zamroni111
Posts: 325 +191
You can simply postpone windows feature update for a year using gpedit config.
Keep the tpm 2 enabled.
One survey says Windows 11 adoption hasn't even surpassed Windows XP yet
- Thread starter Daniel Sims
- Start date
Keep the tpm 2 enabled.
zamroni111
Posts: 325 +191
Most people doesn't have critical data???
So those most people doesn't keep file records of their tax forms and bank transaction history?
Why? If you're not using Bitlocker what other benefits does TPM bring to the table? If it was really important you'd think it's be enabled by default, but it isn't...
D
Dd663
Anecdotal, but the only bug I've encountered using Windows 11 is a bug that I also encountered in Windows 10: sometimes maximized windows cover the taskbar when it's set to auto-hide, so that mousing to the bottom of the screen doesn't reveal the taskbar when said maximized window is in focus. I end up having to restart Explorer in the task manager to fix that. But like I said, I encountered the same bug in Windows 10, so it's obviously just an issue that 11 inherited from 10 and not one that was introduced by 11.
I'll also admit that resizing windows by clicking and dragging the corner of them is sometimes finickier than it used to be, thanks to the rounded corners, though I'm not sure if that qualifies as a bug.
What subscriptions and monetization in Windows are you referring to? Buying Windows is a one-time fee, same as it always has been. If you're talking about Office 365, that's separate software unrelated to the Windows OS.
zamroni111
Posts: 325 +191
I use bit locker for internal drive and external backup storage, so regular thiefs can't see the data of I lose the device.
I think all windows users must use it too because your archive tax forms and financial documents are very important private data.
ZedRM
Posts: 1,027 +724
While that is important data and should be kept safe, TPM/SecureBoot/BitLocker is NOT needed to protect such and would be overkill for such a purpose, especially considering the annoyances those "feature" requirements create.
zamroni111
Posts: 325 +191
What kind of annoyance?
They are one time setup and I've using it for years.
Bit locker only needs to be temporary disabled on boot drive for bios upgrade then it will automatically enabled at again after reboot.
Secure boot is needed to be disabled only if you are dual booting
ZedRM
Posts: 1,027 +724
For starters?...
This. Having Secureboot enabled kills dual boot or multi boot possibilities, which for many people who use multiple OS configurations is an INSTANT deal-breaker. It also makes troubleshooting for tech-support professionals very unpleasant and needlessly difficult. The presence of TPM in and of itself is not a huge problem, but forcing it to be used can be for some configurations that require it's explicit absence. It's also a completely artificial hardware requirement.
There are MUCH better, software based methods that Microsoft could have utilized if user security was their only intent. So either have an agenda, were too lazy to implement software security methods or they too incompetent to do the same. Perhaps some combination is at play.
Regardless, Microsoft's mentally lacking scheming is unacceptable and is making what is otherwise a delightful version of Windows into a disaster.
You're talking about a real outlier, you do know that right? How often do thieves bother to take drives? As for your assumption that all Windows users use Bitlocker, it's a real stretch. Should they, yeah maybe. Do they, I'd say the vast majority of users don't even know it exists. Plus you need Pro or enterprise to actually use it. How many non-office users do you think sprung for Pro instead of the cheaper Home version?
zamroni111
Posts: 325 +191
I had hard lesson of lost laptop in 2006.
That's why it's important for me to always encrypt my storage, including external backup drive.
I'm surprised that even some tech fans of tech spot readers doesn't realize the importance of storage encryption.
Microsoft indeed doesn't make setting up bit locker super easy, but it's not in difficult level.
You do know that Bit Locker can be defeated right?
BitLocker encryption can be defeated with trivial Windows authentication bypass
A researcher disclosed a trivial Windows authentication bypass that puts data on BitLocker-encrypted laptops at risk.
www.pcworld.com
There's more examples. I hate to say it, but the problem is if someone has access to your computer and have the skills to actually boot into your account? Yeah, they'll eventually find a way to undo anything you've done to defeat them. It's pretty much a given.
I'm not saying don't encrypt your files if it makes you feel safer. Me I don't keep anything really important on mobile or removeable devices, period. It's too easy to lose a thumb drive or laptop, etc, or have them stolen. But it's one thing for you to make a choice, quite another to suggest it's the only choice.
