Why aren't environmentalists screaming about Microsoft sending a jillion PC's to the landfills because of their rendering most PC's unable to run Windows 11? That's the real crime.
many people are saying tpm is also a means to block other OS like Linux , from being installed on a separate hd, is that a realistic thing, to see it like that? Or how about upgrading hardware?
It makes more sense that TPM 2.0 is a nonsensical requirement for a private user but enterprises, in fact, require the additional layer of security for the very purpose you mentioned. Microsoft most likely wants to push standardization of TPM 2.0 across all devices in order to streamline security updates on that deep level. This is what I deducted from your video. Thanks, I don't mind just by-passing TPM for myself but I am scared one day I won't be able to boot my OS because I have an Intel 7th generation CPU and I do like the new Windows 11 layout.
Thank you for this great video on TPM. Yeah, I need newer CPU's and TPM to pass the "does it work" Win 11 test program. So being just a home user, is this really necessary? As you say in video, probably not. So Win 10 is my last system unless they downgrade requirements for home users or should all my computers crash and burn. And No, i dont want to go to Linux.
@@Marcelg13 Thanks for your information. I havent been following the Win 11 videos for a while so dont know what the new updates and talk about it are. Still will keep Win 10. take care.
I switched from macOS with Windows 11 after trying out the Surface Laptop 4 having Windows Hello is absolutely incredible. It’s a robust system and much more than I would I ever need.
There are already some good registry hacks to bypass those "requirements". I mean of course using no TPM is less secure, but the alternative if Windows 11 denies the installation for many users would be to stick with Windows 10 even if support ends like we have seen with Win 7.
I haven't yet understood, why my PC is not win 11 capable. I have the i7 7700HQ. it has a TPM2. should be smooth sailing, right? no, doesn't work. the i7 7820HQ is supported. difference? 100MHz more clock speed. I haven't yet found an answer why these 100MHz difference is so important.
I don't understand. I HAVE Windows 11 on a new computer. I see I do not have TPM 2.0 How is that possible and is this problematic? Will I be able to update Windows 11 as we go along and there are updates? Or am I stuck with whatever version I have at this point? Does this matter.
@@christianlempa It is brand new. I bought it new from Dell last December 2021 with Windows 11. But, Dell tells me it does not have it. I just don't understand.
i was looking into upgrading to windows 11 but my computer is not tpm 2.0 compliant and is like 4 years to old so i wont be getting windows 11 but no loss.i just think that it should be an option like the video said.
Personally they clustered this launch. What they need to do, is allow the upgrade and put a disclaimer if it doesn’t meet all their requirements such xyz won’t work. This is an OEM back scratch and it’s going down disastrously. Apple shifting from Intel still has support for the Intel procs. I’d bet more people would get annoyed and not upgrade because they just bought their computers and/or shifting to Linux or more likely Apple. Lastly the international version (for less affluent markets) don’t have these requirements.
Oh, don’t they have an ARM version? What kills me is that they lifted the requirements for the insider and you’re going to tell me at launch that they’ll not support those where people had no issues with the beta?
@@christianlempa I suspected as much but No one seems to be actively talking about why MS switched their initial requirements from m1.2 to 2.0. I think TPM should be a requirement for the pro and enterprise only. I am already having issues with Windows and SAMBA connecting to my Linux servers because it can't validate the login on Linux unless the id on the windows client that's logged in is the same as the id on the Linux machine. So frustrating. Under windows 11 if I can only use the Microsoft account login, I don't think you will be able to have a login for samba since you won't be allowed a local account. I am not even sure if a public login will be allowed. That's another issue no one is talking about. I will have to go back to emailing files to myself to upload them onto my server or copy them to a USB then drive ten minutes to the data center and copy them on.
@@PWingert1966 yea, I agree with that, my assumption is that M$ will remove TPM requirement at release. However, I don't understand why people always say local user account isn't possible. I tested it on my VM and I just needed to select "domain authentication " which activates that. Maybe thats only possible in Windows 11 Pro?
Seen a lot of videos explaining what a TPM is and that's pretty cool, but this is the first I've stumbled on that addresses the *why* of TPM requirements. Thank you so much for explaining it for those of us that are mid-level geeks =)
So, if my mb doesn't have a TPM chip I can't get windows 11 ...that's fine with me. My mb has a connector for a TPM chip but I don't think I'll get one. I hate microsoft!!
