Author Topic: Windows 11  (Read 2093 times)

September 01, 2021, 08:50 PM
Reply #40
  • Global Moderator
  • *****
  • Posts: 2347
  • Gender: Male
As most of you know by now, W11 is scheduled for launch on October 5, 2021. There's a great deal of talk about Windows 11 enforcing TPM 2.0 and Secure Boot. For now it can be disabled with a registry hack, although it's believed M$ might close that loophole.

Here's where I'm confused. Supposedly the whole idea of secure boot is to prevent you from booting anything other than Windows or some other "authorized" operating system. Suppose something nasty happens to my copy of W11 and it refuses to boot. Fortunately I have a backup file on another drive made with Macrium Reflect by using Sergei Strelec's Windows PE. How do I boot Sergei's ISO from a flashdrive in order to restore the backup if secure boot has me locked out?

September 02, 2021, 10:20 AM
Reply #41
  • Global Moderator
  • *****
  • Posts: 901
  • Gender: Male
It seems Skylake and 1st gen Ryzen are denied entries on based on some virtualisation features slowing it down.

Does that mean they won't run at full potential or what? The article basically says if it runs on W10 it'll run on W11. Now I read someplace that if it's an old CPU M$ won't provide security updates. So far the problem with W11 is you don't know what lie to believe. Be that as it may, it's still way too early to really give any of this serious consideration.

Do I remember correctly or did M$ say W10 would be the last major upgrade?
They won't support it officially and updates are disabled for unsupported hardware due to lack of security features besides TPMs. Some features are HVCI or something that can run apps under virtualization w/o taking a severe perf. hit. MSft just added Surface Studio 2 to compatible list since it has necessary hardware.

September 02, 2021, 08:51 PM
Reply #42
  • Global Moderator
  • *****
  • Posts: 2347
  • Gender: Male
It seems the only thing to do is wait until October 5 -- not to install W11 but rather to see what M$ decided to do and to what extent hackers were able to disable these "features". In the mean time everything is nothing more than speculation. This is especially true when M$ keeps making changes and changes and changes.

Just like the rest of you, I intend to install 11 when all these questions are answered AND I can boot from flashdrive when Windows doesn't boot and requires a full restore. No matter how much I googled it, I can't find an answer to my question about booting from flashdrive when W11 refuses to boot.

September 04, 2021, 09:20 AM
Reply #43
  • Global Moderator
  • *****
  • Posts: 901
  • Gender: Male
It seems the only thing to do is wait until October 5 -- not to install W11 but rather to see what M$ decided to do and to what extent hackers were able to disable these "features". In the mean time everything is nothing more than speculation. This is especially true when M$ keeps making changes and changes and changes.

Just like the rest of you, I intend to install 11 when all these questions are answered AND I can boot from flashdrive when Windows doesn't boot and requires a full restore. No matter how much I googled it, I can't find an answer to my question about booting from flashdrive when W11 refuses to boot.
That's really an odd issue with flash drive not booting with Win 11.

September 04, 2021, 08:43 PM
Reply #44
  • Global Moderator
  • *****
  • Posts: 2347
  • Gender: Male
That's really an odd issue with flash drive not booting with Win 11.

M$oft has been saying for quite a while that W11 will run only if TPM 2.0 and secure boot are enabled. So far this is easy to disable. I just googled it and found at least 3 ways. The question now becomes whether or not M$oft will close these loopholes by the time the official release is out. With M$ it's more important to listen to what they're NOT saying. They keep insisting about mandatory secure boot with no mention of closing loopholes -- at least not as of this writing.

Here's what I don't understand. As I see it the whole idea behind secure boot is to lock out OS's other than the one registered in the BIOS. The question now becomes: suppose your OS is damaged to a point where it won't boot and the only solution is to restore from an image backup file. This requires booting from a flashdrive. How do you do that when all other OS's are locked out? Could you go into the BIOS, disable secure boot, then re-enable it to boot your primary OS? If so then what kind of security is this when to boot another OS you can simply disable secure boot in the BIOS?

Is all this correct or am I wrong somewhere?