I'm also 100% convinced Microsoft will introduce mandatory code signing at some point and make it so that you can only ever install software from Windows Store.
They are envious of the Google and Apple walled gardens/cashcows and are now determined to turn Windows into one.
Windows is no longer a product for users, the users of Windows are the product for Microsoft to be shoved into the Azure sales funnel.
This misses how Microsoft makes money from Windows. Taking a cut of apps isn’t that useful because most people don’t install many apps. Of course it’s still welcome revenue, especially for games, but Steam has too much goodwill there, and Epic won’t still idly by (and Adobe etc in other domains).
Instead Microsoft is trying to upsell cloud storage, backup and ad-free email (along with Office apps) with Microsoft 365. And on the biz side they’re getting into the biz of offering managed patched online Windows VDIs, kind of like Citrix.
Also Microsoft Store-only Windows is a deal killer for Windows in businesses. A lot of specialised LOB (line of business) apps run on Windows and the Store is a non-starter for those. And in home contexts there’s a bunch of legacy apps that people keep Windows for, dropping support for them will mean switching to ChromeOS or macOS just got easier.
So yeah — I fully agree they’ll absolutely shove you in into the Azure or M365 sales funnel, and individual users no longer feel like a priority. But non-store apps aren’t quite dead yet.
Apropos, running Steam on my Archlinux Desktop with Windows compatibility turned on works really, really well. Much better than what I remembered from the bad old days of trying to get stuff running in Wine.
Wine and it's alternatives have greatly profited from valve going this route and as a result all software runs better. It's a gradual improvement over time and we are past the early stages. I'm still running a gaming PC on windows but that is going to end quite soon if Microsoft keeps doing these things.
Stream actually paid for contributions to Wine if I understand correctly.
I too planning to use a gaming centric distro for my next gaming PC build. The horseshit they've been pushing at me on 10 has been atrocious. The lie that 10 would be the last. Injecting pages into Chrome. Windows acts more and more like literal malware.
> I too planning to use a gaming centric distro for my next gaming PC build.
I don't find that the distribution makes that much of a difference?
I just use Arch Linux, and install all the programs (gaming centric or otherwise) that I need when I need them. I guess I'm lucky, because the Steam Deck's distribution is based on Arch Linux, but I used it before it was cool.
I suspect the main differences between the distributions is what you get by default, and that can be a huge factor in terms of convenience?
Yeah and good on you for using Arch but gaming distros are designed to support dummies, meaning people like me that don't really want to build the OS from the ground up get to coast. We just want to use it.
I know a fair bit about OS internals but especially when I'm gaming I want to play rather than read and follow technical docs.
I game using Steam on Pop_OS![1] with a home-built AMD machine and, while I know there are some background processes (Proton) that run to establish and maintain a compatibility layer, it's nearly seamless to me as a user. The most I really see is a progress bar that appears before some games where Vulcan shaders have to be pre-rendered. In my experience everything needed for Windows-native games to run on Linux is handled automatically, without any configuration, runtime flags, or anything else.
Early on I consulted ProtonDB to see if my games would run, but honestly now I don't even look at it any more. While YMMV depending on the games you play, I haven't encountered really any major bugs and zero crashes. The most I found was some strange shadow texture rendering artifacting in Baldur's Gate 3, but it was contained to a particular part of a particular map.
A decade ago it was kind of rough, but now? I am never going back to Windows for gaming. Playing games on Linux is light-years better than what it used to be. If you're curious but haven't tried it because you had bad experiences in the past, I'd encourage anyone to give it another go.
Just a note to readers who are interested in this: some games in your Steam library may still not work with Proton, but the ones that do work should have rather few issues. (I play exclusively on a Steam Deck so “should” is in reference to the variance in hardware among bespoke machines.)
The Steam Deck has done well, and releasing SteamOS for free so people can install it on their own PCs is great, but I think they should make a “Steam PC” they could sell. The majority of gamers aren’t technical and buy pre-built PCs. A Steam PC with Steam OS pre-installed would make it easy for these people to game on Linux and pump up the Linux gaming share of the gaming market.
> I'm also 100% convinced Microsoft will introduce mandatory code signing at some point and make it so that you can only ever install software from Windows Store
2017 called. It wants Windows S Mode back.
Needless to say it still isn't very popular. But this has been around for <checks notes> 8 years now
Windows S failed hard so they have a new strategy. Every new CPU ships with M$'s Pluton root of trust. For 'security' everything will have to be signed. They consider the user to be the threat actor. Eventually they will charge a percsnt fee for using their signing service.
It’s only a matter of time before Microsoft forces everyone with local accounts to switch to a Microsoft Account just to access their own machines. I wouldn’t be surprised if, in the future, local accounts are completely disabled, except maybe on specialized enterprise versions of the OS.
I'm exhausted by the anti-consumer behavior of American companies, constantly restricting user choice and access, undermining privacy, and hiking up prices, all in the name of "profit".
It's been near a decade of them trying and failing (or over a decade, if one'd look at windows 8 and its apps as part of some plan), that at some point this 'what if they lock everything down!!' thing just sounds like a FUD, which is kinda ironic. And the 'they're locking down installs!!' thing too, every time they make a change it gets to the front page here, and yet it still remains circumventable (just use Rufus). Years have gone by and the actual "locking down" of it still hasn't arrived.
We're most of the way there with the switch to web apps and their native wrappers, even Microsoft isn't using their own UI toolkits anymore.
The only segments left targeting Windows as a platform are games, replacements/extensions to the OS tools, and a bunch of legacy .NET LOB apps. And since the Steam Deck and clones, Wine/Proton are (very) slowly becoming the actual target for games rather than Windows.
I highly doubt it, Windows is known for its stellar backward compatibility. Code signing means a lot of older software, that is still in use, would not be able to install or run. This is not going to happen (at least in the enterprise).
I have mad respect for Microsoft engineers for the compatibility work that they've done over the past decades. It is indeed superb that you can take even today an old Win32 executable and run it and it'll just work.
But I expect the new leadership will not put much value on this. I imagine it'd play out that first to "to enhance the security and improve the UX" they'll start a shoving a bunch of nagging dialogs in the users face "this app is not safe" etc.
Then they'll add a flag to enable "unsafe mode" where the user can run unverified / unsigned code.
Then finally they'll just nuke the flag.
After all requiring that the ecosystem with the most "important" apps such as their own office suite, slack, adobe etc. grind out new versions with digital signing is not out of alignment with these companies incentives and development cycles either.
In fact I would not find it surprising if these companies would actually be approached by Microsoft to participate in any such scheme and get offered some kind of "discount" or reward (whether it's app store discount or whatever else) and these companies would only see it strengthening their own moats against any possible competition.
And I'm talking about the consumer use case, not the corporate.
You don't know how many ad-hoc legacy apps based on Java/C# are out there. Zillions. If you want to give GNU/Linux a huge chunk of share (Java and C# code from early 00's/2010 will run everywhere), MS would face a huge disaster and billions of loses.
This is likely why the TPM2 requirement is a thing for Windows 11: Microsoft wants to migrate all Windows users onto a hardware base with nigh-uncrackable security/DRM protection, such that everything from power on to application is signed, approved code. For "security".
And people will buy it. Because "general purpose computing" is a niche feature for nerds. (Astronaut 2: Always has been.) And it presents enough problems and extra work that most consumers woyld gladly give it up. Most consumers just want something thet can do Facebook/Excel/Spotify/Netflix/games with.
Would not fly.
Developers would not go into the store. Because everyone knows, that 30% tax would be next (basically it is the current situation on the Mac, apple could pull the switch on gatekeeper any time). And, because a lot of modern apps are just electron wrappers, people would just move to the web versions for everything. Which means killing their own platform.
And? Just, uh, boot without secure boot and patch things until they work again without enforcing code signing? The only way this sort of thing could be possibly partially enforced is by remote attestation for apps that depend on a server to function. So do what iOS jailbreaks did, except you don't need a vulnerability to start because secure boot will always be optional.
But manufacturers won't cooperate. One OEM (Asus?) once cited a price of like $16M to trust one key. The price for Microsoft is nothing because Microsoft can say "trust our keys or lose Windows certification".
That requirement isn't technical though. It's purely a marketing one. You can still install Windows 11 on a TPM-less machine and, for all intents and purposes, it'll work just fine.
That would never work, they would have to have some kind of override. Microsoft doesn’t have that kind of leverage over Windows users because they don’t have tight vertical integration. If Windows 12 enforced that, users would just stay on Windows 11 and MS’ leverage would decrease even further.
Windows 12 Enterprise would have the option, Windows 13 Enterpise would remove the option but allow for a signed "legacy" sandbox. Windows 14 Enterprise would have no option.
Sure, if we talk about decade or more, companies can and will adapt. They can run several apps in VM, or just migrate to Unix. I've worked at bank who was through and through completely Linux including all front desk people, in 2010. If rigid banks can do it, everybody can.
I can’t believe people didn’t stay on Windows 7. It seems to have slid into some always-online ad-filled cloud hellhole since. Office365 is worse than Office 2000. This is the OEM strategy still at play. You gotta hand it to Bill Gates for capturing PCs for decades. People truly don’t care how poor their operating system behaves, because your only other option is to buy a Mac.
Normal mainstream users can't stay on very old operating systems like Windows 7 because they'll eventually be forced to install newer software that's not compatible with it. Outside actors other than Microsoft force os upgrades.
- buy a new printer and it only has drivers for newer os like Windows 10/11 and later
- need for installing newer software like latest versions of Google Chrome, Mozilla Firefox, Adobe suite, TurboTax 2024, etc. They don't install on Win7. For Windows 7, the last version of Chrome was January 2023. Last version of Firefox was August 2024.
So setting aside commercial apps like Adobe, TurboTax, etc. -- why can't a user just stay with old version of Mozilla Firefox that's compatible with Win7 and turn off updates?!? Because bank websites like JP Morgan will block the user with an error "You need to upgrade your web browser" because the SSL/TLS encryption algorithms in old Firefox versions are obsolete.
Deliberately trying to freeze your computer on Windows 7 or Windows XP means relegating it into a "museum piece" that becomes less and less useful for practical real-world tasks. That's ok for an isolated machine that runs old video games but no good for online banking.
Some of us do! I get fewer problems at home on W7 than at work on W10/11.
- Printers: the W7 cohort probably overlaps with users of classic HP Laserjets (I know it's not just me!).
- Chrome: Supermium adds W7 support back into the latest(ish) version.
- SSL/TLS: does such an issue exist on W7? It's exactly what pushed my mother (at the age of about 65, and hating having to learn anything new) to upgrade to 11 from XP a year or so ago. I do all my Internet banking on W7, via several different banks as I often move around chasing the best interest rates, and never had a problem with any of them. (Vivaldi, Supermium, Firefox 115ESR.)
- Some software such as Adobe XD: yeah, unfortunately it's not supported. Depends how much it's needed I suppose. I may be forced to "upgrade" sometime this year but I'd really rather not.
"I can’t believe people didn’t stay on Windows 7."
Microsoft forced Win10 down people's throats. I had all of my machines Windows Update processes turned off and somehow it STILL got onto my systems. I suspect Skype was the mechanism through which Microsoft did this, as they owned Skype then and I still used it.
Staying on some windows 10 lite-repack for about 8 years now. Automatically activated. Word, Excel, PowerPoint, Paint. Windows-7-like start menu. No UWP apps, cortana, onenote, onedrive, even no freaking microsoft Edge. No app store. Not a single moving pixel, ad or notification , or another jumpscaring layout when system starts. Everything installs/works perfectly, perfect system.
I have no idea why people even consider updating, must be some really weird case.
There is zero new value in the latest Windows versions, just plain nothing new, there is really no reason to switch.
Too much fuss with community hacks to maybe get stuff working and end up having wasted time in any case. There is too much garbage to deal with in modern computing already. And some features are just not available with or without hacks.
