• Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.

Windows 11: The Best Windows Ever for Gaming - Xbox Wire

Topher

Gold Member
My guess is after the SolarWinds hack they are tired of firmware hacks and want to put in some encryption/safety standards.

That was a supply chain attack where hackers were able to access the source code of Solar Winds and insert malicious code directly into the builds. How is this related to that?
 
Last edited:

elliot5

Member
That was a supply chain attack where hackers were able to access the source code of Solar Winds and insert malicious code directly into the builds. How is this related to that?
It might not be directly related, but a high profile attack like that with Microsoft's brand linked to it surely shook some priorities up a the consumer level.

Why Windows 11 is forcing everyone to use TPM chips - The Verge

"Microsoft has been warning for months that firmware attacks are on the rise. “Our own Security Signals report found that 83 percent of businesses experienced a firmware attack, and only 29 percent are allocating resources to protect this critical layer,” says Weston.

That 83 percent figure seems huge, but when you consider the various phishing, ransomware, supply chain, and IoT vulnerabilities that exist, the broad range of attacks becomes a lot clearer. Ransomware attacks hit the headlines weekly, and ransomware funds more ransomware so it’s a difficult problem to solve. TPMs will certainly help with certain attacks, but Microsoft is banking on a combination of modern CPUs, Secure Boot, and its set of virtualization protections to really make a dent in ransomware.

Microsoft is trying to play its part, particularly as Windows is the platform that’s often most affected by these attacks. It’s widely used by businesses worldwide, and there are more than 1.3 billion Windows 10 machines in use today. Microsoft software has been at the core of devastating attacks that made global headlines, like the Russia-linked SolarWinds hack and the Hafnium hacks on Microsoft Exchange Server. And while the company isn’t responsible for forcing its clients to keep its software patched, it’s trying to be more proactive about protection."
 

Hoddi

Member
^ I think that's largely The Verge just offering their own take on it. I don't think the TPM would do much to protect against most of those attacks or at least not for home users.

It makes perfect sense to enforce TPM for enterprise users because the keys can be stored in Active Directory. But home users don't really get that security. If you lose your BitLocker password then that's pretty much it.
 
Last edited:

Topher

Gold Member
It might not be directly related, but a high profile attack like that with Microsoft's brand linked to it surely shook some priorities up a the consumer level.

Why Windows 11 is forcing everyone to use TPM chips - The Verge

"Microsoft has been warning for months that firmware attacks are on the rise. “Our own Security Signals report found that 83 percent of businesses experienced a firmware attack, and only 29 percent are allocating resources to protect this critical layer,” says Weston.

That 83 percent figure seems huge, but when you consider the various phishing, ransomware, supply chain, and IoT vulnerabilities that exist, the broad range of attacks becomes a lot clearer. Ransomware attacks hit the headlines weekly, and ransomware funds more ransomware so it’s a difficult problem to solve. TPMs will certainly help with certain attacks, but Microsoft is banking on a combination of modern CPUs, Secure Boot, and its set of virtualization protections to really make a dent in ransomware.

Microsoft is trying to play its part, particularly as Windows is the platform that’s often most affected by these attacks. It’s widely used by businesses worldwide, and there are more than 1.3 billion Windows 10 machines in use today. Microsoft software has been at the core of devastating attacks that made global headlines, like the Russia-linked SolarWinds hack and the Hafnium hacks on Microsoft Exchange Server. And while the company isn’t responsible for forcing its clients to keep its software patched, it’s trying to be more proactive about protection."

I follow. I did read where Office 365 commercial accounts were involved as well so security is definitely a focus. That's a good thing.
 
Last edited:

Hoddi

Member
I follow. I did read where Office 365 commercial accounts were involved as well so security is definitely a focus. That's a good thing.

These are all good questions but I'm not sure that TPM would do much to protect against those attacks. Once you've booted into Windows then the TPM doesn't really do all that much because it's mostly about boot security and disk encryption. Phishing attacks/ransomware/malware aren't really things that it can prevent as far as I know.

