Jolt Country

A link below is the video, but I'll give the highlights.

Supposedly, we own and control our computers. Or rather, we used to. Windows 11 will require special features that will stifle competition and give Microsoft near total control of your computer. And it's completely unnecessary, and detrimental to customers and competitors to Microsoft. Here's why.

Windows 11 has two requirements that are not really going to protect people from malware or rootkits; no hardware or software is so bulletproof that it's impervious to attack, These requirements are that the motherboard have Trusted Platform Module (TPM) 2.0, and a UEFI partition table, with "secure boot" turned on. Supposedly this is to ensure that the bootloader of your operating system has not been compromised. Its real purpose is to ensure Microsoft has an unbreakable hold on people's systems and their data, and lock-out competing operating systems and third-party self-booting rescue, repair and recovery programs.

First, this excludes older computers that use older BIOSes since manufacturers have only had it since 2009, and some people are using computers older than this. That's only a minor issue. A bigger issue in the mandate that secure boot be turned on, and TPM installed, to even use the system at all.

What is Secure Boot? Ostensibly, it allows you to know that your operating system was not "hacked," i.e. compromised. The bootloader, which is software on the disk that runs after the machine startup, to load the operating system, must be digitally signed with an electronic key, stored in the firmware of the computer. The firmware on every computer has only the key for Microsoft Windows, and no other operating system. They do not support any other system on PCs. Granted, for the vast majority of people who won't run anything else, that's not an issue. Right now, people who want to run Linux (or BSD, or any other operating system) can turn secure boot off. Now, it is possible you could boot Linux with secure boot off, then push the keys into the TPM. The reason it's possible is that Microsoft signed a secondary key for a Linux bootloader to use.

This means that users wanting to run Linux on the computer they own have to have Microsoft's permission. This also applies for anything else they might want to run. There are many diagnostic, repair, and recovery tools, that, by their nature, are booted instead of an operating system, and do not use Linux. Is Microsoft willing to sign the boot loader every time a toolmaker releases a new binary?

Small developers, open source, and free software developers should not have to get Microsoft to sign the software they create, for you to be able to run it on the computer you own. Now that's one thing. Another is the Trusted Platform Module. It's used to store security keys. Or security information. Windows 10 Credential Manager will store your credentials in the TPM if it's on the computer, instead of on disk.

But, here is the problem; with TPM turned on, and secure boot enabled, Windows will use the Bitlocker software - turned on by default - to encrypt the hard drive. This means the data is scrambled, making it impossible for Linux or third-party diagnostic tools to have access to your data. Where is the encryption key stored? In the TPM, of course. What happens if something goes wrong with the hardware? Right, your data is scrambled, and effectively lost, because it's encrypted, nothing else can access it. Now, it is possible to try to do BitLocker recovery, because they may have stored a backup copy of the password. But where? In the Microsoft account, you're forced to sign up for when you get a Windows PC that's connected to the Internet, whether or not you want one. You are forced to authenticate to Microsoft to be able to access your data on your computer. Another way Microsoft wants to have control over you.

Supposedly, the Trusted Platform Module is to allow the user to trust the software is authentic. But it's worse than that. It's so that Microsoft and other large software companies, and hardware manufacturers, to trust that your computer will do what they want, even if it is against your wishes, even though it is your computer that you own.

With secure boot and TPM enabled, you can no longer do what you want with your computer; Microsoft has total control over what is allowed.

There's much more, and I think it's worth watching.

https://youtu.be/LcafzHL8iBQ

I'm trying to remember the last version of windows that didn't have something in it that people screamed about at launch. MS almost always waters it down. Remember genuine windows? Now you can just download it for free.

I will not be getting Windows 11 in the near future, because it provides no value to me and does not support my processor. I have no dog in this fight. However! How-ever. Linux is garbage, and Microsoft is correct in protecting their users from it. Whenever I have inflicted Linux on myself or anyone close to me, it has ended in tears. 100% of the time. I can feel you indignantly spluttering that I am wrong. That if I just read a goddamn manpage one more time, or learn assembly language, or got a master's degree in computer engineering from Cornell, I would understand the beauty of free and open source software and all of my technology would function perfectly. Before you type whatever it is you are typing, please take five minutes to consider the possibility that actually you are the problem, not the 1.4 billion people who use Windows. The best version of Linux is the one available from the Microsoft store, because Microsoft understands that users cannot be trusted to do anything.