If I want to use a decent OS, I can do most of my development on Fedora or Arch or some other Linux distro at my workplace.
For proprietary stuff that won't work there, honestly, Windows 11 is not that bad as far as Windows go. I do not get ads, I use a local account without problems and I can do development actually decently with PowerShell, vcpkg, VS Code which Microsoft offers for free and which work on all platforms.
TL;DR: There are hills with a much better view to die on.
Until they need new hardware, for which there will (and can) be no drivers anymore, as Microsoft stops crosssigning them in the Hardware Dev Center after a while for old Windows versions.
Microsoft does have the leverage in this case, as long as folks want to continue using Windows.
Similar why gatekeeper exists on Mac.
This would mean that old software would stop to work, though. Which is a bit anti-microsoft politics. Without running all the old unsigned software Win is not Win anymore.
Having to use an account to get apps from app store (Apple) vs. having to use an account to install and use the OS in the first place (Microsoft) = not even a a competition
Until you need to download something from the app store (happened to me the other day on a mac I wiped and then needed to bring on holiday so now I need to go through the process again afterwards)
Can you install anything from the windows store without a Microsoft account, or from google play without a google one? I assume this is already the state of affairs since ever, but except iOS all the rest allow you to install stuff outside their stores.
The point is you are not going to be allowed to even install windows without an account to make use of the great privilege of using a walled garden app store.
And no one on this forum really needs app store when homebrew exists
Just a matter of time. Look at where their interest are. Apple will probably be second on this, but if it happens it will be for both and the argument of security will be cried out loud at whoever complains.
it doesn't matter if you don't need account to access windows app store if you can't even use the os without an account. your point just doesn't make any sense to me
The "Command Line Tools for Xcode" don't require an Apple ID to install (and provides a C/C++/Objective-C/Swift toolchain (LLVM/Clang) and things like Make and Git). Not to mention other compilers not provided by Apple that you can just download and install. And yes, while you do need an Apple ID to download Xcode from Apple, you don't need to be signed into macOS with it (you can download it from the Apple Developer site).
Nah. In one case no one prevents you from torrenting third party Xcode at your own risk. You can run any code you want on your device. But in the other case you can't even use the OS. Cope however you want but QED.
It's such an absurd lie. If Microsoft's idea of security is to force its users to authenticate online for a local account, they should never be allowed in the software industry at all. They're needlessly and dramatically increasing the attack surface of one of the most security critical software running on user devices.
It's an argument for increased security in the same way that they consider uploading the contents of your hard drive to their servers to scan for "malware" (and other undesirable-to-them content) is. Corporate authoritarianism.
The trick is that most of the users need this service. Before Windows Defender was built in you had to buy an anti virus software from sneak oil Windows security industry, and likely get somehow scammed in process.
The same companies sell anti virus for Android today.
Except that on Home edition it detects everything as a virus, so all programs have an explanation that if Defender detects it as a virus, then just ignore it.
I haven't been using Windows as my main OS for a few years now but at least when i used it with Windows 10 it didn't detect "everything as a virus". In fact i can't even remember a single time i had issues with Windows Defender.
Unless you refer to Windows SmartScreen? That is a different thing - really about how popular some program is (though Microsoft did put it under Windows Defender at some point so it can be confusing) - and isn't about the antivirus (which is what i was referring to).
> Before Windows Defender was built in you had to buy an anti virus software from sneak oil Windows security industry, and likely get somehow scammed in process.
And now you get the same from Microsoft. Clearly an inprovement.
That has nothing whatsoever to do with the topic, which is forcing online authentication. You can't possibly argue that needlessly forcing online authentication makes user safe.
The topic isn't about forcing online authentication. It's about improving security from having users use a Microsoft account. The security improvement of using a Microsoft account comes from Windows Hello.
Your's is a reiteration of Microsoft's preferred talking point that has no basis in reality. Tying local authentication to the cloud tremendously increases the attack surface for those who don't need it. TPMs do nothing to change this fact. The only connection between a TPM and a Microsoft account is that Microsoft chose to tie those two together for their own benefit.
No, they don't. They can clone your hard disk and use a different computer. A TPM based pin makes that approach impossible and you must have access to the system itself.
It's the entire industry's idea of security for the last 10 years or so that the company who made the thing is unquestionably more trustworthy than the users themselves.
(Opinions are my own, I have no inside knowledge.)
I vaguely remember hearing that P2P Skype was the bane of sysadmins' existence. Skype would elect clients on high-bandwidth networks as supernodes. This tended to be business customers - the very organizations MS wanted to attract. Skype's prodigious hole-punching ability made it difficult to throttle, so it got banned from a lot of enterprises. MS essentially hosted the supernodes on Azure, which centralized it.
As for encryption, on the other hand, Wikipedia says MS specifically added the ability to eavesdrop for law enforcement agencies, though apparently Skype had already added a backdoor for the NSA before MS bought them: https://news.softpedia.com/news/Skype-Provided-Backdoor-Acce...
This [1] is one of my favorite leaks from Snowden revelations, and I regularly bring it up anytime people try to downplay what PRISM is. That's a user manual for NSA agents on how to spy on Skype users (including video and text) in real time. It's informative and also amusing at times. For instance in the FAQ one issue a confused spook might run into is why they're being spammed with the same messages repeatedly. It turns out that when a user logs on to a new device, the recent messages Microsoft sends to the user are also directly forwarded to the NSA, which can result (from their perspective) in messages being repeated.
i wonder if some Estonian could justvrerelease the p2p originals . After all as america deteriorates its own influence , at some point the lawyers of the big 4 will be seen as barely disguised tendril of a hostile power in Europe . Who cares about your sales contracts if the president goes for Greenland . We might see a SkyEarthFireWater-Open source re-release one day. Just another tradewar anecdote .
The big 4 will be seen as a hostile power within Europe? The big 4 ARE (mostly) European. What are you talking about?
Sales contracts? What do you mean in what context?
I agree that it would be cool if the original p2p Skype somehow resurfaces, but I can't make any sense of the rest of your post or what it has to do with the subject at hand?
Join us back in the real world with no Trump derangement syndrome and you'll find out that European governments want an airtight control on companies so they can surveil them and people absolutely.
They want narrative control and squashing rising political opposition.
The problem is that many other people and organizations run Windows and it's absolutely security critical for them. And because we don't live in a vacuum, it's security critical for all of us.
A while ago, I needed to get into safe mode to rescue a laptop that wouldn't boot.
Since it uses Windows 11, I originally logged in using my Microsoft Account and a Windows Hello pin.
Safe mode doesn't load wifi drivers and the laptop didn't have an ethernet port, so I couldn't log in to my Microsoft Account to get into Windows safe mode. Didn't have a dongle with ethernet port at that time, so I had to backup the drive and reinstall Windows instead.
I’m not in Windows ecosystem for more than 25 years now. But I had to buy couple of windows laptops for sales team at my business. I tried very hard but windows wouldn’t allow me to set it up without first creating Microsoft Account online. I’m in Apple ecosystem, not that they are significantly different but they atleast allow me to use the system albeit in limited capacity.
I’m seriously considering going back to Linux for my next work setup.
There was a trick to bypass the online account requirement. You press Shift+F10, which launches a command prompt, then use `oobe\bypassnro`. This reboots the system and adds a button to set up offline.
We’ve been running our company (6ish people) solely on Fedora and it’s been a breeze, but then we’re a bunch of nerds, so not necessarily a surprise. The real test how much the Linux desktop has matured happened when I set up a fedora laptop for my parents to get around hp desperately coaxing them into some kind of subscription and an endless stream of ads/complaints from Microsoft to buy into a cloud service. After setting up the laptop and explaining the very basics of Plasma, I’ve had to deal with it again. Because with printers, it just works (tm)
> I’m in Apple ecosystem, not that they are significantly different but they atleast allow me to use the system albeit in limited capacity.
Define "limited capacity". Other than Apple Services like iCloud, FaceTime, iMessage, Apple Music/TV, etc, it should just be the App Store that's unavailable without an Apple ID (which _is_ crippling on iOS, but not so much on macOS).
>wait, you need internet connection to even login?
No, you can log in without being connected to the internet (that obviously happens a lot on a daily basis, where people are using a laptop with no connectivity until after they sign in).
That’s not the case. I have a Windows 11 computer around, set up with a Microsoft account and Windows Hello, and I can log in just fine without internet connection.
That's right. It sounds like a bug but this is Microsoft we're talking about here. They're probably brainstorming for ways to lock you from your own computer.
You can solve this problem by creating an offline account with Admin privileges after setting up Windows with your online account, but most users won't do that.
Reinstalled windows recently, now it has the window resize bug, which apparently has something to do with display sleep mode. Reportedly linux struggles with sleep modes too, but to think I should try linux for better hardware support, duh. And new windows is very fiddly, constantly tries to install new metro apps, adds them to lock screen, installs new services, runs a shit ton of services that constantly write a lot of data on the disk. Enshittification is in full overdrive now.
Linux struggles with sleep mode sometimes due to Microsoft and Intel pushing S3 into S2idle and motherboard/bios manufacturers doing the absolute minimum to support either.
I had the same impression, but support for new sleep modes seems to improve quickly. A few years ago I had a Gen 1 ThinkPad T14 AMD, which still had S3 sleep. A significant portion of the resumes it would come up with some devices not working (e.g. trackpad, fingerprint reader, etc.). I recently got the 5th Gen T14 AMD and the only issue I have is that the fingerprint auth takes a few seconds to come up, but other than that I haven't had any resume issues yet.
All these user hostile behavior finally tipped me over the edge last year after I started to get Windows 10 EOL popups. No way I was going to "upgrade" to a ad/spyware/subscription ridden MS marketing platform and be constantly nagged at to try out more of their services.
Moved to a Fedora Desktop, liberating to move back to an conflict-free OS whose primary focus is to serve its users, imagine that.
I've been running the Xfce spin of Fedora for the last year, and it is the most stable OS I have since forever.
For the few programs that really need Windows, I use Qemu/KVM with Virt-Manager and Samba for sharing files.
I wish to keep using this setup, I just hope buying hardware with good Linux support in the future does not become too difficult. I fear moving away from x86 will make things harder.
Windows is a launcher for games, there is no other use for this system (correction: it still runs some specialized professional software that is too expensive to port). And now, even most of the games work on Linux too.
I got into music production again recently. To my surprise most recommended new software is either Linux native or properly ported. See reaper for example.
Many years ago music on Linux was hard, and years behind. Software was limited and the audio driver situation was a mess. But now you get professional software directly in the package manager and choose between several very reliable sound systems and even use the far majority of VST Plugins.
It is usually available on Macs. Of course, there is still some specialized software for Windows, e.g. many CADs. But all these things are now marginal. If you are a software engineer and use Windows for your work, you are now a minority.
I was looking to move to Linux for my gaming PC, just about pulled the plug when Respawn decided that all cheaters in Apex Legends were supposedly using Linux and decided to block Linux users from playing...
I've been using Xubuntu for years now,and run Windows 10 in a VM for the few things I need on there that I dont' have a linux replacement for (or cared to hack together). I'm about 99% linux and macos now, and don't miss windows at all.
According to the linked discussion, the underlying setting that the script set still exists, so this simply makes it less convenient.
It should absolutely be taken as a warning sign, though. Seriously, if at this point you're installing Windows and relying on the existence of that setting, you should be seeking alternatives.
I've been saying the writing was on the wall for a long time. Any time someone says how easy it is to simply avoid MS account registration I've argued that it's not going to last much longer.
Even Microsoft's current Storage Spaces Direct won't let you start a locally hosted Hyper-V VM without an Azure connection.
Reminds me back at the Xbox One launch where notoriously an employee arrogantly said that always online DRM is fine and defended it when pressed by saying why would anyone want to live in an area with unreliable internet. He left Microsoft after the backlash.