Edit:

On a side note, the reason I mentioned this in the first place was because there are some rather strong hints that DirectStorage games might end up being shipped as virtual disk images similar to Xbox games running on Hyper-V. Enforcing TPM means that Microsoft now has its best chance in decades to prevent game piracy on Windows because they wouldn't be running them on the traditional file system but a VMDK that they can also enforce encryption on. How they would solve DirectStorage on a traditional FS has always been the biggest question since they announced it and a virtual disk seems to be the most obvious solution.

I could also just be completely off my rocker. But I don't think this is an impossible reason for enforcing TPM.
 
Last edited:

Topher

Gold Member
These are all good questions but I'm not sure that TPM would do much to protect against those attacks. Once you've booted into Windows then the TPM doesn't really do all that much because it's mostly about boot security and disk encryption. Phishing attacks/ransomware/malware aren't really things that it can prevent as far as I know.

I read where the attackers were able to forge SAML tokens from Office 365. I really don't know much about TPM, but as a developer I have had to use SAML and it makes me wonder if, somehow, these tokens could be encrypted using TPM and thereby tying your Office 365 login to the device. Then the question becomes how does that work when accessing Office 365 from multiple devices. Perhaps it ties into multi-factor authentication?

Like I said, not my area of expertise.
 
Last edited:

Hoddi

Member
I read where the attackers were able to forge SAML tokens from Office 365. I really don't know much about TPM, but as a developer I have had to use SAML and it makes me wonder if, somehow, these tokens could be encrypted using TPM and thereby tying your Office 365 login to the device. Then the question becomes how does that work when accessing Office 365 from multiple devices. Perhaps it ties into multi-factor authentication?

Like I said, not my area of expertise.

Yer, I really don't want to go on a limb here. But I've never heard of the Office client interfacing with TPM and I think we can safely rule out the web app. Beyond that, I just don't know.

Either way, these would be far more targeted attacks than the average home user would ever see. I don't really think these are the reasons for enforcing TPM, in any case. I also edited my post above in case you missed it.
 
Last edited:

Topher

Gold Member
Yer, I really don't want to go on a limb here. But I've never heard of the Office client interfacing with TPM and I think we can safely rule out the web app. Beyond that, I just don't know.

Either way, these would be far more targeted attacks than the average home user would ever see. I don't really think these are the reasons for enforcing TPM, in any case. I also edited my post above in case you missed it.

No, I'm talking about the SAML token itself, not the web app directly. Doesn't matter. I'm just theorizing. Either way, yeah, this seems extreme for home use.
 

Shubh_C63

Member
MS has found a way to push App Store through GamePass.
Now it makes sense the sudden fund infuse in GP because its worth it in the long run.
 

Topher

Gold Member
Yer, I really don't want to go on a limb here. But I've never heard of the Office client interfacing with TPM and I think we can safely rule out the web app. Beyond that, I just don't know.

Either way, these would be far more targeted attacks than the average home user would ever see. I don't really think these are the reasons for enforcing TPM, in any case. I also edited my post above in case you missed it.


Just ran across this article from windows central. This kind of jives with what I was speculating previously.

"All certified Windows 11 systems will come with a TPM 2.0 chip to help ensure customers benefit from security backed by a hardware root-of-trust," explains Weston.

TPM is a chip that's integrated into a motherboard on a PC or added to a CPU. It helps protect sensitive data, user credentials, and encryption keys. It helps protect PCs from malware and ransomware attacks, which are becoming more common.

Specifically, TPM 2.0 is a "critical building block for providing security with Windows Hello and BitLocker to help customers better protect their identities and data," as explained by Weston.

 

tommib

Member
May be best for gaming, still sucks at everything else. Never ever again will I buy anything with android or windows on it.
Bro fist. I've turned my back on everything Windows in 2008 after decades of Stockholm Syndrome. How liberating it was to realize that OSs can work without driving you insane with hourly issues.
 