Well, it's not like you don't have choices. There's the hipster OS, and then there's the other one that's hugely popular in basements of moms.

Forcing a Microsoft account on the users seems wrong to me, dunno about the security chip thing. I heard the sysreq specs are pretty high, cutting off a lot of midrange hardware.

I'll stick with Win7, thank you, as there's no real additional functions in 11 worth upgrading. Remember when a new release of Windows was something to look forward to? I couldn't wait to get a copy of the XP disc. Now it's just dread, man. Its just dread

I currently support/work with 60,000 computers running UEFI with TPM enabled. AMA. Legacy BIOS/MBR doesn't support hard drives > 2TB, so everyone with a hard drive that size or larger already made the switch. Using Dislocker, any Linux machine or recovery utility can decrypt and read a hard drive encrypted with BitLocker. We rarely do that because we have all (most) of our users trained to save their data in the cloud or on a server. In an enterprise environment, we save all our BitLocker keys in Active Directory so users aren't required to track or remember them. Enabling BitLocker by default for home users is a bold move that can be compared to enabling UAC by default back in, what was it, Windows 8? BitLocker is actually great for laptops and external USB drives. If you lose or someone makes off with your drive, bad actors can't get to your data. BTW, for USB drives you can set them to mount automatically on your system, which means when you plug them in you don't have to type a password, but if you plug them in to a different system, you will. I leave my remote USB backup drive at work now, knowing that if it walked off no one could access my data.

The problem with most of Microsoft's security features is that they have low adoption rates until they turn them on by default. BitLocker was added to Windows 15 years ago (2007). For anyone worried about the impending Draconian state of using disk encryption, Microsoft has added a complex and nearly impossible way to remove BitLocker from your system. In control panel, click "disable BitLocker." It can also be managed/disabled by right-clicking on an encrypted drive. It can also be removed via PowerShell, or the command line.

objectinspace wrote: Thu May 12, 2022 8:53 pmLinux is garbage,

Fine, don't use it then. A lot of people do. But don't deny other people the right to do so if they choose. By the way, I'd say 100 milion Android phone users would disagree, since it's underlying operating system is Linux. I haven't heard of huge volumes of complaints that they can't use something else, since almost nobody uses phones using a Mcrosodt operating stsyem. Of course, Android is slowely being pushed in the same direction Apple has gone, and where Microsoft would love to go: male its phones (or computers running Windows, for Mucrosoft) locked into a walled garden, and you cannot run any program except the ones the manufacturer allows. Now in this case, it's your computer, your property, but soerone else decides what you can use it for, or even bar some app and revoke it from your computer. Would you allow a government do all this? If not, why should we allow a orivate companty to do these things?

objectinspace wrote: Thu May 12, 2022 8:53 pm and Microsoft is correct in protecting their users from it.

Wrong. Microsoft has neither the right, privilege, nor any legal mandate, to command that i am not allowed to what I want with my property.. Should your television set that you purchased and own, be allowed to permit you to watch only the shows it decides you should be allowed to see? Should the TV say you own decide that you can only watch Fox News and shall not watch CNN, NSNBC or other libreral channels? Or force you to only watvh MSNBC? Should Chinese-made TVs be able to change the channel and lock that channel out if simeine mentions Tauwan independence, Tianamen Square, Falun Gong, or othe trigger words the Chinese Comunist Party doesn't want you to know? If we would not allow this behaviour from our television sets, we damn sure shouldn't permit it on the computers we own.

objectinspace wrote: Thu May 12, 2022 8:53 pmWhenever I have inflicted Linux on myself or anyone close to me,... it has ended in tears. 100% of the time.

