocket. I feel like a lot of people are just going to skip the generation like they do with every other windows OS version. They will just keep windows 10 forever kinda like XP did back in the day.
I’m pretty hesitant to find the time to install and learn Linux but I’m VERY hesitant to upgrade to Win11. I’m having trouble understanding what the selling point for it is over Win10. I feel like it used to be clear and exciting to upgrade but they’ve managed to make this feel sort of dreadful.
There is no particular selling point. That’s why they force it.
Well yeah, w11 has no selling point, that’s why they’re forcing you to switch by removing support by autumn 2025
Install Linux already
Microsoft: BUT WE’RE THE MOST ECO CONSCIOUS COMPANY WE KNOW!!!
You can’t say they’re not. The even have a Chief Sustainability Officer! /s
OK I’m sold…they are officially the most eco efficient and conscious company in the WORLD and bill gates is not about to garrote me agent 47 sty-
DON’T TURN ON DISPLAYING SECONDS IN THE TASKBAR BECAUSE THAT’LL USE MORE ENERGY!
Debian user here. All people have a doorkey. Some people have an alarm system as well. Infosec is about ’ what do you have and what do you know '. So in principle TPM is a defencible argument. You should absolutely bail from MS products for different reasons. Like privacy. Your PC isn’t yours anymore. Your NPU will reduce THEIR costs. Etc.
Don’t enter Linux thinking its a drop in replacement. Go slow and do ‘ships in the night’. Move data over to the new ship. Start embracing OSS on windows, it’ll be familiar when you finally bail. G luck.
TPM is the wedge to put a cryptoprocessor in your computer so program can finally operate under the tyrannical scrutiny of users and the pirates using ghidra !
It’s not really a TPM problem, my Dell has TPM2.0 which is perfectly compatible with win11. My problem is the CPU (i5 6th gen) missing some stuff for modern device drivers or something, that is preventing me from upgrading win10 to win11.
Yes I dual boot MX Linux on it :)
I can’t wait for the surge in cheap PCs available to buy and install Linux on. Please, Microsoft, lock down Windows more.