I'm not really a conspiracy nut but this shit is getting weirder and weirder. I do know my Government warned internally against using TPM back when it was supposed to be a requirement for Win8 cause NSA helped create it and where pushing hard for it's adoption

https://www.businessinsider.com/lea...es-not-to-use-windows-8--links-the-nsa-2013-8

It was also in the snowden leaks from what i remember CIA allrdy has fully functional backdoors for it they are just waiting for it to become a widespread standard.
China forbids the use of TPM and has it's own standard TCM they control btw they also know what's up. It's also banned in Russia and any chip used there has to be validated by the FSB.

It's kinda funny ppl rush out to enable some anti consumer BS like TPM and even allrdy order chips for their MBs.

There is absolutely no reason to require this for the average user not using Bitlocker or something like that. Unless you want to convert the PC platform in to a walled garden you control and force DRM or surveillance on your user base of course and it's not like this is the first time MS has tried something like this either. PC is somewhat of a last bastion in this regard so a push like this is not too surprising.

As far as i'm concerned they can keep this crap well not that my 7th gen Intel is even supported as of now but still i will just stick to win 10 or Linux even if i get a new one.
 
Last edited:
May be best for gaming, still sucks at everything else. Never ever again will I buy anything with android or windows on it.
you'll find it hard to avoid google or microsoft products. it looks like an Apple/Linux future for you. nothing against Apple i like their products but fuck Linux. hey it's your choice not mine lol
 
I'm not really a conspiracy nut but this shit is getting weirder and weirder. I do know my Government warned internally against using TPM back when it was supposed to be a requirement for Win8 cause NSA helped create it and where pushing hard for it's adoption

https://www.businessinsider.com/lea...es-not-to-use-windows-8--links-the-nsa-2013-8

It was also in the snowden leaks from what i remember CIA allrdy has fully functional backdoors for it they are just waiting for it to become a widespread standard.
China forbids the use of TPM and has it's own standard TCM they control btw they also know what's up. It's also banned in Russia and any chip used there has to be validated by the FSB.

It's kinda funny ppl rush out to enable some anti consumer BS like TPM and even allrdy order chips for their MBs.

There is absolutely no reason to require this for the average user not using Bitlocker or something like that. Unless you want to convert the PC platform in to a walled garden you control and force DRM or surveillance on your user base of course and it's not like this is the first time MS has tried something like this either. PC is somewhat of a last bastion in this regard so a push like this is not too surprising.

As far as i'm concerned they can keep this crap well not that my 7th gen Intel is even supported as of now but still i will just stick to win 10 or Linux even if i get a new one.
In my case it's personal, if it's no longer an open platform for using unprepriority softwares then I'll switch to Linux cause what's the point of having a pc to begin with, prepriority softwares are so generic and doesn’t make pcs look special.
 
Bro fist. I've turned my back on everything Windows in 2008 after decades of Stockholm Syndrome. How liberating it was to realize that OSs can work without driving you insane with hourly issues
True that. Turned my PC back on after a few months of working exclusively with apple, it was a nightmare. Hundreds of pop-ins, microsoft account had issues, it needed to update three times, took me like an hour and many, many, many tempertantrums to scan a document with my printer.
 
i have the amd ftmp on the pc,not ready,wtf!?!?

I had to set my PC to firmware TPM instead of discrete, and that solved it for me.

My setup is as below right now.