So you have problems. You don't have to use it. But don't allow someone else else to unilaterally decide that a person who wans to can't. Frankly I'd say, Linux is not really ready for the desktop, or for untrained users. Does the fact you don't like it or that is unnecessarily hard for you, mean that someone else who wants to usse it can't? He might be a technically trained person, and wants to test things on hus computer. Maybe he wants to test a behavior that is different on bare netal than in a virtual machine. Or is testing something and needs to run in Ring 0 (it is his nachine). Well he could run the progran with elevated privileges. Well, windows doesn't have Sudo (progran to allow Linux trusted nonprivilefed users to run a program wirh superuser privileges), but even Administrator priveleges cab't do some things that a dufferent account can.

Let me turn the tables. Let's say your computer was preloaded with Linux, you found out but after a coulpe of hours of pain, you don't like it, and can't do useful work, so you get a copy of Windows and want to install it'. But the Linux Foundation has ddecided that you (or anyone else) can't install another operating system unless they approved it. You can load a copy of BSD, or Syllable, but not Windows. Okay, you say, I'll erase the drive. Well to do that, there's a utility you can run, it runs on its own operating system, but the TPM is locked on and we don'r have keys to allow you to start this utility. You can't boot anything else. not even run the tool that would allow you to remove and replace the operating system..

Now let's come back to our wotld. Say there is a different operating system claimed to be better, and you decide to try a portable demo on a flash drive, so you can try it and tell all those sno0tty faanboys of it real reasonk why it's just as bad as all the others. Can'r boot that because the TPM locks the machine and the author can't get Microsoft's pernission to get his boot loader signed. Should Microsoft be allowed to tell you ehat you do with your computer?

objectinspace wrote: Thu May 12, 2022 8:53 pmLinux is garbage,

The best version of Linux is the one available from the Microsoft store, because Microsoft understands that users cannot be trusted to do anything.
[/quote]
That's their opinion. They have absolutely no right whatsoever to force it on others. Even if there are only a few thousand desktop Linux users, they should not bw forced to use an operating system they don't want, or want to also use something else. The alternative is to admit Microsoft effectively owns your machine, and they control it. You don't.

I'm so sad right now. TDarcos clearly read my post, yet missed the most important bit:

objectinspace wrote:Before you type whatever it is you are typing, please take five minutes to consider the possibility that actually you are the problem

These instructions were not followed, and now here we are.

Tdarcos wrote: Sat May 14, 2022 12:30 am Don't deny other people the right to do so if they choose.

I am denying nothing to anyone. Canonical, Apache, the Raspberry Pi foundation, the FSF, or anyone else is free to sell computers with their operating system of choice to all interested buyers, as they have done for thirty years. Apple and Microsoft have been pretty successful at it!

tdarcos wrote:By the way, I'd say 100 milion Android phone users would disagree, since it's underlying operating system is Linux.

No, no, no. Android is the operating system, Linux is the kernel. It's actually called GNU-linux, and Richard Stallman is very disappointed in you for not knowing this. After this faux pas, I'm honestly starting to doubt your commitment to the ideals of free software!

tdarcos wrote:Should your television set that you purchased and own, be allowed to permit you to watch only the shows it decides you should be allowed to see?

Do you even watch television? You are familiar with this concept called cable, yes? It's a thing that you pay for every month where they deliver you the content choices they choose for you. Or Netflix, a streaming platform you pay for every month where they deliver all of the content choices that they choose for you. Did I say Netflix? I meant every streaming service. In 2022, media is consumed through apps on devices that are basically PC hardware, only way more locked down than any windows machine. And it's not that I even care about the arguments I'm making here, it is just that yours is so bad that I feel an almost physical need to refute it. I don't know which of us is worse off, but It's probably me.

tdarcos wrote:

objectinspace wrote: Thu May 12, 2022 8:53 pmWhenever I have inflicted Linux on myself or anyone close to me,... it has ended in tears. 100% of the time.

So you have problems. You don't have to use it. But don't allow someone else else to unilaterally decide that a person who wans to can't. Frankly I'd say, Linux is not really ready for the desktop, or for untrained users.

And there's the elitism. If only I would just read the fucking manual, I would understand that it actually works great! I don't think you quite grasp what I'm saying here, so I'll phrase it a different way.

