nlinecomputers
Well-Known Member
- Reaction score
- 8,598
- Location
- Midland TX
NO it is not a ludicrous example. It happens all the damn time. Seen it with my own clients.
Windows 11 problems
- Thread starter Galdorf
- Start date
nlinecomputers
Well-Known Member
- Reaction score
- 8,598
- Location
- Midland TX
Because when YOU(or your client slips up) your Antivirus and other security programs hopefully step up and stop the attack. The newer hardware is designed with built-in security just in case of said screw-ups.
One time I stupidly clicked on an obvious fake UPS phishing email. The only reason my system didn't get totally pwnd was because of my AV software. Technology saved my stupid butt.
britechguy
Well-Known Member
- Reaction score
- 4,852
- Location
- Staunton, VA
Note that I didn't say it didn't happen. What's ludicrous is the very idea that you can prevent this via technology.
And if you believe you can, then we really have nothing to discuss.
This sort of a scam occurs because of what the end user does, and often on a completely different platform, than where the trigger originates.
What is so difficult to understand that the two realms are disjoint. Can humans be scammed - absolutely yes? Will any computer technology be the solution to that - absolutely not.
britechguy
Well-Known Member
- Reaction score
- 4,852
- Location
- Staunton, VA
We've all had that, and I'm not denying that. Please, pay attention to the types of threats against which technology is effective, and where it is not. They are disjoint.
nlinecomputers
Well-Known Member
- Reaction score
- 8,598
- Location
- Midland TX
No, they are not. The whole point of the newer CPUs is to make it harder for malicious unauthorized software to be able to run or failing that to limit the damage inside of a single container. No, it will not be perfect but it will make it significantly harder. That is the whole point of this line in the sand you have been aplauding.
britechguy
Well-Known Member
- Reaction score
- 4,852
- Location
- Staunton, VA
Again, you're are intentionally crossing lines I have been assiduous about not crossing.
The Zimbabwe example, as written, would NOT EVER be prevented by these changes. And I clearly explained exactly why. Knowing that this is the case is essential if one is to remedy situations such as the Zimbabwe example. TPM, etc., ain't gonna fix it, ever.
Spectre & Meltdown are mitigated by firmware and software patches, as I mentioned earlier, and those software patches I assume are baked into Windows 11 (i.e. don't require the installation of updates). They haven't been exploited to harm home users. Why can't these mitigations be relied on for a few more years after 2025 until natural attrition takes care of old computers?
The alternative is many thousands of computers running un-supported Windows 10 with no more patches. Sure they're not as secure as 8th gen, but if they keep running un-supported Windows 10 they'll be even less secure. Allowing 6th & 7th gen PCs to run Windows 11 would help keep secure most computers that will be still too useful to throw out in 2025.
Microsoft already have different Windows editions. Home edition could be allowed to upgrade, Pro only if clean installed, Enterprise not at all. They don't need to have the same rule for those three groups.
The alternative is many thousands of computers running un-supported Windows 10 with no more patches. Sure they're not as secure as 8th gen, but if they keep running un-supported Windows 10 they'll be even less secure. Allowing 6th & 7th gen PCs to run Windows 11 would help keep secure most computers that will be still too useful to throw out in 2025.
Microsoft already have different Windows editions. Home edition could be allowed to upgrade, Pro only if clean installed, Enterprise not at all. They don't need to have the same rule for those three groups.
nlinecomputers
Well-Known Member
- Reaction score
- 8,598
- Location
- Midland TX
1. By 2025 8th Gen processors will be 7 years old. There isn't going to be a whole lot of PCs out there running older than that. So who cares?
2. Microsoft allows you to install Windows 11 via a fresh install on 7th gen or older CPUs anyway. WHY? It is very easy for them to have a routine in the setup to check for the proper list of unsupported CPUs and refuse to install on them. They block the upgrade of such a system. Yet they don't block an n&p install. Obviously, they intended to backhandedly support these systems even while they claim they MIGHT not. If you really must have 11 on some old clunker then just install it.
