Just tried turning off TPM then flashing didn't find it as expected. Then did turned on but disabled same issue blocked by TPM fw policy
Installed 11 in a VMware VM (UEFI+Secure Boot enabled), it went fine without TPM and without VBS being enabled. Encrypted the machine and added a TPM from VMWare, VBS still inactive, although the TPM initialization seems to take a lot of time. If things remain like this (which might not be the case in later builds), it's mostly fine. But the essential (at this time, in this build) is that VBS is not automatically enabled. At least not for VM. Not planning to install it on my PC yet. Oh and 11 is quite fast, reboots way faster than 10 at least on VM, and seems to have no issues with HDD thrashing like 10 VMs. Somewhat promising.
Vm installs do not have any hardware check beyond available ram and disk space. There is a specific bypass in the setup process that detects virtual machines and voids out any hardware checks.
I don't necessarily mind VBS, my issue is I used devices with drivers that haven't been updated since 2013 and aren't supported if using VBS.
I see the TPM requirement as a gift to be honest. As you now have a BIOS level selectable option that should block the automatic update from W10 to W11. So thanks Microsoft... that is exactly very handy. /Now watch motherboard makers start enabling the fTPM option by default and remove the ability to change it with their new BIOS updates lol.
Yeah the troian horse was a gift as well. Both donations share the same purpose Jokes aside you can have the same effect using native VHDs, which have an huge pile of advantages over the old school installations on physical partitions, but don't like in place upgrades (If you want to upgrade you need to mount them in Hyper-V /VMware using a second system, which can be running on native VHDs as well)
Yeah... I remember a TV series episode from some years ago where a criminal wasn't on security cameras because they were broken. One of the younger CIA agent came quickly with a video footage of the scene The older agent's boss asked "how did you get that?", the agent replied "social networks... people are doing our job, for free"
Any way to emulate TPM and mod the bios like back when we used to mod the bios to add SLIC? I'm not an expert on this but could this be an option for us poor folks who can't buy a new computer just because Microsoft says so?
TPM is a complete crypto chip. Hardly can be emulated, if at all. Plus, it must be available from the very start, as it controls the boot process. SLIC was only a non-critical table in the firmware. Not comparable.
On W11 by-default and on W10 with the memory integrity option enabled, game FPS seems fine, but I notice a significant I/O performance drop (compared to a W10 install with mitigations disabled). Game loading screens are longer, the worst one being about 10 seconds longer. But that's seemingly the only issue I notice. I don't imagine the impact will be that significant, at least on the most recent hardware architectures (Ampere, RDNA2, etc). Hasn't Xbox been doing this for a while now? If that memory integrity option on W10 does the same performance impact as W11, then game FPS was overall fine. While I/O takes a hit, I wonder if faster I/O can be returned with DirectStorage?
I don't believe they were enabled by-default back in 22000.100; I've always left SVM (secure virtual machine) CPU option disabled in firmware and I don't think those features would work or enable without that.
I don't believe they were enabled by-default back in 22000.100; I've always left SVM (secure virtual machine) CPU option disabled in firmware and I don't think those features would work or enable without that.
You don't need TPM to encrypt file system. You can configure Bitlocker not to use TPM or use 3rd party encryption software.