Asus ROG STRIX 570e Gaming Motherboard
64GB of Corsair Vengeance RGB PRO DDR4 3600
Ryzen 7 3800X
Corsair Force MP600 PCI-Express 4.0 SSD (up to 4,950MB/s raw read - actually ends up going well beyond in actual usage)
RX 580 (Still waiting for the right replacement as it's the only shrimp in my setup)
 
Last edited:
Fun times ahead for all those out there with grandmas and whatnot. Across my relatively small, when compared to the rest of the world, corporate user base, TPM absolutely fails far more often than you would like. Now, this only causes issues due to Bitlocker really, and home users are unlikely to use that at all, but putting on my cynical Microsoft hat, I feel like all it would take is a shiny button that Microsoft has that says "Protect your sensitive data!" or perhaps a slight tweak to the install process that requires unchecking instead of checking a box that will set up Bitlocker for you.
 

Excess

Member
Why do I have the feeling that Microsoft will walk this back as they usually do and make TPM a requirement only of the "Pro" version?
 

kruis

Exposing the sinister cartel of retailers who allow companies to pay for advertising space.
DirectStorage DOA?



If Windows 11 is really going to require a gen 8 Intel Core processor, a LOT of PC gamers can't upgrade to the new Microsoft OS. This will split the current Windows 10 user base in two, because a large percentage of PC gamers have CPUs that don't meet this new minimum CPU requirement. That goes for me too. My eight core Core i7 6900K CPU is 5 years old, but not enough to run Windows 11. This is confirmed by the updated PC Health Check released by MS.
 

amigastar

Member
DirectStorage DOA?



If Windows 11 is really going to require a gen 8 Intel Core processor, a LOT of PC gamers can't upgrade to the new Microsoft OS. This will split the current Windows 10 user base in two, because a large percentage of PC gamers have CPUs that don't meet this new minimum CPU requirement. That goes for me too. My eight core Core i7 6900K CPU is 5 years old, but not enough to run Windows 11. This is confirmed by the updated PC Health Check released by MS.

Really, your i7 6900k doesn't work? I mean i understand my i7 2600k doesn't work but cmon.
 

kruis

Exposing the sinister cartel of retailers who allow companies to pay for advertising space.
Really, your i7 6900k doesn't work? I mean i understand my i7 2600k doesn't work but cmon.

Nope. I've got a beefy system that can easily run any game I throw at it (eight-core Core i7 @ 4 Ghz, 32 GB RAM, multiple SSD/NVME drives,Nvidia RTX 3080). But it can't run Windows 11 because the processor isn't supported, because it's a gen 6 CPU from 2016. Really, this is a much bigger deal than TPM. If your motherboard has a TPM header, you can make your current PC Windows 11 compatible for $20. But if you need to upgrade your CPU, this means buying a complete new system (CPU, motherboard, RAM, cooler) if you want to upgrade.
 
Last edited:
The Windows health check said my CPU isn't supported for windows 11. It's too old. :(
I've got the funds to make a powerful PC but my Get up and Go just got up and Went.
Nothing about the current tech is exciting.
Phones, lights, motorcars not a single luxury out there has me wanting to leave my island.
 

Kdad

Member
My 1.5 year old computer wont even support Win11 based on their PC HealthCheck....
When mine gets creaky enough it''ll be time to investigate OS alternatives
 
????

Flight Simulator streams most of the world from a cloud server... how should direct storage benefit a game that loads it's assets mostly from a server?
Then why it's underperforming on PCs ? , it's the cpu without a doubt , the cpu functions with other pc components simultaneously , you can't separate them to describe each components functionality , it's like asking for the need to have extra cpu cores to run games better.
 
Last edited:

Topher

Gold Member
Windows is the best for everything, android is light years better than apple.

Meh.....better is subjective. I use PC for gaming and I have a MacBook for general use. Android is great in the absolute freedom it brings to table, but Apple devices have much better integration. Apple Watch, iPhone, and Mac working like parts of one cohesive unit is very impressive.
 

01011001

Banned
Then why it's underperforming on PCs ? , it's the cpu without a doubt , the cpu functions with other pc components simultaneously , you can't separate them to describe each components functionality , it's like asking for the need to have extra cpu cores to run games better.

why would it have performance issues if it wasn't streaming the map over the cloud? the reason they do it is because the world map is 2 petabytes in size, so it's impossible to have it installed locally.

the CPU still needs to do all the physics calculations and the GPU still has to draw all the graphics
that's why it is demanding, because these 2 things are demanding...
 