Still no response to my comments about software mitigation of Spectre & Meltdown that we've been enjoying for some years, which is suddenly not good enough even for home users. Even though those mitigations are presumably baked into Windows 11 making them more secure than other OS versions that rely on patches to be installed.
I still run 4th gen CPUs on a couple of in-house PCs and they do their jobs very well. In 2025 there will be plenty of 6th and 7th gen PCs in use.
I won't be telling any customers that 7th gen can upgrade, at least not until we find out feature updates will occur.
But I'm concerned about all the useful PCs getting retired because of an arbitrary decision by a monopolistic OS developer, and all the PCs running an unsupported OS after 2025 because it's still useful.
Ironically if Microsoft made Windows 11 a resource hog and older computers were too slow to run it, the retirement of those computers would be more understandable!
I disagree. There are plenty of 8-10 year old PCs with SSD/RAM upgrades running Windows 10 right now. So in 2025 we should expect the same. [not the same PCs, but the same age of PCs]
I still run 4th gen CPUs on a couple of in-house PCs and they do their jobs very well. In 2025 there will be plenty of 6th and 7th gen PCs in use.
They are officially unsupported, and Microsoft has published on their blog that unsupported PCs running Windows 11 are not entitled to updates. I agree they're probably full of cr@p but ordinary home users will just see that their PC is unsupported and they'll assume that's it.
I won't be telling any customers that 7th gen can upgrade, at least not until we find out feature updates will occur.
Which shows how arbitrary their policy is. It's a business decision, justified by security platitudes which they have not even bothered to articulate properly.
I will on my personal HP ZBook with 7th gen CPU, which I bought a year ago on special as a superseded model because I knew the performance will be sufficient for many years (office-type use only, wanted the high quality and storage options of the ZBook).
But I'm concerned about all the useful PCs getting retired because of an arbitrary decision by a monopolistic OS developer, and all the PCs running an unsupported OS after 2025 because it's still useful.
Ironically if Microsoft made Windows 11 a resource hog and older computers were too slow to run it, the retirement of those computers would be more understandable!
britechguy
Well-Known Member
- Reaction score
- 4,852
- Location
- Staunton, VA
Typing from one. Probably will be for several more years, and as a daily driver it could easily go past 2025 were a supported Windows available for it.
As was noted all the way back on the first page of this thread, retirement of systems secondary to "insufficient processing power" has not been common for years now, except for real POS systems.
I suspect that I'll have Win11 VMs for several years, as I don't feel any need at the moment to update my hardware. It certainly isn't likely to occur prior to 2025 unless something fails catastrophically (and I mean like mobo dying, or similar - hardware failure).
GTP
Well-Known Member
- Reaction score
- 9,834
- Location
- Adelaide, Australia
What am I doing wrong then?
I cant install Windows 11 on any of the 3+ year old PC/laptops I have here even after zeroing the HDD's.
"This PC does not meet the requirements for Windows 11...."
nlinecomputers
Well-Known Member
- Reaction score
- 8,598
- Location
- Midland TX
You have to have TPM 2.0 and you have to have secure boot turned on. The generation of CPU they will let slide, TPM and Secure boot they will not.
nlinecomputers
Well-Known Member
- Reaction score
- 8,598
- Location
- Midland TX
It never has been good enough. ANY software patch can in theory be bypassed. If you replace it with hardware that doesn't have the issue then it will NOT be one. It is perfectly reasonable for Microsoft to say that those CPUs are too dangerous to use. They don't directly say that because it would cause a market panic but it is obviously been inferred by the Windows 11 specs.