This TPM shit will put a lot of people off, I personally have no problem going in bios and turning it on, simple. On the other hand there are many people who are scared to even open bios, hell, some people won't even have heard of bios, and lets throw in UEFI, just so more more casual users get more confused.
Maybe I need to re-watch the video but I missed the part where this may be resolved with a modular solution (for non-compliant systems) Something tells me it won't be that easy and for now I see no compelling reason to migrate. Where will OEM system builders stand in the 'right to repair' debate growing these days? Windows 11 need for secure 'trusted platform' could mean more people than ever will will be required to 'upgrade' when they want to make the most of what is available now. Using people's fears around ransomware and ID theft will make a compelling push towards future proofing components for next gen windows 11 builds. PC components are still at all time highs due to lack of availability and the ongoing scarcity of raw materials may drive production costs even higher still. Anytime Microsoft makes critical security requirements this quickly I assume its going to be problematic for a long time and there is no rush to adopt windows 11.
Well I always approach a layer security strategy, that means utilizing multiple tools and techniques to protect my systems, TPM is just one part of if. Nobody forces you to upgrade now, but at some day you just need to. And then it's better to have that security requirement forcing vendors to implement TPM everywhere, in my opinion.
Short crazed answer: It can shut down any PC at will. It's a preparation for a future where your electric cars can be disabled as well. Corpos will be in control. *grabs popcorn as cyberpunk music starts playing*
You forget another reason. OEMs stop making drivers after 3 years. We have systems at work which are stuck at 1703 as 1909 and later will bsod due to driver model changes. People will just blame Microsoft and say Windows 11 sucks instead of blaming their hardware. This requirement ensures the hardware is supported with recent drivers by the OEMs
If it crashes cause it is not compatible? That yes would be the fault of windows 11. I mean you said it yourself only with a twist on reality. Besides even old Lynnfield i5 chips are more than fast enough to run it. So your logic is flawed.
@@maxinewaters406 So I am not making it up that even Windows 10 is incompatible with itself due to drivers model changed sometime in 2018 on old hardware? We could not get anything besides old unsupported builds to run on these dells
So if I have TPM active on Windoze 11 to secure the Windoze boot, and I want to switch to Linux by swapping out a drive with Linux on it, will the TPM brick my computer? If not, then explain why, because it is suppose to be protecting the OS that WAS on the system. It should see the new OS as malware.
There are two components that use the TPM to protect your OS in this scenario, SecureBoot and Bitlocker. They will not brick your Computer, but instead protect the Windows OS that's installed on the harddrive. That means you're not able to access any data on the Windows OS from Linux or modify it in any way.
Very clear explained. Thx!
You're welcome
Awesome video Christian!
Thanks ❤
Loved the breakdown of TPM great job!
Thanks bro 💯
Great video, straight to the point and not just focusing on the design part most of the reviews do. Thanks!
Thanks! :)
@@christianlempa When is Windows 11 Coming out for Desktop Pc in Canada?
The information starts at 4:00. You're welcome.
we do not need TPM as a users, viruses and ransomware will not be stopped by using TPM. most the infected PCs/servers already have TPM in them.
Thanks for explaining it
Thx :)
Great video very thorough man you cover a lot of good information here. Appreciate you!
Why aren't environmentalists screaming about Microsoft sending a jillion PC's to the landfills because of their rendering most PC's unable to run Windows 11? That's the real crime.
Does Microsoft get that biometric data?
many people are saying tpm is also a means to block other OS like Linux , from being installed on a separate hd, is that a realistic thing, to see it like that? Or how about upgrading hardware?
You access linux from windows. Windows coming closer to linux OS rather then create a distance
Check WSL
You might need to disable secureboot to boot an untrusted firmware, this would of course also disable the protection for your windows installation.
It makes more sense that TPM 2.0 is a nonsensical requirement for a private user but enterprises, in fact, require the additional layer of security for the very purpose you mentioned. Microsoft most likely wants to push standardization of TPM 2.0 across all devices in order to streamline security updates on that deep level. This is what I deducted from your video. Thanks, I don't mind just by-passing TPM for myself but I am scared one day I won't be able to boot my OS because I have an Intel 7th generation CPU and I do like the new Windows 11 layout.
Thank you for this great video on TPM. Yeah, I need newer CPU's and TPM to pass the "does it work" Win 11 test program. So being just a home user, is this really necessary? As you say in video, probably not. So Win 10 is my last system unless they downgrade requirements for home users or should all my computers crash and burn. And No, i dont want to go to Linux.