PC manufacturers who sell Windows have an interest in protecting their machines from customers who think they can install third party operating systems by following some instructions on the internet, and end up deleting all of their data, breaking their hard drives, destroying recovery partitions, etc. These users then send those machines back to the manufacturer to fix them, requiring them to replace the drive, the motherboard, whatever Dummy McCollegeLibertarian just did to ruin his PC. (it is always a he; women are generally smart enough to avoid the whiff of GNU/Linux) This is not minor damage, and if it is under warranty the company has to eat it. If it's not, the customer takes the financial penalty, but not the time. It's a loser for everyone.

Microsoft is filling a market need of protecting idiot people from their idiot selves, or equally idiotic friends who won't shut up about software liberation. It is the responsible choice, and I applaud them for it.

objectinspace wrote: Sat May 14, 2022 11:36 am Microsoft is filling a market need of protecting idiot people from their idiot selves

So it's the OS for idiots?

No, that's OSX. Bada bing! Don't forget to tip the wait staff!

Hey look dudes.. another know-it-all! I see your name isn't TDarcos. This will not go well for you.

Did anyone notice that objectinspace never countered any of my arguments. And yes, I do know what cable and streaming services are, I was watching cable-TV since the 1970s. Did anyone notice I metioned CNN an MSNBC, two channels exclusively available on cable or streaming service like YouTube TV.

I just have one question: With secure boot and TPM enabled, can third-party off-brand operating systems like BSD, Syllable, Be, or Oberon OS and any others, successfully run from live-mode DVD or flash drive, and/or be installed and run on a different partition of the same boot device which has been used to run Windows 11, yes or no?

Ask Joe Biden.

Ubuntu supports secure boot and can happily coexist on a Windows machine with secure boot enabled.

objectinspace wrote: Sat May 14, 2022 11:36 am PC manufacturers who s... and end up deleting all of their data, breaking their hard drives, destroying recovery partitions, etc. These users then send those machines back to the manufacturer to fix them, requiring them to replace the drive, the motherboard, whatever... This is not minor damage, and if it is under warranty the company has to eat it.

Wrong. It's easy enough for a service tech to take 30 seconds to discover the computer is not in bad condition because it failed due to defects in manufacturing or workmanship. Then it can be sent back unrepaired with a note explaining that their warranty does not cover damage by customer due to accident, mistake, or negligence. Manufacturers are starting to be like insurance companies, finding any means at all, even if illegal, to deny claims (for warranty service). It is common practice by manufacturers to discover the user did something (like put in a bigger hard drive or more memory) and deny warranty service on the computer at all, even if the user upgrade had nothing to do with the change, e.g., a non-working USB port, sound not working, or power supply failure. This violates the Magnusson-Moss Warranty Act, but they get away with it.

objectinspace wrote: Sat May 14, 2022 11:36 am If it's not, the customer takes the financial penalty, but not the time. It's a loser for everyone.

Actually, it's a tax rightfully applied. It's called "The Dunning-Kruger tax Act." If you do something where you don't know what you're doing and aren't smart enough to know you have to vet sources for accuracy and reliability, then you should pay for your arrogant incompetence,

Anyone juggling chainsaws on their first try is going to cost them an arm, a leg, both, or worse,

Apparently Microsoft realized mandating TPM and Secure Boot were a bad idea, or one of their lawyers pointed out that forcing this might trigger legal consequences, like restraint of trade or antitrust. That guy did a followup video, the one I saw was posted over 10 months ago. Now, you can run Windows 11 without being required to use secure boot or TPM.

Tdarcos wrote: Fri Jun 03, 2022 2:53 am Apparently Microsoft realized mandating TPM and Secure Boot were a bad idea, or one of their lawyers pointed out that forcing this might trigger legal consequences, like restraint of trade or antitrust. That guy did a followup video, the one I saw was posted over 10 months ago. Now, you can run Windows 11 without being required to use secure boot or TPM.

This whole shit blew up with me when Windoze 8 was released and I bought a 300$ Toshiba with it installed. I was basically in "you can't install any OS but this on this computer" realm for all of a few months before I figured out how to hack it, but still.. I'm with you TDarcos: Fuck TPM and secure boot. Hell, some of your complaints about the Steam client you talked about in one of your old YouTube videos still totally rings true today.