Which is exactly what Microsoft wants you to do. Yet they still allow it. The reason is simple. A segment of the user base WILL NEVER pay for windows. If they can't get the latest version they will pirate it. Because of this Microsoft has permitted Windows 7 users to upgrade for free even when they say they don't allow it. They have allowed Windows 10 insiders to leave the program and keep a copy of Windows even though the EULA for the insider program says it is not allowed. WHY? Because Microsoft would rather give a small amount of Windows copies away than having hackers crack, and break, copies of Windows for pirates to install. Such cracked copies are dangerous to the internet, and being that Microsoft isn't going to get any revenue from them any way they would rather they have safe copies that work rather than hacked copies that might have backdoors in them.
I'm convinced that Windows 11, short of true changes based on hardware, will always run on unsupported systems and will get updates.
Yep. See above. The security issues are real but they are keeping an out so that you can get stuff installed without having to resort to piracy.
From what I've heard, it still needs to meet the "hard" minimum requirements:
1GHz processor
4GB RAM
64GB storage
DirectX 12 graphics
UEFI
Secure Boot
TPM 1.2
EDIT: or maybe just a few of the above minimums. I'm yet to do an install on unsupported hardware.
Last edited:
Well it HAS been good enough in the real world so far!
Unless you can point to a real-world exploit that can only occur on pre-8th gen CPUs?
I think the software & firmware mitigation of these threats has been very successful, and that's why Microsoft isn't naming those threats as justification for their policy decision. I don't think putting words in Microsoft's mouth is an argument that holds up. If those words are so convincing as you believe, them Microsoft would be using them. I'm not buying the whole "censorship to prevent market panic" argument.
sapphirescales
Well-Known Member
- Reaction score
- 3,332
- Location
- At My Computer
My personal rule is 4th gen or newer I'll go with 11. I won't be recommending Windows 11 to clients though for at least another year though. There's no reason to upgrade to it when Windows 10 is still supported for another 4 years. Besides, then if it does turn out to be a good operating system, we can charge them for an upgrade in a few years when Windows 10 loses support.
I've installed Windows 11 on a couple of systems, but only with the big disclaimer that it's a new OS and may cause problems and that if they want to go back to Windows 10, they will be charged for it. I sell refurbs (6th gen or newer) and I'm putting 11 on some of those systems for those clients that insist on having the latest and greatest. So far I've sold 2 refurbs with Windows 11 (one 6th gen and one 10th gen), but I'm recommending Windows 10.
sapphirescales
Well-Known Member
- Reaction score
- 3,332
- Location
- At My Computer
This was Vista. Windows XP could easily run on 64MB of RAM, but Windows Vista needed at least 1,024MB! That's a 16x fold increase! Compare it to Windows 2000, which required 32MB, Windows 98, which required 16MB, and Windows 95, which required 8MB (see a pattern here?), it was a MASSIVE increase and one of the MAIN reasons why Vista was hated so much. But those resources were needed for Vista's heavy UI improvements.
And yes, I know that XP ran like dog sh*t with that little RAM, as did 95, 98, 2000, and Vista. Realistic requirements for a system that didn't want to make you pull your hair out in frustration were about double that, but that's beside the point.
If Windows 11 was an absolutely amazing upgrade with all these new features that needed an 8th gen or newer CPU or it would run like do sh*t then I could understand the minimum requirement. I still wouldn't be happy about it, but at least there would be a real reason for it. This "security" BS doesn't pass the smell test.
Sky-Knight
Well-Known Member
- Reaction score
- 5,637
- Location
- Arizona
@fincoder The OS level patch mitigations of Spectre/Meltdown aren't working, per the people I know that actually work on this junk
meltdownattack.com
The problem here is the way these attacks work, they essentially subvert the entire OS and enable arbitrary code to be executed directly. This leaves no logs! And allows an EXE to live in a space where it will embed itself into either the EFI firmware directly, or one of your attached storage devices.
Once a system is infected, it's near impossible to detect the infection, and near impossible to clear the infection. If you've ever had the pleasure of trying to remove EMOTET from a network, you'll have an idea how annoying this is.