Thank you mate! And yea, I agree this should NOT be a reason to switch to Linux :)
you dont need a tpm for win 11. There is a workaround for that but i wouldn´t recommend win 11 anyway.
@@Marcelg13 Thanks for your information. I havent been following the Win 11 videos for a while so dont know what the new updates and talk about it are. Still will keep Win 10. take care.
@@christianlempa when is Windows 11 going to be released on Desktop PC in Canada?
my question is why tpm does not enable for the first time?
*SELinux:* exists
*Microsoft:* "You think _that's_ confusing? Hold my beer!"
I switched from macOS with Windows 11 after trying out the Surface Laptop 4 having Windows Hello is absolutely incredible. It’s a robust system and much more than I would I ever need.
Oh that's cool! I'd like to get a surface laptop at some day 😀
actually we dont need tpm - we have linux that do not need tpm and windows 10 that do not need this
Would TPM requirment make Win11 harder to be virtualized?
Yea it does, that needs to be implemented by the hypervisor as well, however I guess that's already supported in most hypervisors now.
If you use KVM based hypervisor, install swtpm on your hypervisor OS
There are already some good registry hacks to bypass those "requirements". I mean of course using no TPM is less secure, but the alternative if Windows 11 denies the installation for many users would be to stick with Windows 10 even if support ends like we have seen with Win 7.
Can TPM prevent installing a Entire Machine Backup from iDrive to the same computer?
I haven't yet understood, why my PC is not win 11 capable. I have the i7 7700HQ. it has a TPM2. should be smooth sailing, right?
no, doesn't work.
the i7 7820HQ is supported. difference? 100MHz more clock speed.
I haven't yet found an answer why these 100MHz difference is so important.
my bios is enabled but still wont work
So if I put the harddrive in a new device or change the processor (if integrated) it won't be able to login/decrypt my data?
I don't understand. I HAVE Windows 11 on a new computer. I see I do not have TPM 2.0 How is that possible and is this problematic? Will I be able to update Windows 11 as we go along and there are updates? Or am I stuck with whatever version I have at this point? Does this matter.
If you have a modern PC you likely have a TPM 2.0 as it's integrated in AMD and Intel CPUs since a few years.
@@christianlempa It is brand new. I bought it new from Dell last December 2021 with Windows 11. But, Dell tells me it does not have it. I just don't understand.
i was looking into upgrading to windows 11 but my computer is not tpm 2.0 compliant and is like 4 years to old so i wont be getting windows 11 but no loss.i just think that it should be an option like the video said.
I jost bypassed it.
Personally they clustered this launch. What they need to do, is allow the upgrade and put a disclaimer if it doesn’t meet all their requirements such xyz won’t work. This is an OEM back scratch and it’s going down disastrously. Apple shifting from Intel still has support for the Intel procs. I’d bet more people would get annoyed and not upgrade because they just bought their computers and/or shifting to Linux or more likely Apple. Lastly the international version (for less affluent markets) don’t have these requirements.
Oh, don’t they have an ARM version? What kills me is that they lifted the requirements for the insider and you’re going to tell me at launch that they’ll not support those where people had no issues with the beta?
You're right. I bought a Brand new computer and I'm thinking about Linux.
Brand new computers Don't have a TPM in I'm a brand new.
I think typ try to cut out CPUs which may be vulnerable to spectre and meltdown but I have not researched that. It's just a guess...
Spectre and Meltdown are something different as these are vulnerabilites in the CPU operations itself.
@@christianlempa Yes! My idea was they may ban CPUs which has that vulnerabilities from running Win 11.
What I want to know is why is TPM 1.2 not sufficient?
I think we can just guess, but the encryption algorithms in TPM 2.0 seem to be much better than 1.2 and also the functionality.
@@christianlempa I suspected as much but No one seems to be actively talking about why MS switched their initial requirements from m1.2 to 2.0. I think TPM should be a requirement for the pro and enterprise only. I am already having issues with Windows and SAMBA connecting to my Linux servers because it can't validate the login on Linux unless the id on the windows client that's logged in is the same as the id on the Linux machine. So frustrating. Under windows 11 if I can only use the Microsoft account login, I don't think you will be able to have a login for samba since you won't be allowed a local account. I am not even sure if a public login will be allowed. That's another issue no one is talking about. I will have to go back to emailing files to myself to upload them onto my server or copy them to a USB then drive ten minutes to the data center and copy them on.
