@edps
Forum Replies Created
-
AuthorPosts
-
Although the socket is hidden under a large cooler I’m pretty sure there is a chip in it for the following reasons:-
1) BitLocker is happy to encrypt stuff without the Admin kludge.
2) Devices shows a TPM chip, and that it is working ok
3) tpm.msc gives the ‘Device is ready’ notice
4) Chillblast were told to put in a tpm chip and they are pretty trustworthy.
It looks like M$ are fiddling around the edges at the moment as I would guess they are worried that a large number of Enterprise customers are not going to be happy bunnies. I would therefore say they will not ram the update down anyone’s throat until they have sorted their minimum specs and eased the migration path.
As I posted elsewhere, moving to encrypted GPT from a legacy installation is currently a non-trivial exercise for VMs, so that alone will give Enterprise a large headache.
Not really sure Dave,
The following is the M$ definition:
“There are three implementation options for TPMs:
Discrete TPM chip as a separate component in its own semiconductor package Integrated TPM solution, using dedicated hardware integrated into one or more semiconductor packages alongside, but logically separate from, other components
Firmware TPM solution, running the TPM in firmware in a Trusted Execution mode of a general purpose computation unit”
However my Asus ROG Strix X-570E allows three settings, no TPM, Discrete TPM, and Firmware TPM. I initially chose the second and M$ initially accepted this as a valid TPM2.0, and the tpm.msc program stated that ‘The TPM is ready to use’.
Today as posted, I had to switch to the ‘firmware version’ and TPM.msc still gives the same message. Checking the ROG site gives totally confusing accounts with some ‘authoritative’ voices plainly not having a clue.
If I look in the actual Device Manager, there are two ‘security devices’ an AMD PSP 11 and a TPM 2.0. Maybe somehow the AMD device is seen as the ‘discrete’ one, and M$ has got picky in the last few weeks! Luckily I do not use Bootlocker so switching between the two modes did not cause any issues.
The mobo layout chart shows a tpm module, but tbh I have not bothered to check if it is physically there.
Add on amoral and untrustworthy to this Conservative Government if Dominic Cummings latest revelations are true:
‘We took over a party on ~10%, worst constitutional crisis in century, much of deep state angling for BINO or 2REF. So we wriggled thro with best option we cd & intended to get the to ditch bits we didn’t like after whacking Corbyn. We prioritised. Now time for IM2’
They have totally tarnished the UK’s reputation and the French will feel quite justified in dragging up the centuries old epithet of ‘Perfidious Albion’. Our chances now of doing any international deals are close to zero.
M$ seem to have upped the TPM ante! When I updated my main PC today I received a message that the box was no longer Win11 compatible! When I investigated I found that the TPM2.0 setting was on ‘Discrete TPM’, setting this to ‘Firmware TPM’ resulted in the PC becoming Win11 ready once again.
I assume that Discrete TPM is a software version and that M$ only likes the real thing!
In order to drum up support for Windows 11, M$ have demonstrated how easy it is to hack PCs that have neither TPM or VBS security. As said in one review – ‘Really nice of Microsoft to show hackers how to attack Windows 10 PCs’.
https://www.neowin.net/news/microsoft-demoes-hacker-attacks-on-pcs-with-no-tpm-vbs-and-more/
In reality the demo just shows that TPM and VBS add another layer of security. Actually both of these security options can be turned on in Windows 10 without upgrading to Win11.
The general public ‘know’ that all politicians are universally corrupt, and they saw BoJo as the person who would destroy it all through his clownish actions. The problem is that he is the leader of a bunch of equally incompetent clowns who could not foresee tomorrows date and could not even plan the details for a booze-up in a brewery.
The only things that will really be destroyed are democracy and the United(?) Kingdom, to the delight of all its enemies. It is no real surprise that we now learn that Russian money has bankrolled everything from Brexit onwards.
I just hope that the nation survives all this without a complete breakdown of society.
In the near future they could be a real security problem for politicians and outspoken individuals. Their autonomous nature would make them impossible to jam and AFAIK no-one has yet built a high wattage portable EMP device.
AI is going to make the next generation of drones into go-anywhere beasts!
https://www.media.uzh.ch/dam/jcr:173fb0ea-b4ca-4558-8f1b-4043f0efcd72/compressed_video.mp4
When you activate Windows for the first time a digital license is created based on your mobo, cpu and some other hardware bits and bobs. This means that Windows is digitally licensed on this, and only this machine. If you change too many bits then you have to go back to M$ via telephone and get your machine reactivated.