To my knowledge the only thing between this thing being a huge deal and not, is privilege separation. You do need admin on the box you're running the test code on to get it to execute. But once you've gotten it to execute you can bypass any and all sandboxes.
Microsoft's specific guidance is here: https://msrc.microsoft.com/update-guide/en-US/vulnerability/ADV180002
You will note, they ask for software updates AND firmware updates. But there is no firmware to update if you're not on 8th gen or younger. And if there is, did the mainboard vendor turn it into the BIOS update it needed to become?
I'm not sure if older than 8th gen Intel systems can be fixed, what I do know is that according to Microsoft if I'm not running a BIOS that's dated younger than the Meltdown / Spectre security release (Jan 2018), it's not fixed. The most recent BIOS for this 4th gen unit I'm typing on is 2016. Many platforms need a BIOS from 2020.
So I don't know if these older platforms can be fixed, what I do know is it's easy to see that for whatever reason the vendors aren't fixing them.
Intel calls the drop dead date "Self-Service Support Beginning", which is hilarious but you can see this all here: https://www.intel.com/content/www/us/en/support/articles/000022396/processors.html
5th gen is already dropped. The hole between I cannot fully explain is 6th and 7th, because these platforms are still getting microcode updates, and many business grade Dell systems in this category can have TPM 2.0 as well as the microcode. So for these platforms to not be supported there must be another reason. I've heard rumors within the HyperV dev group that 8th gen had some additional instructions available that assisted HyperV. I cannot confirm this, because both the 6th gen and 8th gen Intel chips I've looked up both list Intel® SSE4.1, Intel® SSE4.2, Intel® AVX2 as their instruction sets. So if Microsoft is using something new to build their sandboxes on, it's not immediately clear via Intel ARK pages.
And, let's not forget, that Intel ages ago said you needed at least a first generation iSeries to be compatible with Windows 10. And yet how many of us had or have G Series CPUs still in service? I know I do... there's one on my repair bench!
So will Windows 11 run on this hardware long term? That's up to Microsoft. Will Microsoft say one thing and do another? Oh yes... most certainly. Am I going to be upgrading an older than 8th gen machine to Windows 11 in the future? Probably! Will it be supportable enough to be used in any level of production? That's... the $1,000,000 question. My gut says it will be, but we just don't know right now and I don't care too much about it because the problem is a non-issue until 2024. During that time I'll be working through a huge refresh of equipment anyway. What is possible then? We'll find out.
But for now I have to make decisions based on what Microsoft tells me they're willing to support. In the meantime the new Android native execution features of Windows 11 are already known to not work on older CPUs. Which is funny because Bluestacks works fine! The whole thing needs to cook.
For all we know right now, Microsoft may be making older systems not "upgradable" but usable on "fresh installs" just because they want us all to do a N&P to clear out old crap that's still there from Win7! We haven't a clue... because MS isn't talking.
I'm simply making educated guesses based on Intel's tech, and Microsoft's announced future plans for Windows 11, extrapolated a bit with the new toys Apple has been playing with. There's a trajectory here we can plan for, but it's all at best... precision guesswork, based on incomplete information, with data from a questionable source.
Meltdown and Spectre
The problem here is the way these attacks work, they essentially subvert the entire OS and enable arbitrary code to be executed directly. This leaves no logs! And allows an EXE to live in a space where it will embed itself into either the EFI firmware directly, or one of your attached storage devices.
Once a system is infected, it's near impossible to detect the infection, and near impossible to clear the infection. If you've ever had the pleasure of trying to remove EMOTET from a network, you'll have an idea how annoying this is.
To my knowledge the only thing between this thing being a huge deal and not, is privilege separation. You do need admin on the box you're running the test code on to get it to execute. But once you've gotten it to execute you can bypass any and all sandboxes.
Microsoft's specific guidance is here: https://msrc.microsoft.com/update-guide/en-US/vulnerability/ADV180002
You will note, they ask for software updates AND firmware updates. But there is no firmware to update if you're not on 8th gen or younger. And if there is, did the mainboard vendor turn it into the BIOS update it needed to become?
