Shut Out of Windows 11: TPM Requirement Excludes Many PCs

[Admin]

With new system requirements, including strict support for TPM, Windows 11 just won’t run on some computers that comfortably run Windows 10.

Shut Out of Windows 11: TPM Requirement Excludes Many PCs : Read more

 

[LolaGT]

I won't have it, with my newest upgrade hardware that is still in the box under my desk, that would need the module, which I am sure not going to hunt down and buy.
For those who aren't going to do well hunting through the bios to see if they have the option when the time comes(the average PC user), they aren't going to be able to do anything but sit and stew in confusion and anger, especially if they find their perfectly fine running PC can't install win11 no matter what. .
It will not be happy PR time for MS.
For the rest of us we will have little trouble getting linux up and running and while it might take a short adjustment period, we won't be looking back at MS again, ever.
Of course, this possible reality deadline is four years away, and MS might change their tune between now and then if they want people on win11 very bad.

 

[t.kolson]

"Microsoft’s list of compatible CPUs leaves out any Intel processor that is older than 8th Gen Core and any AMD CPU older than Ryzen 2000 series (first gen Ryzen is not on the list). However, a Microsoft spokesperson said that these CPUs were listed because they have TPM"

not only the Ryzen 1800x/1600x/...but also the Ryzen 2400G/2200G aren't on the list. Why? and more important most x370 motherboards have the fTPM option to enable TPM, so I think even the first gen Ryzen have fTPM integrated. So why they are excluded from the list?

 

[Co BIY]

If the support plan for Windows 10 goes out to 2025 then I don't see the pressure to upgrade as effecting me. What will I lose ?

At some point to effectively integrate new tech they have to break compatibility especially with security hardware.

 

[PapaCrazy]

This reminds me of the Orwellian T2 chip in Macs. The PC space become more alienating to me by the day. How will this affect builders? Do I lose access to my own installation or data if something goes wrong with the TPM module? Like Macs do?

 

[Deleted member 431422]

I don't see why I would need TPM. In a corporate environment it makes sense for security reasons.
I ask myslef, why do I need those sophisticated security methods at all, is the modern hardware and especially software still mine or am I licensing it. It's the matter of time when they tell you what you can or cannot do with your PC... Oh, wait. Too late...

I postponed changing to Ubuntu, but I just got a new incentive why I should.

 

[InvalidError]

Having drive encryption tied to firmware keys locked inside the motherboard's BIOS sounds problematic to me since it means that a motherboard failure effectively destroys your encrypted data unless there are methods to backup and restore keys.

 

[t.kolson]

At some point to effectively integrate new tech they have to break compatibility especially with security hardware.

However they are doing something different here, apart from the fact that I doubt that requiring the compulsorily active TPM will bring real benefits from the point of view of security, this as always we will see in future. Seems more like that through a move (more or less unexpected), an attemp, "to cut away" as many systems they can to push even more hardware market demand. Of course they confirmed support for WIndows 10 until 2025, and they could not do otherwise...with the shortage / scalping and so on that there is at the moment if the support had not been confirmed a disaster would happen.

Also there are other problems with TPM too and also as I have reported in other news, systems less than one year old have to be "dropped" if thing will remains as are now, due to the misbehavior of the manufacturers, as you can read here if you want to delve into the thing.

 

[Loadedaxe]

I think everyone is blowing this out of proportion. Remember, MS wants everyone using One Drive, so with that you will never lose any data, and if you have to replace your mb or drive your files will be backed up to the cloud. Same thing macOS does. I think its a shock to those who are used to having the freedom MS created and now has taken away. If you sit down and really think about it, asking MS to support PCs 10+ years old or even older is asking much. Especially with free upgrades. Security is a topic that is hit or miss, some dont care for it, others want it without having to do much to get it. this solves that issue, just like Apple did. Its a transition, but it has to start somewhere.

Aaaaand if you don't want to do it, you don't have to for 4 more years. Bitch in 4 years if you have a PC that still does not run W11, if you do....meh it is what it is, maybe MS is not the problem. MS is not required to cater to everyone, just like Apple doesnt.

 

[kal326]

Having drive encryption tied to firmware keys locked inside the motherboard's BIOS sounds problematic to me since it means that a motherboard failure effectively destroys your encrypted data unless there are methods to backup and restore keys.

Bit locker recommends storing backup keys remotely and can tie them to a Microsoft account for recovery. You can do something like print them off and store them in a fire safe or safety deposit box if you don’t want them tied to a MS account.

 

[USAFRet]

Bit locker recommends storing backup keys remotely and can tie them to a Microsoft account for recovery. You can do something like print them off and store them in a fire safe or safety deposit box if you don’t want them tied to a MS account.

Not even considering BitLocker recovery keys, how many people do actual data backups NOW?