Fact is M$ has a proven track record of doing things in it's own best interest over those of end users. If I was going to encrypt any files I'd go FOSS over a proprietary system. Like VeraCrypt. https://en.wikipedia.org/wiki/VeraCrypt
Windows Encryption Showdown: VeraCrypt vs Bitlocker
When you really need to keep your files safe and secure, you need encryption. We’ve covered the basics before, and even rounded up your favorite encryption tools, but today we’re putting two of the most popular options for Windows head to head to see which one is the best at keeping your...
lifehacker.com
But to be honest while I use things like malware scanners, I'm well aware that the only really safe computer is one you don't use. And is unplugged, kept in a bank vault... Everything is vulnerable to one extent or another. IMHO relying on hardware/software solutions which can be compromised is a poor second to being security aware of how your actions effect things. Common sense is your best defense as far as I'm concerned.
zamroni111
Posts: 325 +191
The Kerberos authentication vulnerability has been fixed in 2016.You do know that Bit Locker can be defeated right?
BitLocker encryption can be defeated with trivial Windows authentication bypass
A researcher disclosed a trivial Windows authentication bypass that puts data on BitLocker-encrypted laptops at risk.
There's more examples. I hate to say it, but the problem is if someone has access to your computer and have the skills to actually boot into your account? Yeah, they'll eventually find a way to undo anything you've done to defeat them. It's pretty much a given.
I'm not saying don't encrypt your files if it makes you feel safer. Me I don't keep anything really important on mobile or removeable devices, period. It's too easy to lose a thumb drive or laptop, etc, or have them stolen. But it's one thing for you to make a choice, quite another to suggest it's the only choice.
Fact is M$ has a proven track record of doing things in it's own best interest over those of end users. If I was going to encrypt any files I'd go FOSS over a proprietary system. Like VeraCrypt. https://en.wikipedia.org/wiki/VeraCrypt
Windows Encryption Showdown: VeraCrypt vs Bitlocker
When you really need to keep your files safe and secure, you need encryption. We’ve covered the basics before, and even rounded up your favorite encryption tools, but today we’re putting two of the most popular options for Windows head to head to see which one is the best at keeping your...
But to be honest while I use things like malware scanners, I'm well aware that the only really safe computer is one you don't use. And is unplugged, kept in a bank vault... Everything is vulnerable to one extent or another. IMHO relying on hardware/software solutions which can be compromised is a poor second to being security aware of how your actions effect things. Common sense is your best defense as far as I'm concerned.
It will be extreme fool for using system without this patch in 2022.
And the method in isunshare article requires admin access which regular thiefs won't have.
Not only my external storage, I also encrypt my internal storage.
Bit locker had bad reputation but many has been fixed.
it's much secure than not encrypting your storage at all.
Whoossshhh...
Missed my point totally, so I won't continue this discussion any longer.
So long and thanks for all the fish.
I agreed with everything you wrote until I reached this, quite illogical rant: "Microsoft's mentally lacking scheming is unacceptable". I'm only going to tell you this: Corporate Commander is smart, greedy and evil.
Pardon me for sticking my head into your trophy-fishing picture, I just wanted to provide an answer to this existential question: "How many non-office users do you think sprung for Pro instead of the cheaper Home version?". The answer is: all of us who are not noobs.
Fox God Records
Posts: 99 +90
I have said it before:
The TPM 2.0 requirement has NOTHING to do with security and EVERYTHING to do with DRM.
zamroni111
Posts: 325 +191
Because tpm 1.2 spec only requires sha1, which is already broken since 2005, while sha 256 wasn't mandatory
ZedRM
Posts: 1,027 +724
How is that illogical?
This explains nothing and only supports my position.
Similar threads
Latest posts
-
FCC commissioner calls on Google and Apple to ban TikTok from their app stores- Sam Ferguson replied
-
How to Save PDF Pages as JPG Images in Windows and macOS
- Sam Ferguson replied
-
Need help with no internet problem- Kshipper replied
-
Sony Inzone M9 Review: 4K HDR Gaming
- Sam Ferguson replied