@@PWingert1966 yea, I agree with that, my assumption is that M$ will remove TPM requirement at release. However, I don't understand why people always say local user account isn't possible. I tested it on my VM and I just needed to select "domain authentication " which activates that. Maybe thats only possible in Windows 11 Pro?
An SSD encrypted with Bitlocker with TPM protection can be cracked relatively easily. So what's the point with this nonsense?
@@lenny108 To keep Intel and the other OEM's rich from unnecessary hardware upgrades. A page from the Apple playbook
Seen a lot of videos explaining what a TPM is and that's pretty cool, but this is the first I've stumbled on that addresses the *why* of TPM requirements. Thank you so much for explaining it for those of us that are mid-level geeks =)
Thank you! 😉
So, if my mb doesn't have a TPM chip I can't get windows 11 ...that's fine with me. My mb has a connector for a TPM chip but I don't think I'll get one. I hate microsoft!!
You need to watch the video again bro
This TPM shit will put a lot of people off, I personally have no problem going in bios and turning it on, simple. On the other hand there are many people who are scared to even open bios, hell, some people won't even have heard of bios, and lets throw in UEFI, just so more more casual users get more confused.
i read many post they bricked our computer GG man this windows 11 are worser than windows 8 back then LOL
I am your big fan....please upload more content on Linux command line for beginners
Sure, I'll upload more Linux content as well ;)
@@christianlempa I Hope you will upload it soon.....Thanks for addressing my request.
Why am I thinking about the movie “Bridesmaids”?
Maybe I need to re-watch the video but I missed the part where this may be resolved with a modular solution (for non-compliant systems) Something tells me it won't be that easy and for now I see no compelling reason to migrate. Where will OEM system builders stand in the 'right to repair' debate growing these days? Windows 11 need for secure 'trusted platform' could mean more people than ever will will be required to 'upgrade' when they want to make the most of what is available now. Using people's fears around ransomware and ID theft will make a compelling push towards future proofing components for next gen windows 11 builds. PC components are still at all time highs due to lack of availability and the ongoing scarcity of raw materials may drive production costs even higher still.
Anytime Microsoft makes critical security requirements this quickly I assume its going to be problematic for a long time and there is no rush to adopt windows 11.
Well I always approach a layer security strategy, that means utilizing multiple tools and techniques to protect my systems, TPM is just one part of if. Nobody forces you to upgrade now, but at some day you just need to. And then it's better to have that security requirement forcing vendors to implement TPM everywhere, in my opinion.
many windows 11 supported pc will still be hacked
So why grandma is forced to use tpm2.0 with windows 11 when the US department of defense is fine with tpm 1.2?
in a nutshell, it's for Microsoft to control your computer by terminating your account or keys using TPM2.
Please stop sharing this nonsense xD
@@christianlempa one nonsense is that they consider these software is "licensed" and the Windows activation key on 11 is inside the TPM.
Short crazed answer: It can shut down any PC at will. It's a preparation for a future where your electric cars can be disabled as well. Corpos will be in control.
*grabs popcorn as cyberpunk music starts playing*
You forget another reason. OEMs stop making drivers after 3 years. We have systems at work which are stuck at 1703 as 1909 and later will bsod due to driver model changes. People will just blame Microsoft and say Windows 11 sucks instead of blaming their hardware. This requirement ensures the hardware is supported with recent drivers by the OEMs
If it crashes cause it is not compatible? That yes would be the fault of windows 11. I mean you said it yourself only with a twist on reality. Besides even old Lynnfield i5 chips are more than fast enough to run it. So your logic is flawed.
@@maxinewaters406 So I am not making it up that even Windows 10 is incompatible with itself due to drivers model changed sometime in 2018 on old hardware? We could not get anything besides old unsupported builds to run on these dells
blue pilled
So if I have TPM active on Windoze 11 to secure the Windoze boot, and I want to switch to Linux by swapping out a drive with Linux on it, will the TPM brick my computer? If not, then explain why, because it is suppose to be protecting the OS that WAS on the system. It should see the new OS as malware.
There are two components that use the TPM to protect your OS in this scenario, SecureBoot and Bitlocker. They will not brick your Computer, but instead protect the Windows OS that's installed on the harddrive. That means you're not able to access any data on the Windows OS from Linux or modify it in any way.
I had to search the Globe for two TPM chips and I shelled out $175.00. Thanks Microsoft. Actually I'm glad I ordered them.
Like like like
Thanks :)
We don't need "m$ windows" unless it's in a VM.
Please upload more videos on Linux Command line.
We don’t “need” it. Period.
didnt understand a word of that,