Windows 11: What really changed with the Windows 10 pledge – Lockdown
TPM – Trusted Platform Module – has been around for a while and it is a requirement for Window 10, but it is mostly disabled in the BIOS. Even if you switch it on it has to be coupled with an 8th generation processor to satisfy Windows 11 – and Windows 11 won’t work without it. TPM is basically a hardware crypto device with a burned-in identity key. It can be used to generate random numbers, look after keys, generate hash codes and encrypt data. It is already used to enforce licensing in Office 360 and Exchange. It also has an Attestation Identity key that can be used not only to prove identity, but the integrity of installed software. This could be used to lock down a Windows machine so that only valid and unmodified software was running on a verified user’s machine. Clearly this has security value, but it also has commercial value if used to enforce rules for what software runs on what device.
Clearly, TPM 2 coupled with other security features has the ability to both improve security and reduce a desktop machine to the status similar to that of a carrier and vendor-locked mobile phone.
Using security to sneak in features which are of a commercial advantage is not a new game. EU digital competition chief, Margrethe Vestager, recently said that Apple must not use privacy excuses to limit competition. Easy to say, but much more difficult to spot and even more difficult to take action against. So how will Microsoft make use of this?
The key indicator, for me, is that Windows 11 Home edition cannot be used with a local account. You have to have a Microsoft account to use it and this locks you to Microsoft. This is a sufficient signal, for me at least, to give up on Microsoft Windows and finally move 100% of the time to Linux. For Microsoft, the gain from insisting on Microsoft accounts is clear, but I wonder if it takes the dangers at all seriously. It was bad enough when the only browser you could easily use was Microsoft’s, what will be made of the fact that the only sign-in authority for Windows 11 is Microsoft? Why can’t I sign in with my Google account? This might be a monster that Microsoft are about to lose control of. Unless, of course, there are some U-turns in the road ahead.
More Information
- Update on Windows 11 minimum system requirements
- EXCLUSIVE EU’s Vestager warns Apple against using privacy, security to limit competition
- Windows 10 is the last version ?
- Windows 10 will be last version of Microsoft OS
- Windows 11 The Lockdown
Last updated on November 30th, 2022