> Microsoft executive Don Mattrick told GameTrailers in an interview that was filmed just before E3 that he understood why some people are frustrated at their policies.
> "Fortunately, we have a product for people who aren't able to get some form of connectivity," he said. "It's called Xbox 360.
> "If you have zero access to the internet, that is an offline device."
There are a lot of "workstation" type enterprise deployments where by policy, internet access is forbidden. Microsoft knows this, at least for professional and enterprise editions of Windows, I find it hard to believe an internet connection would be required, like ever.
I would also say the same about require either a live.com or M365/EntraId account for local login on AD joined systems' installations. Unless of course they require you to setup a base-image with an internet connection and then convert accounts to local-only post-install, which sounds like a typical Microsoft approach.
Managing Windows devices at work using the online-first paradigm makes it clear what MS is trying to achieve here, but it's poorly communicated, as usual. In the M365/Entra world, the big benefit is having cloud Active Directory (Entra/AzureAD) and automated deployment (Intune/Autopilot) all integrated. For home users, you get bits and pieces of this, but it feels unnecessarily limited.
What MS wants (from a charitable interpretation), is the ability to encourage/enforce full disk encryption (Bitlocker), TPM-based MFA and TPM-backed passkeys (Windows Hello), as well as tight integration with their product suite (Office/OneDrive) and browser (Edge). Syncing settings, apps and other things between devices (or on setup) is also a win, though it's pretty basic right now.
Though silly to a technical crowd like HN, FDE for regular users requires a way to not lose all their data if they forget their password or some other issue happens with secure boot or the device. Non-technical users aren't going to understand the importance of backing up their Bitlocker recovery key, and without it, they're hosed. During online setup, MS stores this key online to the MS account, so it is recoverable.
MS isn't going to limit the integration and security they can provide by adhering to a local-only OS concept. It's not what most users actually want, and their competition (Apple, Android) does the same thing, so users are used to it. I just wish they had a light (inexpensive) version of the Entra/Intune package for home users that want to be able to manage multiple devices and get the real advantages of the online link.
I'd like to remind you that there are still millions of people around the world using Windows 7 daily. The fact that some software is no longer supported by its developer doesn't mean it stops working somehow, or becomes radioactive.
You can't really exploit something when its attack surface is nearly nonexistent, which is the case for most people who use an outdated OS on their personal device, for example.
Even if there's an exploitable vulnerability, the exploit has to be delivered to the target system somehow. You don't have much of an opportunity to do that with a device that doesn't have a public IP address. Most likely the user themselves will have to do something that would compromise their system, like visiting a website that would serve them an exploit for their particular combination of browser and OS.
When you're forced online, you become less resistant to products and services being fed from the cloud, then computers can be produced cheaply with less storage and resources, and almost everyone will end up running dumb terminals. It doesn't happen overnight, but more and more people would rather buy a 150 bucks PC plus pay per use services rather than a 250 one that can host and run installed software, then the market would do the rest by making real computers more expensive as they transition to niche products.
I'd rather start familiarizing with open and less intrusive operating systems.
Windows 11 is the reason I’ve returned to Linux after a decade away.
Microsoft doesn’t seem to be concerned about killing the golden goose. I wonder if they have data on just how much hostility users are willing to put up with?
The only issue with that is when you switch to Linux, alternatives to Azure is much more compelling. I would never use Azure services unless I'm on Windows.
Could you explain this a bit more? I happen to like Azure, probably because I understand it a lot better than the other cloud platforms. What’s the connection to Linux OS?
I use Azure every day at work and I’m honestly baffled anyone could have this opinion. The interface is slow to load, when it works at all. I’ve had my log tails just strait up crash not allowing me to debug for hours. The documentation it ok, but if you want to do anything that’s not c# it’s a fucking nightmare.
I was recently trying to integrate EasyAuth OIDC with a custom IdP and it was a terrible experience. No logs indicating why it wasn’t working. I had to dig down into the configuration xml schema to discover EasyAuth didn’t even support client_secret_basic auth method so we couldn’t use it in the end. Every product is like this. Great if you do everything MS wants you to do exactly, but if you have any requirements not blessed by Microsoft you’re SOL.
Well, I do. I still like Outlook, and it works good enough as a web app. Same for OneNote. Azure as the development platform is crazy, of course. But I also have a friend who I respect much, and who is probably a better engineer than me, who likes Azure and completely unproductive with AWS, so _maybe_ that's a matter of taste. Just like tabs and spaces. I prefer spaces, but whatever.
I prefer managing my own hardware and find both Azure and AWS very unproductive for anything else than huge, big traffic, projects. Not sure if that has to do anything with my OS choice.
Good old days - when the software was a box full of floppy disks or CDs which you buy at a store and bring them home and modify registry settings etc.
Software is no longer a product like a chair and table which you can just buy and move it from the store to your home. It is more like a managed service like a utility connection. It is available for use only as long as the vendor allows it. You buy a subscription and play nice. The buyer might also not have the admin user privileges on the software they bought with their money.
The same might happen to cars and all other smart devices as well. Cars might always be connected to the car company, which might have some remote control over the car. Phones are already like this. It is a matter of time, all your home appliances are partly controlled by the companies who sold them.
That Xbox employee that was smugly and fanatically defending the always online fiasco way back (who ended up getting fired for defending the sales pitch) must be screaming.
I've heard tell that some software out there will refuse to operate on Windows Server because of licensing, like perhaps they want you to get a business license. I have no evidence at hand, but something to look into.
I worked at a software vendor where we would check the type of product and yes you needed our server product to run on their server product, whether or not you used the server as a server.
Not all software does this but I also don't recall it being unusual.
These days there is no reason to use Windows at home. Just move to a distro like Mint or Ubuntu. It will save you money and help stop filling up Landfills.
I am on a 10+ year old Laptop with Slackware, for desktop use it is just as fast as any modern Laptop with Windows, I would even say it is faster.
Also you will find Libreoffice is just as good as M/S Office. Just ignore the fud. FWIW, I believe many foreign countries will start migrating to Linux and I heard that is already happening in China.
> These days there is no reason to use Windows at home.
I have two, sadly.
1. I use my Windows PC for flight simulators. While many simulators will indeed run under proton, the hardware devices (VR, joysticks, throttles, pedals, panels, etc.) usually will not, or at best run with minimal functionality.
2. I develop cross-platform software and need a Windows PC to test that environment.
A third for some people:
3. There is no great alternative to certain visual media software. e.g. Affinity Photo/Adobe Photoshop has no equivalent on Linux. No, GIMP is not anywhere near equivalent- in the same way that Nano is not equivalent to Visual Studio Code.
To add onto 3, I do my taxes every year using either the desktop version of Turbo Tax or H&R Block. They only make Mac or Windows versions of their software.
I've read online that people have attempted to use wine in order to emulate the Windows environment with no success.
> These days there is no reason to use Windows at home. Just move to a distro like Mint or Ubuntu. It will save you money and help stop filling up Landfills.
Old Intel based computers are terrible for power usage. Modern computers that are ARM based are much better for the environment.
Microsoft knew they were losing the client device market to iPhone and Android (after their Windows Phone flopped). So they essentially gave up on improving Windows, and decided to turn it into a thin client for Microsoft cloud services. For this model to work well, they need to force users to have a stable identification, aka Microsoft account, in order to login to the thin client.
Windows is over. I moved to Apple silicon a while ago and never looked back. Even though macOS has its warts, it's not hostile to its users.
I remember an interview with Bill Gates around 2000 (maybe even late 90s) where Gates said that the future of software was online subscription.
He even stated back then that he’s have Office run over the internet if he could.
Another example of this is how Xbox Live has been a thing since the original Xbox. Long before iOS and Android. And more recently, Xbox Live has become more than just a subscription service but a full on streaming platform.
Let’s also not forget that traditionally enterprise licenses for Windows would be billed annually. By this, I don’t mean someone purchasing Windows Server for their home lab, but actual data centre use. (I’m pretty sure this was the case, been a long long time since I’ve gone through a Microsoft audit, let alone been purchasing data center licenses, some someone do correct me if I’m misremembering here).
So I don’t think any of this is a knee jerk reaction to Apple and Google eating their market. I think it’s always been their long term strategy but it’s just taken this long for the wider industry to align.
Now with the gaming market being increasingly subscription based, other software vendors switching pricing format (eg Adobe) and the internet being far more accessible than ever, MS are in the best place they’ve ever been to press home the final missing piece: Windows Home.
This really appears to be the simplest explanation -- turn every desktop into a thin client, served by walled-garden apps, and with Azure integration/dependencies.
Then charge subscription fees to turn all computer owners into renters. Oh, and show ads too, while you're at it.
Thanks. The subscription model is now almost the default for everything. Investors like the steady stream, which makes sense financially. But unfortunately it has resulted in much lower software quality, because software shops now don't have to make a high quality, solid version that they sell once; they can just ship MVPs with bugs or missing features and tell you that we'll work on fixing/adding those features, just keep your subscription and you'll get it.
I miss the days when you bought a high quality version of something that you kept using for years.
I avoid Microsoft products at any cost, and have done so since I began using computers in the 1980s. I suggest others do the same. The company and its practices are unethical and morally bankrupt: and those products don’t even work well. The more people who stop using Windows the less they will have control of gaming.
the true victory is to move to linux. unfortunately, that's been harder than it needed to be, and it's mostly due to inertia of old software and network effect of windows.
Does anyone have an idea if you were to enable wifi and register a MS account exactly what data is being sent to them? Do they send your MAC address? Obviously your IP address and I assume during account creation they would want your phone number/alt email? I can see Windows not being accessible as some places genuinely don't have internet, and if they do, it's heavily restricted. I've also heard if you enter something like "a@a.com" or a banned email during setup it can let you through?
Obviously this is a way of 'legitimizing' consent to data collection and it would be very interesting to see a breakdown of every byte of data MS gets sent (even file explorer communicates with a US IP address).
I genuinely think the EU needs to take a look at this, I would be very surprised it this wasn't abusing their monopoly-like position for mandatory data collection (although, they probably welcome it!).
They want everyone using Microsoft accounts so they can turn computer usage into a subscription service, plus with Recall you get perfect telemetry. Panopticon is here and you pay for the pleasure.
> What happens if your online Windows account gets banned? How do you log in?
Tough, isn't it ? Your security is very important _for us_. Your privacy is very important _for us_.
See PayPal, Stripe, Google and other "services" for examples.
To directly answer: I have a Win 10 without MS account. Disk got corrupted, chkdsk cannot repair, cannot boot. Checking messages on screen was something like "online chkdsk failed". Unplugging the ethernet cable "fixed" the issue.
I haven't had Windows on a computer I own since 2009. I only use it on the work computer as it's the garbage they install and lockdown. The best thing you can do for your life is go Microsoft-Free. Don't do drugs, don't do MICROS~1.
Windows is the first thing that gets deleted on a new PC.
An acquaintance of mine works for Microsoft. Every time I meet him, he always tells me how much money hey makes. I'm sure it's double of what I earn when I have a good year. A big part of me wants to earn that money, too. But an unwavering part of me knows, I could never work for Microsoft.
At this point it is not just bitterness from their anti-Linux, anti-FOSS FUD days:
The thing is, Microsoft does make good software: Excel, Visual Studio, VSCode, Xbox.
I don't believe the problem is the engineers, the leadership of Windows fails to understand what the OS is meant for: getting out of the way so you can access the apps.
I heard the Acquired podcast episode on Microsoft, and I can’t pretend that their business strategies failed; they didn’t, and arguably it is the most successful company in history. I have a lot of respect for the business side.
And the things that rub me the wrong way are part of their success, e.g. embedding WWW into the OS early on.