Require BitLocker in a home environment, and there will be many many tears.

Previous to yesterday, almost every single question here about BitLocker was in relation to - "I lost/don't have the BL key How do I recover my data?"

 

[rseiler]

The whole soft/hard floor thing has been stripped from the article.

Oceania had always been at war with Eastasia.

 

[Findecanor]

I don't see why I would need TPM.

Security solutions for doing banking, doing taxes, accessing medical records etc. would require a TPM.
Although most current solutions that most people use have their TPM instead in an external device such as a "smart card" with reader or a smartphone.

 

[Alvar "Miles" Udell]

Don't forget that since first gen AMD Ryzen motherboards support Ryzen 2000 and 3000 CPUs as well, just because you have a Ryzen 3000 series CPU the motherboard doesn't support TPM 2.0 via CPU...Stupid Microsoft...

 

[t.kolson]

In case you intended to reply to my message, they may have used the motherboard with the chipset they wanted for that product, but since they presented it on the market in 2020 they were bound to insert the support to TPM, otherwise they could not sell the mini pc as "compatible windows 10" (it was no longer possible after 2016 according to microsoft statement (page 33): https://download.microsoft.com/download/c/1/5/c150e1ca-4a55-4a7e-94c5-bfc8c2e785c5/Windows 10 Minimum Hardware Requirements.pdf)

Instead as a general consideration, most x370 first gen AMD Ryzen motherboards have the fTPM option in the BIOS before being later compatible with Ryzen 2000 or 3000. Nobody activated TPM (and Microsoft know this...) so there aren't much reports about this, but the function is on the BIOS. Another reason why I don't understand the exclusion for example of Ryzen first gen 1800x/1700x/1600x from the list. x370 boards (I don't know about b350) should have the option to enable fTPM.

Example from the manual of the Gigabyte x370 gaming K7 (date march 2017 - page 31) section 2-5: "AMD "CPU fTPM Enables or disables the TPM 2.0 function integrated in the AMD CPU. (Default: Enable)"

They are joking with us with the list...and this TPM requirement

I think we need someone that can "talk" to microsoft and ask some informations.

 

[hotaru251]

MS is so high on their horse when they THINK they know what the users NEED.

If someone NEEDED TPM....they would HAVE it.

90% of users do not NEED that.


MS thought we NEEDED WIN8's changes....how did that turn out? reverting many in 8.1 and 10.

Honestly I really wish software devs would make Linux the primary focus instead of mac/win.

Really getting annoyed at MS lately

 

[Deleted member 2783327]

Wow! I guess they really don't want people to adopt W11.

I have Z370, Z390, Z590 and X299 motherboards. Neither ASRock nor MSI specify what version TPM is supported on their motherboards.

Right now there is a shortage of components. That will probably last until next year at least. To make it worse there are no components locally that have escaped the "At least doubling in price" that's been going on for the last 16 months. And even if I could get parts, TPMs are rare as hens teeth here. Retailers I checked either don't carry v2.0 TPMs, or advetrise them as discontinued. One place I found actually says they will sell me one, with no specs on compatibility, but it's a special order from the manufacturer because the local distributor does stock them. That's quite common in Australia.

Ah, but don't stress. There is absolutely nothing from what I have seen in W11 that would make me want to upgrade anyway. I'm running 1809 LTSC. There has been nothing since then that would encourage me to upgrade either. It's the same flawed OS with a new coat of paint.

At this point I'm wondering why I even upgraded from Windows 7. It was stable and just worked. Windows 10 has been 5 years of bugs, frustration, instability and crashes and loss of control of our own hardware.

I used to be able to refresh two PCs completely every year for A$2000. Now it costs more than that just to do one. This W11 update is a push to sell more hardware, in a time when hardware is hard to get and super expensive.

Shame on you Microsoft - again!!!

 

[ezst036]

For the rest of us we will have little trouble getting linux up and running and while it might take a short adjustment period, we won't be looking back at MS again, ever.

I think that the hard requirement for Windows 11 will be softened by release time. Otherwise this will be quite a boon for the size of the Linux user base.

Microsoft might be able to cajole people with 6 or 7 year old hardware but they're pushing into 3 years with this, and aren't even some Ryzens thrown overboard here?

This is Apple-levels of arrogance from them. Microsoft's user base isn't used to this level of strong-arming and often avoid Apple for this very kind of thing.

My vote is that Microsoft will bend.

 

[valreesio]

MS is so high on their horse when they THINK they know what the users NEED.

If someone NEEDED TPM....they would HAVE it.

90% of users do not NEED that.

Some statistics say that 50% of people do not use antivirus in the US. The average PC user has no idea what they need or want, especially when it comes to security.

 

[InvalidError]

TPMs are rare as hens teeth here.