I'm not sure if older than 8th gen Intel systems can be fixed, what I do know is that according to Microsoft if I'm not running a BIOS that's dated younger than the Meltdown / Spectre security release (Jan 2018), it's not fixed. The most recent BIOS for this 4th gen unit I'm typing on is 2016. Many platforms need a BIOS from 2020.
So I don't know if these older platforms can be fixed, what I do know is it's easy to see that for whatever reason the vendors aren't fixing them.
Intel calls the drop dead date "Self-Service Support Beginning", which is hilarious but you can see this all here: https://www.intel.com/content/www/us/en/support/articles/000022396/processors.html
5th gen is already dropped. The hole between I cannot fully explain is 6th and 7th, because these platforms are still getting microcode updates, and many business grade Dell systems in this category can have TPM 2.0 as well as the microcode. So for these platforms to not be supported there must be another reason. I've heard rumors within the HyperV dev group that 8th gen had some additional instructions available that assisted HyperV. I cannot confirm this, because both the 6th gen and 8th gen Intel chips I've looked up both list Intel® SSE4.1, Intel® SSE4.2, Intel® AVX2 as their instruction sets. So if Microsoft is using something new to build their sandboxes on, it's not immediately clear via Intel ARK pages.
And, let's not forget, that Intel ages ago said you needed at least a first generation iSeries to be compatible with Windows 10. And yet how many of us had or have G Series CPUs still in service? I know I do... there's one on my repair bench!
So will Windows 11 run on this hardware long term? That's up to Microsoft. Will Microsoft say one thing and do another? Oh yes... most certainly. Am I going to be upgrading an older than 8th gen machine to Windows 11 in the future? Probably! Will it be supportable enough to be used in any level of production? That's... the $1,000,000 question. My gut says it will be, but we just don't know right now and I don't care too much about it because the problem is a non-issue until 2024. During that time I'll be working through a huge refresh of equipment anyway. What is possible then? We'll find out.
But for now I have to make decisions based on what Microsoft tells me they're willing to support. In the meantime the new Android native execution features of Windows 11 are already known to not work on older CPUs. Which is funny because Bluestacks works fine! The whole thing needs to cook.
For all we know right now, Microsoft may be making older systems not "upgradable" but usable on "fresh installs" just because they want us all to do a N&P to clear out old crap that's still there from Win7! We haven't a clue... because MS isn't talking.
I'm simply making educated guesses based on Intel's tech, and Microsoft's announced future plans for Windows 11, extrapolated a bit with the new toys Apple has been playing with. There's a trajectory here we can plan for, but it's all at best... precision guesswork, based on incomplete information, with data from a questionable source.
Last edited:
I made an ISO using the MCT wrapper, booted from it and away we went.
Unfortunately still no real-world examples of exploits for me to read.
No that Intel page only lists extreme edition 5000-series CPUs. The mainstream 5th gen CPUs such as the laptop ones aren't on that page.
All my posts in this thread on this issue have suggested that 6th gen and higher should be supported, that would be fair. The fact that we don't know the specific reason indicates the very arbitrary nature of Microsoft's policy.
And yet it seems to be enough for you to rant and criticise others for being ignorant:
"@sapphirescales TPM and upgraded instruction sets in CPUs are not an artificial requirement. There are real security gains, performance gains, and power consumption gains to be had here. Everything you said is nothing but pure unadulterated blather. I'm TIRED of the crypto threat, and you want MS to keep supporting crap that's allowing it to proliferate around longer. Your ignorance is patently painful."
The truth is we're all being kept largely ignorant by Microsoft, and for a company employing the best technical minds and other professionals we can only conclude it's intentional. So such a strident defence of their minimum requirements for Windows 11 is only playing into their hands.
It simply boils down to them saying "because security".
Similar threads