The main reason I can’t work for them is their Vogon aesthetics. They’re like a square pair of shoes: not meant for you.
"OS is meant for: getting out of the way so you can access the apps."
When I first got into computers an operating system was primarily known as a file-loader — a way or mechanism to load one's apps. Take CP/M as an example.
A big part of me wants to earn that money, too. But an unwavering part of me knows, I could never work for Microsoft.
Big Tech and big money is not just Microsoft --- there's Apple and Google too, but if you don't want to work for MS, then the latter two might be "same but different".
How does this work for secure environments which are supposed to be air-gapped? Does Microsoft offer a special on-premise licensing server? I cannot image they just throw up their hands for such clients and suggest an alternative OS.
I'm surprised that they're doing this now, with how strained international relations are. I'm sure their timing will help motivate serious non-us customers to look at linux for desktop use.
I really doubt that if it was, say, the early 90s (with millions of people yet unfamiliar to computing) and MS and Linux was in its current state of development, that the masses wouldn't have found it much more frictionless just to use linux. MS is literally running on hot air, hubris, and lock-in the likes of which I don't think many others cant match, devil incarnate not withstanding.
I keep installing without Microsoft accounts just fine. People keep not realizing there is literally a option for this in the installer still, it's just not named "skip microsoft account". LOL
It's quite ironic they call it enhance security to tie their software to their cloud considering their cloud infrastructure is one of the most hacked of the big corpos. Data breaches happen all the damn time.
Something that doesn't happen much, if at all, with Google or Amazon.
Microsoft is one of the most incompetent and impotent corpo out there and considering how much critical infrastructure relies on their software it would do good for the world if the government intervened like they should have back in the antitrust lawsuit days.
Break them up. Separate the cloud, windows and office businesses. Make them stand on their own merits.
Android is very usable without a Google account or even Play Services. It's not convenient, you may be missing some functionality, but it's usable and alternative app stores exist.
Huawei famously shipped devices without Google Play and many were fine with it. And Samsung's devices, AFAIK the most popular Androids, can have the Google account removed. Play stops working, but you can still use Samsung's own app store.
That may not last, of course, Android could become closed source, but in the meantime I dare say it's strictly more open than Windows. And I hope Microsoft gets slapped by EU's DMA.
"It is very hard to use Android without a Google account."
It depends on what type of user one is. If one wants to be spoon fed and data-raped by Google then your statement is true.
But there are other options that make an Android smartphone both functional and viable without both a Google account and Google apps.
Except for test accounts on test machines sans anything of any use to Google installed, I've never had a Google account and I manage perfectly well, and I've used Android since version 4.
On rooted devices I hack Google to pieces, all Google apps are removed so is just about any other software that communicates with Google. On devices that aren't rooted, I'll disable all Google apps including Google Play Services and the Play Store, make sure a firewall is installed and that all apps except those with explicit permission are blocked from internet access and rerouted via a VPN to a nonexistent network. And so on, and so on….
Everything I want to use works, Google software is replaced with apps from F-Droid and other sources of non-Google origin. Still, I've no trouble viewing YouTube and I do so without ads, also I've no difficulty using the Play Store and downloading apps without a Google account.
There's really nothing that Google can offer me in addition to the third party apps and services that I already use. This phone has 215 apps installed and a second phone has 307—these apps are sourced from both F-Droid and the Play Store. Most apps however are open source/from F-Droid, etc.
For those who don't want to go to the extremes that I have there are many halfway measures one can take to minimize Google's impact.
BTW, in the past I've uploaded stuff to YouTube which I've done with 'dummy' test accounts.
This isn't true at all. Getting a Pixel and GrapheneOS running requires no Google account (but does require the internet initially to enable OEM unlocking).
Once GrapheneOS is installed, no further interaction with Google is required. You can happily and easily use a main profile without play services/Gapps (and Graphene allows you to block 'network' at the socket layer if you do need to use apps).
You could then have a 'work' profile or use private space which is isolated from your main profile that uses play services/app store but it is absolutely not required.
It _is_ a learning curve for sure, but I do not feel Google is going out of its way like Microsoft is here to make it burdensome. (In fact, Google is quite welcoming to OEM unlocking unlike some other phone manufacturers)
I've been running LineageOS without MindTheGapps for about 2 months. (I was using LineageOS + MindTheGapps for several years on the same phone, but recently reflashed it.) My "app stores" are Fdroid and Aptoide. Not only what I have is usable, it feels faster and doesn't slow down after a week without rebooting.
My brother is stunned that I'm still using such an old phone (8 year old Moto). Unfortunately, no recent model Moto phones can run Lineage. My next phone will probably be a Pixel with Graphene or Lineage.
Is it? I use Android without Google account (with services though). No app forces account on me, there's always option to sign in through other platform or directly via email.
Do banking apps work normally if downloaded from the aurora store? I'd very much like to fully degoogle my next phone when I get to replacing it, and it's the last stumbling stone
I believe there are reasons this isn't a solution for everybody, but I just use the mobile website. Works for me, and probably a lot of people. I'd rather not have the app on my phone anyway.
Absolutely. You should check out the list [1] to see what banking apps are verified working with GrapheneOS. It's worth noting if your banking app isn't on this list it does not mean it will not work.
All the computers are connected to the Internet? Can you still buy something without having to register and without that software always be communicating to home servers? Can you still buy a software product and do whatever you wish with it, for as long as you want and without having to pay subscriptions or be forced to upgrade?
> All the computers are connected to the Internet?
no
> Can you still buy something without having to register and without that software always be communicating to home servers?
yes
Can you still buy a software product and do whatever you wish with it, for as long as you want and without having to pay subscriptions or be forced to upgrade?
The simplest way imho would be to use Windows configuration designer.
It generates a file that automate windows oobe when put on a USB key connected to the pc during setup.
It's an open source textGUI powershell suite with hyperlinks to all the toggle tweaks, maintained by one talented MS engineer and contributed to and eyeballed by a hundred odd contibuters.
I recently bought a new computer for the first time in ~5 years. I had to boot into windows 11. What a garbage shit show that OS has become. It took nearly an hour for updates, then it constantly dogged me to sign up for free trials of all kinds of crap. It required logging into Microsoft. It made me back things up.
At no point was any of this really optional. And when it was they made it difficult to find the option to skip.
Do you still need an enterprise agreement to get a license for LTSC? That used to be the case for 10, anyways... kinda puts it out of the reach of most users.
No you just steal it and pretend it’s ok because the machine came with windows 11. Tech companies taught me it’s ok to steal and do things without permission.
It was/is just a few hundred dollars and well within reach of anyone able to pay that price (though the required volume license agreement, while "free", may well be off-putting to some): https://tinyapps.org/blog/201811300700_windows_10_ltsc.html
I'm also 100% convinced Microsoft will introduce mandatory code signing at some point and make it so that you can only ever install software from Windows Store.
They are envious of the Google and Apple walled gardens/cashcows and are now determined to turn Windows into one.
Windows is no longer a product for users, the users of Windows are the product for Microsoft to be shoved into the Azure sales funnel.
This misses how Microsoft makes money from Windows. Taking a cut of apps isn’t that useful because most people don’t install many apps. Of course it’s still welcome revenue, especially for games, but Steam has too much goodwill there, and Epic won’t still idly by (and Adobe etc in other domains).
Instead Microsoft is trying to upsell cloud storage, backup and ad-free email (along with Office apps) with Microsoft 365. And on the biz side they’re getting into the biz of offering managed patched online Windows VDIs, kind of like Citrix.
Also Microsoft Store-only Windows is a deal killer for Windows in businesses. A lot of specialised LOB (line of business) apps run on Windows and the Store is a non-starter for those. And in home contexts there’s a bunch of legacy apps that people keep Windows for, dropping support for them will mean switching to ChromeOS or macOS just got easier.
So yeah — I fully agree they’ll absolutely shove you in into the Azure or M365 sales funnel, and individual users no longer feel like a priority. But non-store apps aren’t quite dead yet.
The app-store-only restriction would likely be for home edition. If you want custom apps, you'll need pro or business licenses.
That's the main reason why Valve is investing in Linux and Steam Deck.
Apropos, running Steam on my Archlinux Desktop with Windows compatibility turned on works really, really well. Much better than what I remembered from the bad old days of trying to get stuff running in Wine.
Wine and it's alternatives have greatly profited from valve going this route and as a result all software runs better. It's a gradual improvement over time and we are past the early stages. I'm still running a gaming PC on windows but that is going to end quite soon if Microsoft keeps doing these things.
Stream actually paid for contributions to Wine if I understand correctly.
I too planning to use a gaming centric distro for my next gaming PC build. The horseshit they've been pushing at me on 10 has been atrocious. The lie that 10 would be the last. Injecting pages into Chrome. Windows acts more and more like literal malware.
Yes, steam contracts CodeWeavers which is the main company that supports the development of wine.
> I too planning to use a gaming centric distro for my next gaming PC build.
I don't find that the distribution makes that much of a difference?
I just use Arch Linux, and install all the programs (gaming centric or otherwise) that I need when I need them. I guess I'm lucky, because the Steam Deck's distribution is based on Arch Linux, but I used it before it was cool.
I suspect the main differences between the distributions is what you get by default, and that can be a huge factor in terms of convenience?
Yeah and good on you for using Arch but gaming distros are designed to support dummies, meaning people like me that don't really want to build the OS from the ground up get to coast. We just want to use it.
I know a fair bit about OS internals but especially when I'm gaming I want to play rather than read and follow technical docs.
Sorry, not sorry.
Linux Mint with Lutris and Wine.
I completely removed Windows from all of my personal notebooks and workstations.
I game using Steam on Pop_OS![1] with a home-built AMD machine and, while I know there are some background processes (Proton) that run to establish and maintain a compatibility layer, it's nearly seamless to me as a user. The most I really see is a progress bar that appears before some games where Vulcan shaders have to be pre-rendered. In my experience everything needed for Windows-native games to run on Linux is handled automatically, without any configuration, runtime flags, or anything else.
Early on I consulted ProtonDB to see if my games would run, but honestly now I don't even look at it any more. While YMMV depending on the games you play, I haven't encountered really any major bugs and zero crashes. The most I found was some strange shadow texture rendering artifacting in Baldur's Gate 3, but it was contained to a particular part of a particular map.
A decade ago it was kind of rough, but now? I am never going back to Windows for gaming. Playing games on Linux is light-years better than what it used to be. If you're curious but haven't tried it because you had bad experiences in the past, I'd encourage anyone to give it another go.
1: https://system76.com/pop/
I second that, everything "just works" as you'd expect it to.
If StreamOS can get widespread and they start to introduce desktop apps to the store, I think they can take some market share.
> everything "just works"
Just a note to readers who are interested in this: some games in your Steam library may still not work with Proton, but the ones that do work should have rather few issues. (I play exclusively on a Steam Deck so “should” is in reference to the variance in hardware among bespoke machines.)
Imo just works is an understatement. Many games work better than ever.
On low power hardware many games run better because they not strangled by windows bloat.
How bloated is Windows actually?
Idles at 50% CPU usage running background tasks on a dual core. For steam deck, enough to be noticeable in FPS.
I have a 9950X3D and doing nothing Windows still lights up a core 5-20% every few seconds doing god knows what.
Linux on the same hardware does not.
Is that 50% CPU usage across all cores? That's impressive (as in impressively bad).
I haven't used Windows in a few years, but I was actually fairly happy with Windows 10 as a casual user.
One core, broadwell generation.
Devs don't test on low spec machines and MS fired the team that maintained the testing PC zoo a decade ago.
I still have a Windows computer for a single reason: PUBG on Steam.
If that worked on Linux, I would not longer need Windows at all...
PUBG - the game that must have tried every different AC at some point. Plus layering multiple at the same time.
I am glad they've added bots years ago which made me stop playing so I do not miss it.
