Juha Saarinen: Unpacking the new Windows 11


Time has come to try out Microsoft’s new Windows 11 operating system, for a bit of bleeding edge fun and crash and burn while exploring all the new stuff.

If you’ve been around the block, you do wonder why Microsoft decided to make the next version an 11. Sure, it follows 10, but depending on how pedantic you are, there have been 23 versions of Windows, 24 if you add Windows 365 to the mix. Ah well. The mysteries of branding and marketing.

Microsoft decided to lift the security requirements for Windows 11 a few notches, and I agree with that decision. Hardware-wise, a dual-core processor running at 1 gigahertz (or a System on a Chip) with 4 gigabytes of memory are the minimum specifications for Windows 11 which isn’t too excessive; having to work around the requirement to use a Microsoft account, and a live internet connection when upgrading is likely to grind users’ gear more.

On the security-side however, the program that starts up the computer before Windows 11 takes over has to be Unified Extensible Firmware Interface (UEFI) with Secure Boot, a feature that protects the PC from loading malware that sits beneath your operating system and which can be persistent and hard to clean out.

But wait, there’s more: Windows 11 wants special security circuitry, named Trusted Platform Module 2.0. Most users won’t understand what it’s for, or what’s trusted about it, but that’s what it’s called and abbreviated as TPM 2.0.

With an eighth generation Intel processor mounted on the MSI board, it should scrape by and be good for Windows 11. The reason for requiring really new Intel processors, (or AMD ones which apparently run sub-optimally for now, with a patch coming up) is TPM 2.0.

You want TPM 2.0 enabled though, as it is a cryptographic microprocessor that adds a hardware layer of protection to your PC. Earlier versions of TPM were used in enterprise settings mainly, and the idea now is to give everyone that level of protection with Windows 11. With ransomware galore, and people working from home with their own IT gear, anything that makes life online more secure is very welcome indeed.

Much to the child’s chagrin, I picked an MSI Tomahawk Z390-based Windows 10 gaming PC as the guinea pig, as it’s less than a year old and should run Windows 11.

Microsoft’s PC Health Check said “no” however: the new-ish PC would not run Windows 11. Running the “tpm.msc” with Administrator rights brings up a nice graphic console that says the TPM could not be found. However, MSI’s documentation was clear that it’s there in the PC, but needs to be enabled first in the UEFI.

Getting into the UEFI requires restarting the PC and with MSI boards, finding the Security setting that lets you enable TPM 2.0. Well, not quite. You won’t find any mention of TPM 2.0 in there.

Instead, you go to the “Trusted Computing” UEFI menu to enable the software Platform Trust Technology (PTT) which is part of Intel processors, and which works like TPM 2.0.

There’s a hardware discrete TPM setting, which isn’t recognised by PC Health Check so software PTT it was and woohoo, I can now upgrade the machine to Windows 11.

When it arrives, that is. Nothing’s popped up in Windows Update since I enabled TPM 2.0, sorry PTT I mean, apart from the regular Win10 updates. Microsoft is spacing out the Windows 11 upgrades until 2022, and it looks like I’ll have to force an installation.

Which I will, to check out new games tech on top of what should be a more secure PC, and the ability when it appears, to run Amazon Android apps on the machine. Having Microsoft Teams as the default comms and video calling app isn’t that enticing, and a new Snipping Tool in Windows 11 is … interesting, but not something I’d pay for myself.

I’ll report back when the upgrade is done. I think Microsoft let the Windows hardware ecosystem run wild for too long, judging by the complexity above just to make your existing PC ready for an upgrade.

It’s fine to drop obsolete and insecure features ahead of new operating systems, but Microsoft could’ve handled the Windows 11 upgrade scenario much more elegantly.

I suspect a substantial number of users will stick with Windows 10 because of that for as long as possible, which is 2025.

Source: Read Full Article