I'd suspect the lack of TPM 2.0 modules on the aftermarket market is mainly due to consumers generally having no need for it until now. The chips themselves (ex.:
ATTPM20P) cost $3, all you need is someone who will put them on a PCB with the proper connector if you don't want to do that yourself.

Once demand for TPM 2.0 goes mainstream for people with older PCs that have the necessary header, you'll probably see modules going for $10-15.

 

[Diceman_2037]

Heres the thing.

Windows 11 itself does not require TPM to function, it doesn't need secureboot or UEFI either - how is this known? through the fact it installs and runs on non EFI virtual machines.

The requirements for these is a soft- block in the preinstallation checks, patch the checks and windows 11 will run just fine on a Core 2 Duo (as SSE 4.1 is the min requirement)

 

[BFG-9000]

Windows 10 grew this fast because there was absolutely no reason not to upgrade. It works on every PC that runs Windows 7 or 8

This statement from the article is laughably false. Need some examples?

Windows 7 did not even require SSE2 so worked on a Pentium II or AMD K6 (Socket 7!), at least until the 32-bit updates after March 2018 started requiring that.

Windows 8 started requiring XD/NX bit, excluding most Pentium 4s or AMD K7 (Slot A or Socket A)

64-bit Windows 8.1 started requiring CMPXCHG16b + PREFETCHh/PrefetchW and LAHF/SAHF so most Socket 754 and 939 AMD K8 A64 had to downgrade to 32-bit in order to go from 64-bit Win8 to Win 8.1 or Win 10

I assure you that Windows 10 certainly does not work on Slot 1, Socket 370 or Socket 7 CPUs like Windows 7 did. 32-bit Windows 10 does seem to work on anything that would run Windows 8



Remember folks we've gone down this road before--Microsoft announced a TPM 2.0 module would be required for Windows 8.1 certification too, only to backpedal after public backlash to such a stupid idea.

 

[t.kolson]

and aren't even some Ryzens thrown overboard here?

sure at the moment if we consider the windows 11 CPU list ALL year 2017 ryzen first gen 1800x/1700x/1600x and so on, ALL threadripper 1950x/1920x and so on of the same year, ALL mid-2018 year Ryzen 2000 APU (for example the 2400G/2200G) so it's not correct also to say the ryzen 2000 are supported, because it has to take into account the difference between "name" and type of core "Zen, Zen+, Zen 2, etc." on ryzen family.

Then there are the extreme "cases" like mine, new 2020 barebone system with embeded Ryzen 3200U CPU(year 2019), where even if the CPU is in the list, can't pass the check because it's possible to activate only Secure Boot but impossible to activate fTPM due to lack of function in BIOS and also naturally impossible to install anything on the motherboard because it is a mini pc barebone system without additional connectors. I'm sure that in the following weeks there will be reports of many others in similar situations with mini pc and small laptop where there isn't the function to enable the TPM even if it is included on the the CPU and even if the products are of recent introduction into the market (mine is from 2020).
It's always like this with prebuild or semi-prebuild pc, you always have "limited" BIOS and you know before, if you need an update or support you are in big troubles. They leave you without any.

Unfortunately since it was not possible to be informed well in advance of this" TPM operation", it was not possible to make conscious choices for the future, since in any case the TPM was hardly activated (till now I don't need it) and also among other things in my product unfortunately it was removed at a later time through a BIOS update. As often happens old bios revisions are not available, but I suppose that probably TPM function even if listed on the BIOS was bugged from the start and only inserted for compliance with Microsoft win10 "updated" requisite. What are they able to do to steal some extra money from you...so an even extreme situation.

 

[t.kolson]

Windows 11 itself does not require TPM to function, it doesn't need secureboot or UEFI either - how is this known? through the fact it installs and runs on non EFI virtual machines.

The requirements for these is a soft- block in the preinstallation checks, patch the checks and windows 11 will run just fine on a Core 2 Duo (as SSE 4.1 is the min requirement)

The problem is that we don't have the final version, only the "usual" leaked version, knowingly circulated to evaluate public reactions before the launch of the final version. It will be necessary to wait to see if the possibility of bypassing these requirements will be left even in the final version. The possibility of disabling it as a design choice must have been considered if activated and present once the OS is installed, otherwise it will creep everywhere from installing drivers to managing credentials,licenses, etc. Since the purpose of this requirement is certainly not greater security but it is clearly something different I am not very confident, but I could also be wrong, indeed I hope so at this point...

 

[Colif]

Problem with the files swapping is its a grey area I prefer to avoid... and Windows 11 version updates and simply running SFC /scannow will likely replace any changes made by user. To run without tpm in that fashion means having to always check the files are still there after every win 11 update. Sounds like too much work to me.