Valve started with win8, almost 15 years ago now.
The Steam Deck has done well, and releasing SteamOS for free so people can install it on their own PCs is great, but I think they should make a “Steam PC” they could sell. The majority of gamers aren’t technical and buy pre-built PCs. A Steam PC with Steam OS pre-installed would make it easy for these people to game on Linux and pump up the Linux gaming share of the gaming market.
the steam pc is the newly announced xbox, no?
> I'm also 100% convinced Microsoft will introduce mandatory code signing at some point and make it so that you can only ever install software from Windows Store
2017 called. It wants Windows S Mode back.
Needless to say it still isn't very popular. But this has been around for <checks notes> 8 years now
Yep, the technology is already there.
Just a question of time before they flip the switch for good and force it down everyone's throat and call it "enhanced security and user experience".
Windows S failed hard so they have a new strategy. Every new CPU ships with M$'s Pluton root of trust. For 'security' everything will have to be signed. They consider the user to be the threat actor. Eventually they will charge a percsnt fee for using their signing service.
Have you met my mother in law? She really is.
This sounds like the UEFI Secure Boot FUD from > 10 years ago. That also didn't turn out like they predicted.
The desire for control never went away.
The moment they roll it as mandatory - people would stop updating.
There are so many legacy apps being used in the corporate world, I don't see this realistically ever happening.
So just make that feature exclusive for enterprise versions and reduce the ease for private individuals to obtain one.
Where is the EU when you need it?
It’s only a matter of time before Microsoft forces everyone with local accounts to switch to a Microsoft Account just to access their own machines. I wouldn’t be surprised if, in the future, local accounts are completely disabled, except maybe on specialized enterprise versions of the OS.
I'm exhausted by the anti-consumer behavior of American companies, constantly restricting user choice and access, undermining privacy, and hiking up prices, all in the name of "profit".
Profit?
You mean "enhanced security and user experience"? /s
I actually would consider S Mode if it supported steam and it's games. For serious computing I boot into Linux anyways.
For serious gaming, I use my Linux powered Steam Deck
It's been near a decade of them trying and failing (or over a decade, if one'd look at windows 8 and its apps as part of some plan), that at some point this 'what if they lock everything down!!' thing just sounds like a FUD, which is kinda ironic. And the 'they're locking down installs!!' thing too, every time they make a change it gets to the front page here, and yet it still remains circumventable (just use Rufus). Years have gone by and the actual "locking down" of it still hasn't arrived.
> They are envious of the Google and Apple walled gardens/cashcows and are now determined to turn Windows into one.
Which is perplexing, because this is essentially the opposite strategy than what gave windows value to begin with.
It would be amusing for Microsoft to end up in a situation where developers don’t want to target Windows anymore, just like Apple in the 90’s.
Perhaps they think it doesn’t matter once everything is in the cloud.
We're most of the way there with the switch to web apps and their native wrappers, even Microsoft isn't using their own UI toolkits anymore.
The only segments left targeting Windows as a platform are games, replacements/extensions to the OS tools, and a bunch of legacy .NET LOB apps. And since the Steam Deck and clones, Wine/Proton are (very) slowly becoming the actual target for games rather than Windows.
I think that long before that developers will still be targeting the windows APIs, even if they're not intending their software for windows.
> Which is perplexing, because this is essentially the opposite strategy than what gave windows value to begin with.
Consider how much has changed since the first 25 years of MSFT. Both in business and in life in general.
They tried with windows S. No one bought it and if they did by mistake they returned it.
>Windows is no longer a product for users, the users of Windows are the product for Microsoft to be shoved into the Azure sales funnel.
So true. I won't be running win11 outside of a VM and anything but win11 IoT. You know where to find it...
I highly doubt it, Windows is known for its stellar backward compatibility. Code signing means a lot of older software, that is still in use, would not be able to install or run. This is not going to happen (at least in the enterprise).
I have mad respect for Microsoft engineers for the compatibility work that they've done over the past decades. It is indeed superb that you can take even today an old Win32 executable and run it and it'll just work.
But I expect the new leadership will not put much value on this. I imagine it'd play out that first to "to enhance the security and improve the UX" they'll start a shoving a bunch of nagging dialogs in the users face "this app is not safe" etc.
Then they'll add a flag to enable "unsafe mode" where the user can run unverified / unsigned code.
Then finally they'll just nuke the flag.
After all requiring that the ecosystem with the most "important" apps such as their own office suite, slack, adobe etc. grind out new versions with digital signing is not out of alignment with these companies incentives and development cycles either.
In fact I would not find it surprising if these companies would actually be approached by Microsoft to participate in any such scheme and get offered some kind of "discount" or reward (whether it's app store discount or whatever else) and these companies would only see it strengthening their own moats against any possible competition.
And I'm talking about the consumer use case, not the corporate.
You don't know how many ad-hoc legacy apps based on Java/C# are out there. Zillions. If you want to give GNU/Linux a huge chunk of share (Java and C# code from early 00's/2010 will run everywhere), MS would face a huge disaster and billions of loses.
Users value backwards compatability. Users aren't the customers anymore and don't drive KPIs.
> Windows is known for its stellar backward compatibility.
was
They can just sandbox old applications, like they did with DOS ones.
This is likely why the TPM2 requirement is a thing for Windows 11: Microsoft wants to migrate all Windows users onto a hardware base with nigh-uncrackable security/DRM protection, such that everything from power on to application is signed, approved code. For "security".
And people will buy it. Because "general purpose computing" is a niche feature for nerds. (Astronaut 2: Always has been.) And it presents enough problems and extra work that most consumers woyld gladly give it up. Most consumers just want something thet can do Facebook/Excel/Spotify/Netflix/games with.
Would not fly. Developers would not go into the store. Because everyone knows, that 30% tax would be next (basically it is the current situation on the Mac, apple could pull the switch on gatekeeper any time). And, because a lot of modern apps are just electron wrappers, people would just move to the web versions for everything. Which means killing their own platform.
Mandatory code signing is meaningless without secure boot though, which can't be made mandatory on x86 systems.
MS's pluton is in every new CPU.
And? Just, uh, boot without secure boot and patch things until they work again without enforcing code signing? The only way this sort of thing could be possibly partially enforced is by remote attestation for apps that depend on a server to function. So do what iOS jailbreaks did, except you don't need a vulnerability to start because secure boot will always be optional.
Secure boot will not always remain optional for windows.
And how could that possibly be enforced?
Same way it works for anti cheat.
The whole point of anti-cheat is to provide some sort of proof to a game server that your client is unmodified. What would be the server in this case?
Who decided that secure boot can't be made mandatory on x86 systems?
Microsoft.
They can reverse their decision at any time. Inasmuch as you are able to boot Linux on your PC, it's only because Microsoft deigns to allow it.
>only because Microsoft deigns to allow it
Other operating systems could still collaborate with manufacturers to have their key be trusted.
But manufacturers won't cooperate. One OEM (Asus?) once cited a price of like $16M to trust one key. The price for Microsoft is nothing because Microsoft can say "trust our keys or lose Windows certification".
Good thing they’re trying to move off x86, then
I was under the impression that Secure Boot was a lot of the reason behind Windows 11's TPM 2.0 requirement.
That requirement isn't technical though. It's purely a marketing one. You can still install Windows 11 on a TPM-less machine and, for all intents and purposes, it'll work just fine.
That would never work, they would have to have some kind of override. Microsoft doesn’t have that kind of leverage over Windows users because they don’t have tight vertical integration. If Windows 12 enforced that, users would just stay on Windows 11 and MS’ leverage would decrease even further.
Windows 12 Enterprise would have the option, Windows 13 Enterpise would remove the option but allow for a signed "legacy" sandbox. Windows 14 Enterprise would have no option.
They can play the long game.
Sure, if we talk about decade or more, companies can and will adapt. They can run several apps in VM, or just migrate to Unix. I've worked at bank who was through and through completely Linux including all front desk people, in 2010. If rigid banks can do it, everybody can.
I can’t believe people didn’t stay on Windows 7. It seems to have slid into some always-online ad-filled cloud hellhole since. Office365 is worse than Office 2000. This is the OEM strategy still at play. You gotta hand it to Bill Gates for capturing PCs for decades. People truly don’t care how poor their operating system behaves, because your only other option is to buy a Mac.
>I can’t believe people didn’t stay on Windows 7.
Normal mainstream users can't stay on very old operating systems like Windows 7 because they'll eventually be forced to install newer software that's not compatible with it. Outside actors other than Microsoft force os upgrades.
- buy a new printer and it only has drivers for newer os like Windows 10/11 and later
- need for installing newer software like latest versions of Google Chrome, Mozilla Firefox, Adobe suite, TurboTax 2024, etc. They don't install on Win7. For Windows 7, the last version of Chrome was January 2023. Last version of Firefox was August 2024.
So setting aside commercial apps like Adobe, TurboTax, etc. -- why can't a user just stay with old version of Mozilla Firefox that's compatible with Win7 and turn off updates?!? Because bank websites like JP Morgan will block the user with an error "You need to upgrade your web browser" because the SSL/TLS encryption algorithms in old Firefox versions are obsolete.
Deliberately trying to freeze your computer on Windows 7 or Windows XP means relegating it into a "museum piece" that becomes less and less useful for practical real-world tasks. That's ok for an isolated machine that runs old video games but no good for online banking.
Some of us do! I get fewer problems at home on W7 than at work on W10/11.
- Printers: the W7 cohort probably overlaps with users of classic HP Laserjets (I know it's not just me!).
- Chrome: Supermium adds W7 support back into the latest(ish) version.
- SSL/TLS: does such an issue exist on W7? It's exactly what pushed my mother (at the age of about 65, and hating having to learn anything new) to upgrade to 11 from XP a year or so ago. I do all my Internet banking on W7, via several different banks as I often move around chasing the best interest rates, and never had a problem with any of them. (Vivaldi, Supermium, Firefox 115ESR.)
- Some software such as Adobe XD: yeah, unfortunately it's not supported. Depends how much it's needed I suppose. I may be forced to "upgrade" sometime this year but I'd really rather not.
Windows XP and 7 have Legacy Update and unnoficial Supermium builds among Serpent browser and friends, and OFC with updated system TLS/SSL certs.
http://legacyupdate.net
Also, on more libre software, the community can release LibreOffice and VLC builds like crazy. Ditto with Sumatra PDF, Gimp, Krita...
"I can’t believe people didn’t stay on Windows 7."
Microsoft forced Win10 down people's throats. I had all of my machines Windows Update processes turned off and somehow it STILL got onto my systems. I suspect Skype was the mechanism through which Microsoft did this, as they owned Skype then and I still used it.
Staying on some windows 10 lite-repack for about 8 years now. Automatically activated. Word, Excel, PowerPoint, Paint. Windows-7-like start menu. No UWP apps, cortana, onenote, onedrive, even no freaking microsoft Edge. No app store. Not a single moving pixel, ad or notification , or another jumpscaring layout when system starts. Everything installs/works perfectly, perfect system.
I have no idea why people even consider updating, must be some really weird case.
There is zero new value in the latest Windows versions, just plain nothing new, there is really no reason to switch.
Some do, I guess.
https://github.com/i486girl/win7-sp2
https://news.ycombinator.com/item?id=43445103
Too much fuss with community hacks to maybe get stuff working and end up having wasted time in any case. There is too much garbage to deal with in modern computing already. And some features are just not available with or without hacks.
If I want to use a decent OS, I can do most of my development on Fedora or Arch or some other Linux distro at my workplace.
For proprietary stuff that won't work there, honestly, Windows 11 is not that bad as far as Windows go. I do not get ads, I use a local account without problems and I can do development actually decently with PowerShell, vcpkg, VS Code which Microsoft offers for free and which work on all platforms.
TL;DR: There are hills with a much better view to die on.