Meh.....better is subjective. I use PC for gaming and I have a MacBook for general use. Android is great in the absolute freedom it brings to table, but Apple devices have much better integration. Apple Watch, iPhone, and Mac working like parts of one cohesive unit is very impressive.
Whereas if you want the same integration on PC/android, it‘s possible, but you‘ll probably need 4 apps, 5 accounts and cookies activated for everything. And then dozens of updates every 2 months to just have it to work properly. I hate it so much since I‘ve switched to apple last year.
 

Topher

Gold Member
Whereas if you want the same integration on PC/android, it‘s possible, but you‘ll probably need 4 apps, 5 accounts and cookies activated for everything. And then dozens of updates every 2 months to just have it to work properly. I hate it so much since I‘ve switched to apple last year.

Yeah, I tried going all-in with Samsung last year with the partnership between them and Microsoft. Had Note 10+ and then Note 20 Ultra. Also bought Samsung Galaxy Watch Active 2 and then Galaxy Watch 3. On their own, they are great devices. I really like Samsung's products, but Apple takes device integration to another level. But that makes sense when you have multiple devices made by the same company designed to work together.

I was surprised there wasn't anything new said about advances in this aspect with Windows 11. I guess running Android apps in Windows is about as close as they are going to get.
 

reksveks

Member
I was surprised there wasn't anything new said about advances in this aspect with Windows 11. I guess running Android apps in Windows is about as close as they are going to get.
There is apparently something weird about being able to use the teams app to send messages via sms but yeah, i would hope to see some updates to the 'Your Phone' app.
 

01011001

Banned
Just found out no 1st-gen Ryzen support. I've been deprecated.

no guaranteed Zen 1 support. they have so called "soft" minimal specs and "hard" minimal specs.
the hard minimal specs are a 1ghz Dual core CPU, DX12 GPU and I think 4GB of ram.

the soft requirements are usually only the ones that are guaranteed by MS to work
 

Excess

Member
DirectStorage DOA?



If Windows 11 is really going to require a gen 8 Intel Core processor, a LOT of PC gamers can't upgrade to the new Microsoft OS. This will split the current Windows 10 user base in two, because a large percentage of PC gamers have CPUs that don't meet this new minimum CPU requirement. That goes for me too. My eight core Core i7 6900K CPU is 5 years old, but not enough to run Windows 11. This is confirmed by the updated PC Health Check released by MS.

You can buy a module. I bought one for my Z170 board a few years back because I'm a paranoid fuck and like to use Bitlocker.
 
why would it have performance issues if it wasn't streaming the map over the cloud? the reason they do it is because the world map is 2 petabytes in size, so it's impossible to have it installed locally.

the CPU still needs to do all the physics calculations and the GPU still has to draw all the graphics
that's why it is demanding, because these 2 things are demanding...
why would it have performance issues if it wasn't streaming the map over the cloud? the reason they do it is because the world map is 2 petabytes in size, so it's impossible to have it installed locally.

the CPU still needs to do all the physics calculations and the GPU still has to draw all the graphics
that's why it is demanding, because these 2 things are demanding...
why would it have performance issues if it wasn't streaming the map over the cloud? the reason they do it is because the world map is 2 petabytes in size, so it's impossible to have it installed locally.

the CPU still needs to do all the physics calculations and the GPU still has to draw all the graphics
that's why it is demanding, because these 2 things are demanding...
Directstorage deals with memory allocation, the 2 pb you mentioned isn't a giant single piece of data, it should be multiple smaller chunk of them to fit the location where you fly your jet , it's much more complicated to explain briefly, I recommend watching mark cerny presentation explaining the memory allocation differences with the pcie ssd.
 
Top Bottom