Just for info., there are a huge number of very good and very new CPUs that are unsupported as far as Windows 11 is concerned. There does not seem to be an easily discernible reason for these exclusions. For example, I have no idea why a 2021 Ryzen 7 5750 is not supported!
https://allthings.how/list-of-all-intel-and-amd-processors-not-supported-by-windows-11/
If you buy any more drones, you will need to make certain that it isn’t one of these!
Agreed Dave, but it is not just the MET. Other police forces were involved and failed to take action. In addition there is now an on-going investigation into a very dubious Police Facebook group that Couzens was involved in. This group apparently is far more widespread than the MET.
Based on my (limited) experience of Essex in the 1970s the police has its share of bad-eggs, albeit a lower percentage than the population at large. Also to my knowledge the MET of that time employed an Embassy protection officer who was to say the least quite trigger-happy (eventually he was thrown off that duty).
In order to restore public trust I think that there should be an annual INDEPENDENT psychological test of each serving officer of ALL ranks, and these results should be reviewed by the P&CC for the area and amalgamated into a report to Parliament. (I’d also do more vetting on the P&CC given the current experience in North Yorks!)
I’m looking forward to the next few editions of Private Eye as their investigative journalism is happy to ignore the heavy-handed guidance
censorshipnormally given to national press and TV.@Dave:
It would appear from published research that most of your old Enterprise friends will be avoiding Windows 11 or risk either, fragmentation of their network, or a visit from the Finance Director complaining about an inflated IT Capital Budget.
El Reg also pick up on the workload of upgrading VMs. Most will already have hardware with tpm baked-in, and I guess that it will be possible to wheel out upgraded versions of Windows guests, but I am uncertain how the overall process impacts on VSphere guests themselves.
Windows 11 could well turn into another Millennium Bug event in terms of IT Admin workload.
Sorry for the necropost, but it looks like the Solarwinds hack most likely was China/N.Korea rather than Russia. My reasoning goes, that there is probably a close relationship between Kaspersky and the Kremlin, yet Kaspersky has just revealed a previously unknown Active Directory attack (Foggyweb) being used by the gang that hit Solarwinds and the US Government (including the US Justice Dept – remember the Huawei exec extradition!).
I could see the VM issues coming
Actually Dave, setting up a ‘clean’ Windows 11 VM in VMWare is very easy as VMWare have had ‘TPM’ and ‘Encrypted Secure Boot’ for 12 months or more. It is only the process of changing an existing Windows VM to secure boot/TPM that is more difficult. Ensuring security seems to be the M$ watchword for Win11, and that will equally apply to Win 11 VM guests.
M$ seem to have had a good Win11 working relationship with VMWare from the outset. I suspect that M$ see Oracle as a competitor and have not accommodated them so readily. The Surface Pro /Apple M1 relationship also probably accounts for M$ being less helpful over M1 dual boots etc.
Hope that you managed to get a large pay increase. Poor pay and poor working conditions (especially for long haul drivers) seems to be the nub of all the problems. Fuel tanker drivers typically have the best pay and conditions. If there is a shortage of these people then shortages of everything can soon be expected – stock up for Christmas now!
Of course Brexit plays a huge role in this mess. It was as usual cretinous of this incompetent Government to think that the country could immediately replace all the low-paid displaced foreign drivers, just as it is naively stupid to expect any to come back and be fired on Christmas Eve!
I now know the collective word for a group of clowns. A BoJo!
ps. If you do succeed you may want to wait a while before putting anything ‘mission critical’ on the VirtualBox guest, as it would not surprise me if M$ insist on VirtualBox having a baked in ‘Secure Boot’ on a Secure Boot Host. The VirtualBox ‘Secure Boot’ registry hack looks to me to be rather a kludged approach.
It was previously reported that Windows 11 could not be installed as a VirtualBox guest.
According to this blog Oracle have fixed this issue and given a procedure for a fresh install of Windows 11. I’d emphasise the word ‘fresh’ as upgrading an existing VirtualBox guest to allow a Windows 11 install is a non-trivial exercise. You could try a version of the method I posted earlier for VMWare, but I do not know enough about VirtualBox to say if it will work. Good luck if you attempt this and please post your findings.
BTW you should also have a 150ml glass of red wine with your burgerless cheeseburger according to an Israeli study.
Most of the $200 million funding came from EU with fears that the old containment dome would release nuclear radiation which would spread over Scandinavia and Eastern Europe. There was probably a bit of politics in all this as the Ukraine/Russia situation in 2015 was very much centre-stage.
I’m personally very blasé over these sorts of radiation levels, if I wasn’t I would never go near Cornwall or Scotland!
-
AuthorPosts