Until they need new hardware, for which there will (and can) be no drivers anymore, as Microsoft stops crosssigning them in the Hardware Dev Center after a while for old Windows versions.
Microsoft does have the leverage in this case, as long as folks want to continue using Windows.
Similar why gatekeeper exists on Mac. This would mean that old software would stop to work, though. Which is a bit anti-microsoft politics. Without running all the old unsigned software Win is not Win anymore.
Isn’t that the point of Pluton?
(1) https://learn.microsoft.com/en-us/windows/security/hardware-...
And the user-facing feature Smart App Control- https://learn.microsoft.com/en-us/windows/security/applicati...
Should be mentioned this is way worse than Apple
Having to use an account to get apps from app store (Apple) vs. having to use an account to install and use the OS in the first place (Microsoft) = not even a a competition
Until you need to download something from the app store (happened to me the other day on a mac I wiped and then needed to bring on holiday so now I need to go through the process again afterwards)
Can you install anything from the windows store without a Microsoft account, or from google play without a google one? I assume this is already the state of affairs since ever, but except iOS all the rest allow you to install stuff outside their stores.
You can install things from Windows/Microsoft Store without an account.
I’m sure it has forced me to login. I suppose I could have fallen for some dark pattern in the UI though.
God I hate what this industry has become.
I am also pretty sure that I thought I had to log in years ago I had windows. Probably also fell victim of the UI.
The point is you are not going to be allowed to even install windows without an account to make use of the great privilege of using a walled garden app store.
And no one on this forum really needs app store when homebrew exists
Yes, you can install shit off the play store without a google account. I use the Aurora Store to do so.
(Aurora store might log in to a google account behind the scenes, but I don't have to have a google account to use it.)
Just a matter of time. Look at where their interest are. Apple will probably be second on this, but if it happens it will be for both and the argument of security will be cried out loud at whoever complains.
It is not all a bad outcome, then anybody who wants to do any serious work on a computer will be forced to use linux.
Irrelevant. You can still use the OS and run any code you want.
I didn't have time to code a Vpn client before going on holiday...so I needed to get wire guard from the macos store.
it doesn't matter if you don't need account to access windows app store if you can't even use the os without an account. your point just doesn't make any sense to me
You cannot even develop or use anything that needs a compiler without siging up and logging in to apple to install dev tools.
So nah, same.
The "Command Line Tools for Xcode" don't require an Apple ID to install (and provides a C/C++/Objective-C/Swift toolchain (LLVM/Clang) and things like Make and Git). Not to mention other compilers not provided by Apple that you can just download and install. And yes, while you do need an Apple ID to download Xcode from Apple, you don't need to be signed into macOS with it (you can download it from the Apple Developer site).
Nah. In one case no one prevents you from torrenting third party Xcode at your own risk. You can run any code you want on your device. But in the other case you can't even use the OS. Cope however you want but QED.
It's not perfect, it sucks, but it's better
It's such an absurd lie. If Microsoft's idea of security is to force its users to authenticate online for a local account, they should never be allowed in the software industry at all. They're needlessly and dramatically increasing the attack surface of one of the most security critical software running on user devices.
It's an argument for increased security in the same way that they consider uploading the contents of your hard drive to their servers to scan for "malware" (and other undesirable-to-them content) is. Corporate authoritarianism.
The trick is that most of the users need this service. Before Windows Defender was built in you had to buy an anti virus software from sneak oil Windows security industry, and likely get somehow scammed in process.
The same companies sell anti virus for Android today.
Also most users is not all.
But this made Windows Defender an actually good and useful feature for the users.
Requiring an online account to use Windows isn't really the same thing.
Except that on Home edition it detects everything as a virus, so all programs have an explanation that if Defender detects it as a virus, then just ignore it.
I haven't been using Windows as my main OS for a few years now but at least when i used it with Windows 10 it didn't detect "everything as a virus". In fact i can't even remember a single time i had issues with Windows Defender.
Unless you refer to Windows SmartScreen? That is a different thing - really about how popular some program is (though Microsoft did put it under Windows Defender at some point so it can be confusing) - and isn't about the antivirus (which is what i was referring to).
> Before Windows Defender was built in you had to buy an anti virus software from sneak oil Windows security industry, and likely get somehow scammed in process.
And now you get the same from Microsoft. Clearly an inprovement.
I guess Microsoft has to secure their "own" property, the devices the hostile so-called users bought and paid for!
Microsoft's idea of security is moving people away from local accounts protected by passwords and to Microsoft accounts protected Windows Hello.
The Windows Hello PIN is protected by the TPM. This means you can't brute force it like a password could be.
That has nothing whatsoever to do with the topic, which is forcing online authentication. You can't possibly argue that needlessly forcing online authentication makes user safe.
The topic isn't about forcing online authentication. It's about improving security from having users use a Microsoft account. The security improvement of using a Microsoft account comes from Windows Hello.
It is. You can check by reading the title.
Your's is a reiteration of Microsoft's preferred talking point that has no basis in reality. Tying local authentication to the cloud tremendously increases the attack surface for those who don't need it. TPMs do nothing to change this fact. The only connection between a TPM and a Microsoft account is that Microsoft chose to tie those two together for their own benefit.
They couldn't just implement whatever biometric thing that is without making it tied to an account?
To brute force a password, attacker needs full access to the system, guessing the password won't give them more access.
No, they don't. They can clone your hard disk and use a different computer. A TPM based pin makes that approach impossible and you must have access to the system itself.
It's the entire industry's idea of security for the last 10 years or so that the company who made the thing is unquestionably more trustworthy than the users themselves.
And for what? Make number go up? If it's just another data collection scheme the at least I could understand why.
Because the NSA pays them to.
Why did they do to Skype what they did (first turn it from p2p to centralized and spyable and then just ignore it and let it die)?
Same reason.
(Opinions are my own, I have no inside knowledge.)
I vaguely remember hearing that P2P Skype was the bane of sysadmins' existence. Skype would elect clients on high-bandwidth networks as supernodes. This tended to be business customers - the very organizations MS wanted to attract. Skype's prodigious hole-punching ability made it difficult to throttle, so it got banned from a lot of enterprises. MS essentially hosted the supernodes on Azure, which centralized it.
As for encryption, on the other hand, Wikipedia says MS specifically added the ability to eavesdrop for law enforcement agencies, though apparently Skype had already added a backdoor for the NSA before MS bought them: https://news.softpedia.com/news/Skype-Provided-Backdoor-Acce...
This [1] is one of my favorite leaks from Snowden revelations, and I regularly bring it up anytime people try to downplay what PRISM is. That's a user manual for NSA agents on how to spy on Skype users (including video and text) in real time. It's informative and also amusing at times. For instance in the FAQ one issue a confused spook might run into is why they're being spammed with the same messages repeatedly. It turns out that when a user logs on to a new device, the recent messages Microsoft sends to the user are also directly forwarded to the NSA, which can result (from their perspective) in messages being repeated.
[1] - https://www.aclu.org/sites/default/files/field_document/Guid...
I remember the old supernodes p2p app, was good times.
I used to leave an extra old laptop on with it running, maybe 15 years ago, on a public address.
During the arab spring, tons of traffic could be seen connecting clients in north africa. It truly did route around things.
i wonder if some Estonian could justvrerelease the p2p originals . After all as america deteriorates its own influence , at some point the lawyers of the big 4 will be seen as barely disguised tendril of a hostile power in Europe . Who cares about your sales contracts if the president goes for Greenland . We might see a SkyEarthFireWater-Open source re-release one day. Just another tradewar anecdote .
America deteriorates its own influence? wut?
The big 4 will be seen as a hostile power within Europe? The big 4 ARE (mostly) European. What are you talking about?
Sales contracts? What do you mean in what context?
I agree that it would be cool if the original p2p Skype somehow resurfaces, but I can't make any sense of the rest of your post or what it has to do with the subject at hand?
FANG is definitely not European .
Join us back in the real world with no Trump derangement syndrome and you'll find out that European governments want an airtight control on companies so they can surveil them and people absolutely.
They want narrative control and squashing rising political opposition.
If windows is security critical for you, I think you've already shat the bed.
The problem is that many other people and organizations run Windows and it's absolutely security critical for them. And because we don't live in a vacuum, it's security critical for all of us.
Some windows versions have cc certification. Doesn't say much but it ticks the box some people want and call it a day.
A while ago, I needed to get into safe mode to rescue a laptop that wouldn't boot.
Since it uses Windows 11, I originally logged in using my Microsoft Account and a Windows Hello pin.
Safe mode doesn't load wifi drivers and the laptop didn't have an ethernet port, so I couldn't log in to my Microsoft Account to get into Windows safe mode. Didn't have a dongle with ethernet port at that time, so I had to backup the drive and reinstall Windows instead.
That's why I use Linux these days.
wait, you need internet connection to even login? this means root cannot use computer when you do not have internet connection for any reason?
I’m not in Windows ecosystem for more than 25 years now. But I had to buy couple of windows laptops for sales team at my business. I tried very hard but windows wouldn’t allow me to set it up without first creating Microsoft Account online. I’m in Apple ecosystem, not that they are significantly different but they atleast allow me to use the system albeit in limited capacity.
I’m seriously considering going back to Linux for my next work setup.
There was a trick to bypass the online account requirement. You press Shift+F10, which launches a command prompt, then use `oobe\bypassnro`. This reboots the system and adds a button to set up offline.
We’ve been running our company (6ish people) solely on Fedora and it’s been a breeze, but then we’re a bunch of nerds, so not necessarily a surprise. The real test how much the Linux desktop has matured happened when I set up a fedora laptop for my parents to get around hp desperately coaxing them into some kind of subscription and an endless stream of ads/complaints from Microsoft to buy into a cloud service. After setting up the laptop and explaining the very basics of Plasma, I’ve had to deal with it again. Because with printers, it just works (tm)
Yeah, for anyone with a modicum of technical capacity, the year of linux on the desktop was about five years ago.
> I’m in Apple ecosystem, not that they are significantly different but they atleast allow me to use the system albeit in limited capacity.
Define "limited capacity". Other than Apple Services like iCloud, FaceTime, iMessage, Apple Music/TV, etc, it should just be the App Store that's unavailable without an Apple ID (which _is_ crippling on iOS, but not so much on macOS).
>wait, you need internet connection to even login?
No, you can log in without being connected to the internet (that obviously happens a lot on a daily basis, where people are using a laptop with no connectivity until after they sign in).
That’s not the case. I have a Windows 11 computer around, set up with a Microsoft account and Windows Hello, and I can log in just fine without internet connection.
> you need internet connection to even login
That's right. It sounds like a bug but this is Microsoft we're talking about here. They're probably brainstorming for ways to lock you from your own computer.
You can solve this problem by creating an offline account with Admin privileges after setting up Windows with your online account, but most users won't do that.
This doesn’t seem true. Doesn’t LSASS cache credentials for 30 days?
No idea. Maybe it cleared the cache when I asked to enter safe mode. Either way, relying on a cache to get root access doesn't seem right.
Reinstalled windows recently, now it has the window resize bug, which apparently has something to do with display sleep mode. Reportedly linux struggles with sleep modes too, but to think I should try linux for better hardware support, duh. And new windows is very fiddly, constantly tries to install new metro apps, adds them to lock screen, installs new services, runs a shit ton of services that constantly write a lot of data on the disk. Enshittification is in full overdrive now.
Linux struggles with sleep mode sometimes due to Microsoft and Intel pushing S3 into S2idle and motherboard/bios manufacturers doing the absolute minimum to support either.
I had the same impression, but support for new sleep modes seems to improve quickly. A few years ago I had a Gen 1 ThinkPad T14 AMD, which still had S3 sleep. A significant portion of the resumes it would come up with some devices not working (e.g. trackpad, fingerprint reader, etc.). I recently got the 5th Gen T14 AMD and the only issue I have is that the fingerprint auth takes a few seconds to come up, but other than that I haven't had any resume issues yet.
All these user hostile behavior finally tipped me over the edge last year after I started to get Windows 10 EOL popups. No way I was going to "upgrade" to a ad/spyware/subscription ridden MS marketing platform and be constantly nagged at to try out more of their services.
Moved to a Fedora Desktop, liberating to move back to an conflict-free OS whose primary focus is to serve its users, imagine that.
I've been running the Xfce spin of Fedora for the last year, and it is the most stable OS I have since forever.
For the few programs that really need Windows, I use Qemu/KVM with Virt-Manager and Samba for sharing files.
I wish to keep using this setup, I just hope buying hardware with good Linux support in the future does not become too difficult. I fear moving away from x86 will make things harder.
Judging by the price of Qualcomm laptops x86 isn't going away any time soon.
Windows is a launcher for games, there is no other use for this system (correction: it still runs some specialized professional software that is too expensive to port). And now, even most of the games work on Linux too.
I have lots of windows (mainly music) software that I need, let alone outright purchased, and isn't available on Linux.
I got into music production again recently. To my surprise most recommended new software is either Linux native or properly ported. See reaper for example.
Many years ago music on Linux was hard, and years behind. Software was limited and the audio driver situation was a mess. But now you get professional software directly in the package manager and choose between several very reliable sound systems and even use the far majority of VST Plugins.
It is usually available on Macs. Of course, there is still some specialized software for Windows, e.g. many CADs. But all these things are now marginal. If you are a software engineer and use Windows for your work, you are now a minority.
I was looking to move to Linux for my gaming PC, just about pulled the plug when Respawn decided that all cheaters in Apex Legends were supposedly using Linux and decided to block Linux users from playing...
I've been using Xubuntu for years now,and run Windows 10 in a VM for the few things I need on there that I dont' have a linux replacement for (or cared to hack together). I'm about 99% linux and macos now, and don't miss windows at all.
According to the linked discussion, the underlying setting that the script set still exists, so this simply makes it less convenient.
It should absolutely be taken as a warning sign, though. Seriously, if at this point you're installing Windows and relying on the existence of that setting, you should be seeking alternatives.
I've been saying the writing was on the wall for a long time. Any time someone says how easy it is to simply avoid MS account registration I've argued that it's not going to last much longer.
Even Microsoft's current Storage Spaces Direct won't let you start a locally hosted Hyper-V VM without an Azure connection.
What if there's an outage or somewhere you don't have reliable internet?
>Fuck people that live in very rural areas!
-Microsoft, apparently
Reminds me back at the Xbox One launch where notoriously an employee arrogantly said that always online DRM is fine and defended it when pressed by saying why would anyone want to live in an area with unreliable internet. He left Microsoft after the backlash.
Was it Don Mattrick, the head of Xbox at the time who left Microsoft two months after unveiling the Xbox One?
https://www.digitalspy.com/videogames/e3/a489371/microsoft-e...
> Microsoft executive Don Mattrick told GameTrailers in an interview that was filmed just before E3 that he understood why some people are frustrated at their policies.
> "Fortunately, we have a product for people who aren't able to get some form of connectivity," he said. "It's called Xbox 360.
> "If you have zero access to the internet, that is an offline device."
It was Adam Orth (aka 'Sweet Billy') but clearly others shared similar views.
Sony capitalized on the larger always online controversy with a low budget ad poking fun at the concept[1], which was great marketing.
[1] https://www.youtube.com/watch?v=kWSIFh8ICaA
Then this isn't the operating system for you.
Recently Sony PSN was down for days because of a DDoS. Centralizing failure points is always a bad idea.
If you're running Microsoft Storage Spaces Direct/AzHCI and there's no internet for an extended period you can't start on premise servers.
There are a lot of "workstation" type enterprise deployments where by policy, internet access is forbidden. Microsoft knows this, at least for professional and enterprise editions of Windows, I find it hard to believe an internet connection would be required, like ever.
I would also say the same about require either a live.com or M365/EntraId account for local login on AD joined systems' installations. Unless of course they require you to setup a base-image with an internet connection and then convert accounts to local-only post-install, which sounds like a typical Microsoft approach.
Accorsing to the first comment under the OP the script just runs:
So presumably the removal of the script won't impact bypass methods used by the likes of Rufus and Ventoy.Either way, I've been happily on Fedora for a while now, with very minimal "fuck I can't do that here"
Managing Windows devices at work using the online-first paradigm makes it clear what MS is trying to achieve here, but it's poorly communicated, as usual. In the M365/Entra world, the big benefit is having cloud Active Directory (Entra/AzureAD) and automated deployment (Intune/Autopilot) all integrated. For home users, you get bits and pieces of this, but it feels unnecessarily limited.
What MS wants (from a charitable interpretation), is the ability to encourage/enforce full disk encryption (Bitlocker), TPM-based MFA and TPM-backed passkeys (Windows Hello), as well as tight integration with their product suite (Office/OneDrive) and browser (Edge). Syncing settings, apps and other things between devices (or on setup) is also a win, though it's pretty basic right now.
Though silly to a technical crowd like HN, FDE for regular users requires a way to not lose all their data if they forget their password or some other issue happens with secure boot or the device. Non-technical users aren't going to understand the importance of backing up their Bitlocker recovery key, and without it, they're hosed. During online setup, MS stores this key online to the MS account, so it is recoverable.
MS isn't going to limit the integration and security they can provide by adhering to a local-only OS concept. It's not what most users actually want, and their competition (Apple, Android) does the same thing, so users are used to it. I just wish they had a light (inexpensive) version of the Entra/Intune package for home users that want to be able to manage multiple devices and get the real advantages of the online link.
Earlier on HN: Windows 11 is closing a loophole that let you skip making a Microsoft account (theverge.com)
139 points | 5 hours ago | 125 comments https://news.ycombinator.com/item?id=43511073
In October when Windows 10 support ends it'll finally be the year of desktop linux.
Well, those that are on the Windows 10 IoT LTSC builds will enjoy updates until 2032.
https://learn.microsoft.com/en-us/lifecycle/products/windows...
Do you know where to buy it?
It's hard to find information about it, but this post has quite a bit (some may be out of date): https://www.reddit.com/r/sysadmin/comments/bbof9s/windows_10...
https://massgrave.dev/windows_ltsc_links
As far as I know you need to sail across the high seas.
mas
sgrave
dot dev
I'd like to remind you that there are still millions of people around the world using Windows 7 daily. The fact that some software is no longer supported by its developer doesn't mean it stops working somehow, or becomes radioactive.
It becomes easier to exploit, as it no longer gets security updates; and vulnerabilities are publicly disclosed.
You can't really exploit something when its attack surface is nearly nonexistent, which is the case for most people who use an outdated OS on their personal device, for example.
What is it about unmaintained software on a personal device that somehow makes the attack service non-existent?
Even if there's an exploitable vulnerability, the exploit has to be delivered to the target system somehow. You don't have much of an opportunity to do that with a device that doesn't have a public IP address. Most likely the user themselves will have to do something that would compromise their system, like visiting a website that would serve them an exploit for their particular combination of browser and OS.
"I'd like to remind you that there are still millions of people around the world using Windows 7 daily"
Correct, and I am one of them!
[flagged]
When you're forced online, you become less resistant to products and services being fed from the cloud, then computers can be produced cheaply with less storage and resources, and almost everyone will end up running dumb terminals. It doesn't happen overnight, but more and more people would rather buy a 150 bucks PC plus pay per use services rather than a 250 one that can host and run installed software, then the market would do the rest by making real computers more expensive as they transition to niche products. I'd rather start familiarizing with open and less intrusive operating systems.
Windows 11 is the reason I’ve returned to Linux after a decade away. Microsoft doesn’t seem to be concerned about killing the golden goose. I wonder if they have data on just how much hostility users are willing to put up with?
The golden goose is now Azure. Windows is (or will be soon) a free complementary OS to make more people use Azure services.
The only issue with that is when you switch to Linux, alternatives to Azure is much more compelling. I would never use Azure services unless I'm on Windows.
Could you explain this a bit more? I happen to like Azure, probably because I understand it a lot better than the other cloud platforms. What’s the connection to Linux OS?
I use Azure every day at work and I’m honestly baffled anyone could have this opinion. The interface is slow to load, when it works at all. I’ve had my log tails just strait up crash not allowing me to debug for hours. The documentation it ok, but if you want to do anything that’s not c# it’s a fucking nightmare.
I was recently trying to integrate EasyAuth OIDC with a custom IdP and it was a terrible experience. No logs indicating why it wasn’t working. I had to dig down into the configuration xml schema to discover EasyAuth didn’t even support client_secret_basic auth method so we couldn’t use it in the end. Every product is like this. Great if you do everything MS wants you to do exactly, but if you have any requirements not blessed by Microsoft you’re SOL.
Well, I do. I still like Outlook, and it works good enough as a web app. Same for OneNote. Azure as the development platform is crazy, of course. But I also have a friend who I respect much, and who is probably a better engineer than me, who likes Azure and completely unproductive with AWS, so _maybe_ that's a matter of taste. Just like tabs and spaces. I prefer spaces, but whatever.
> I still like Outlook, and it works good enough as a web app. Same for OneNote.
This I find baffling. Outlook and One Note are some of the worst applications known to man. Clunky interfaces and confusing messes to navigate.
I prefer managing my own hardware and find both Azure and AWS very unproductive for anything else than huge, big traffic, projects. Not sure if that has to do anything with my OS choice.
Perhaps they could actually ship some wifi/ethernet drivers with their installer then.
Good old days - when the software was a box full of floppy disks or CDs which you buy at a store and bring them home and modify registry settings etc.
Software is no longer a product like a chair and table which you can just buy and move it from the store to your home. It is more like a managed service like a utility connection. It is available for use only as long as the vendor allows it. You buy a subscription and play nice. The buyer might also not have the admin user privileges on the software they bought with their money.
The same might happen to cars and all other smart devices as well. Cars might always be connected to the car company, which might have some remote control over the car. Phones are already like this. It is a matter of time, all your home appliances are partly controlled by the companies who sold them.
That Xbox employee that was smugly and fanatically defending the always online fiasco way back (who ended up getting fired for defending the sales pitch) must be screaming.
Is there a good reason (other than licensing and Linux as an alternative) I shouldn't use Windows Server 202X as a Desktop OS?
I've heard tell that some software out there will refuse to operate on Windows Server because of licensing, like perhaps they want you to get a business license. I have no evidence at hand, but something to look into.
I worked at a software vendor where we would check the type of product and yes you needed our server product to run on their server product, whether or not you used the server as a server.
Not all software does this but I also don't recall it being unusual.
You don’t need to use the Server SKU. LTSC exists. It’s basically the Server version, but without any of the Server stuff.
To be pedantic, Server 2022 is a newer build than any Windows 10 version.
For Windows 11, all editions (11, 11 Enterprise LTSC, Server 2025) are 24H2.
IDK about today but back when I hard work that required Windows that's how I stayed sane.
These days there is no reason to use Windows at home. Just move to a distro like Mint or Ubuntu. It will save you money and help stop filling up Landfills.
I am on a 10+ year old Laptop with Slackware, for desktop use it is just as fast as any modern Laptop with Windows, I would even say it is faster.
Also you will find Libreoffice is just as good as M/S Office. Just ignore the fud. FWIW, I believe many foreign countries will start migrating to Linux and I heard that is already happening in China.
> These days there is no reason to use Windows at home.
I have two, sadly.
1. I use my Windows PC for flight simulators. While many simulators will indeed run under proton, the hardware devices (VR, joysticks, throttles, pedals, panels, etc.) usually will not, or at best run with minimal functionality.
2. I develop cross-platform software and need a Windows PC to test that environment.
A third for some people:
3. There is no great alternative to certain visual media software. e.g. Affinity Photo/Adobe Photoshop has no equivalent on Linux. No, GIMP is not anywhere near equivalent- in the same way that Nano is not equivalent to Visual Studio Code.
To add onto 3, I do my taxes every year using either the desktop version of Turbo Tax or H&R Block. They only make Mac or Windows versions of their software.
I've read online that people have attempted to use wine in order to emulate the Windows environment with no success.
https://cash.app/taxes
I use FreeTaxUSA for my taxes, works great for me.
> These days there is no reason to use Windows at home. Just move to a distro like Mint or Ubuntu. It will save you money and help stop filling up Landfills.
Old Intel based computers are terrible for power usage. Modern computers that are ARM based are much better for the environment.
> Modern computers that are ARM based are much better for the environment.
And modern computers that are Zen based are even better. You can do real work on them, instead of sitting idle all day. /s
cough, https://massgrave.dev/genuine-installation-media cough
Microsoft knew they were losing the client device market to iPhone and Android (after their Windows Phone flopped). So they essentially gave up on improving Windows, and decided to turn it into a thin client for Microsoft cloud services. For this model to work well, they need to force users to have a stable identification, aka Microsoft account, in order to login to the thin client.
Windows is over. I moved to Apple silicon a while ago and never looked back. Even though macOS has its warts, it's not hostile to its users.
I remember an interview with Bill Gates around 2000 (maybe even late 90s) where Gates said that the future of software was online subscription.
He even stated back then that he’s have Office run over the internet if he could.
Another example of this is how Xbox Live has been a thing since the original Xbox. Long before iOS and Android. And more recently, Xbox Live has become more than just a subscription service but a full on streaming platform.
Let’s also not forget that traditionally enterprise licenses for Windows would be billed annually. By this, I don’t mean someone purchasing Windows Server for their home lab, but actual data centre use. (I’m pretty sure this was the case, been a long long time since I’ve gone through a Microsoft audit, let alone been purchasing data center licenses, some someone do correct me if I’m misremembering here).
So I don’t think any of this is a knee jerk reaction to Apple and Google eating their market. I think it’s always been their long term strategy but it’s just taken this long for the wider industry to align.
Now with the gaming market being increasingly subscription based, other software vendors switching pricing format (eg Adobe) and the internet being far more accessible than ever, MS are in the best place they’ve ever been to press home the final missing piece: Windows Home.
> Windows is over. I moved to Apple silicon a while ago and never looked back. Even though macOS has its warts, it's not hostile to its users.
You can also move Mac OS X out of the way by running an ARM Linux VM on the Apple ARM computers.
>Windows is over. I moved to Apple silicon a while ago and never looked back. Even though macOS has its warts, it's not hostile to its users.
It's also very naggy about signing up to iCloud and using an Apple Account.
It doesn't force you - but it's still annoying.
I don't know why you were downvoted.
This really appears to be the simplest explanation -- turn every desktop into a thin client, served by walled-garden apps, and with Azure integration/dependencies.
Then charge subscription fees to turn all computer owners into renters. Oh, and show ads too, while you're at it.
Thanks. The subscription model is now almost the default for everything. Investors like the steady stream, which makes sense financially. But unfortunately it has resulted in much lower software quality, because software shops now don't have to make a high quality, solid version that they sell once; they can just ship MVPs with bugs or missing features and tell you that we'll work on fixing/adding those features, just keep your subscription and you'll get it.
I miss the days when you bought a high quality version of something that you kept using for years.
MacOS is less hostile but still very hostile.
I avoid Microsoft products at any cost, and have done so since I began using computers in the 1980s. I suggest others do the same. The company and its practices are unethical and morally bankrupt: and those products don’t even work well. The more people who stop using Windows the less they will have control of gaming.
"Challenge accepted." Much like with the TPM "requirement" and the others, I don't expect this one to stay undefeated for long.
Why fight a piece of software with other motives hen you can choose one that is aligned with yours instead?
No software is perfect, and people might not want to "fight" with Linux either.
Besides, it's a good challenge; this site is called Hacker News, after all.
the true victory is to move to linux. unfortunately, that's been harder than it needed to be, and it's mostly due to inertia of old software and network effect of windows.
I've made the switch, but there are still occasional things for which I need to boot into a Windows VM.
Does anyone have an idea if you were to enable wifi and register a MS account exactly what data is being sent to them? Do they send your MAC address? Obviously your IP address and I assume during account creation they would want your phone number/alt email? I can see Windows not being accessible as some places genuinely don't have internet, and if they do, it's heavily restricted. I've also heard if you enter something like "a@a.com" or a banned email during setup it can let you through?
Obviously this is a way of 'legitimizing' consent to data collection and it would be very interesting to see a breakdown of every byte of data MS gets sent (even file explorer communicates with a US IP address).
I genuinely think the EU needs to take a look at this, I would be very surprised it this wasn't abusing their monopoly-like position for mandatory data collection (although, they probably welcome it!).
Save us SteamOS
They want everyone using Microsoft accounts so they can turn computer usage into a subscription service, plus with Recall you get perfect telemetry. Panopticon is here and you pay for the pleasure.
What happens if your online Windows account gets banned? How do you log in?
> What happens if your online Windows account gets banned? How do you log in?
Tough, isn't it ? Your security is very important _for us_. Your privacy is very important _for us_. See PayPal, Stripe, Google and other "services" for examples.
To directly answer: I have a Win 10 without MS account. Disk got corrupted, chkdsk cannot repair, cannot boot. Checking messages on screen was something like "online chkdsk failed". Unplugging the ethernet cable "fixed" the issue.
Why does Microsoft continue to publish a Windows 10 ISO.
https://www.microsoft.com/en-us/software-download/windows10I...
Does MS try to force an automated upgrade on anyone who installs it.
[dupe] https://news.ycombinator.com/item?id=43511073
I haven't had Windows on a computer I own since 2009. I only use it on the work computer as it's the garbage they install and lockdown. The best thing you can do for your life is go Microsoft-Free. Don't do drugs, don't do MICROS~1.
BTW is there still a way to disable the stupid pin login on windows 10 and/or 11?
One that works this week, what I found online did not help.
Windows is the first thing that gets deleted on a new PC.
An acquaintance of mine works for Microsoft. Every time I meet him, he always tells me how much money hey makes. I'm sure it's double of what I earn when I have a good year. A big part of me wants to earn that money, too. But an unwavering part of me knows, I could never work for Microsoft.
At this point it is not just bitterness from their anti-Linux, anti-FOSS FUD days:
http://web.archive.org/web/20010201090600/http://www.dot-lie...
It is knowing that I don't align with their philosophies, at all.
I can feel it every time I try to use one of their broken, unloved UIs.
The thing is, Microsoft does make good software: Excel, Visual Studio, VSCode, Xbox.
I don't believe the problem is the engineers, the leadership of Windows fails to understand what the OS is meant for: getting out of the way so you can access the apps.
C# is god software, too.
Yeah, Microsoft is a big place.
I heard the Acquired podcast episode on Microsoft, and I can’t pretend that their business strategies failed; they didn’t, and arguably it is the most successful company in history. I have a lot of respect for the business side.
And the things that rub me the wrong way are part of their success, e.g. embedding WWW into the OS early on.
The main reason I can’t work for them is their Vogon aesthetics. They’re like a square pair of shoes: not meant for you.
"OS is meant for: getting out of the way so you can access the apps."
When I first got into computers an operating system was primarily known as a file-loader — a way or mechanism to load one's apps. Take CP/M as an example.
A big part of me wants to earn that money, too. But an unwavering part of me knows, I could never work for Microsoft.
Big Tech and big money is not just Microsoft --- there's Apple and Google too, but if you don't want to work for MS, then the latter two might be "same but different".
Always telling you how much money he makes? He sounds like a bundle of fun.
It’s without exception.
I’m sure it’s just because he likes money, and because we have very little in common.
How does this work for secure environments which are supposed to be air-gapped? Does Microsoft offer a special on-premise licensing server? I cannot image they just throw up their hands for such clients and suggest an alternative OS.
Anything above Windows 11 pro can join domains.
I'm surprised that they're doing this now, with how strained international relations are. I'm sure their timing will help motivate serious non-us customers to look at linux for desktop use.
I really doubt that if it was, say, the early 90s (with millions of people yet unfamiliar to computing) and MS and Linux was in its current state of development, that the masses wouldn't have found it much more frictionless just to use linux. MS is literally running on hot air, hubris, and lock-in the likes of which I don't think many others cant match, devil incarnate not withstanding.
I keep installing without Microsoft accounts just fine. People keep not realizing there is literally a option for this in the installer still, it's just not named "skip microsoft account". LOL
The existence of work around does not excuse user hostile behavior.
> "We're removing the bypassnro.cmd script from the build to enhance security and user experience of Windows 11."
.·°՞(˃ ᗜ ˂)՞°·.
Oh daddy MS please enhance my user experience OH YES enhance me uhhnnnnn
I couldn't face my own reflection in the mirror if my job was justifying obviously user hostile crap like this.
It's quite ironic they call it enhance security to tie their software to their cloud considering their cloud infrastructure is one of the most hacked of the big corpos. Data breaches happen all the damn time.
https://arstechnica.com/gadgets/2019/04/hackers-could-read-n...
https://arstechnica.com/security/2024/01/in-major-gaffe-hack...
Something that doesn't happen much, if at all, with Google or Amazon.
Microsoft is one of the most incompetent and impotent corpo out there and considering how much critical infrastructure relies on their software it would do good for the world if the government intervened like they should have back in the antitrust lawsuit days. Break them up. Separate the cloud, windows and office businesses. Make them stand on their own merits.
>security and user experience
This is corporate speak for advertisements and telemetry
Gaslighting at its finest.
“Security”
There's always Windows 11 LTSC
https://massgrave.dev/windows_ltsc_links
It is very hard to use Android without a Google account. Most people accept that. They must have learnt from that.
Android is very usable without a Google account or even Play Services. It's not convenient, you may be missing some functionality, but it's usable and alternative app stores exist.
Huawei famously shipped devices without Google Play and many were fine with it. And Samsung's devices, AFAIK the most popular Androids, can have the Google account removed. Play stops working, but you can still use Samsung's own app store.
That may not last, of course, Android could become closed source, but in the meantime I dare say it's strictly more open than Windows. And I hope Microsoft gets slapped by EU's DMA.
"It is very hard to use Android without a Google account."
It depends on what type of user one is. If one wants to be spoon fed and data-raped by Google then your statement is true.
But there are other options that make an Android smartphone both functional and viable without both a Google account and Google apps.
Except for test accounts on test machines sans anything of any use to Google installed, I've never had a Google account and I manage perfectly well, and I've used Android since version 4.
On rooted devices I hack Google to pieces, all Google apps are removed so is just about any other software that communicates with Google. On devices that aren't rooted, I'll disable all Google apps including Google Play Services and the Play Store, make sure a firewall is installed and that all apps except those with explicit permission are blocked from internet access and rerouted via a VPN to a nonexistent network. And so on, and so on….
Everything I want to use works, Google software is replaced with apps from F-Droid and other sources of non-Google origin. Still, I've no trouble viewing YouTube and I do so without ads, also I've no difficulty using the Play Store and downloading apps without a Google account.
There's really nothing that Google can offer me in addition to the third party apps and services that I already use. This phone has 215 apps installed and a second phone has 307—these apps are sourced from both F-Droid and the Play Store. Most apps however are open source/from F-Droid, etc.
For those who don't want to go to the extremes that I have there are many halfway measures one can take to minimize Google's impact.
BTW, in the past I've uploaded stuff to YouTube which I've done with 'dummy' test accounts.
This isn't true at all. Getting a Pixel and GrapheneOS running requires no Google account (but does require the internet initially to enable OEM unlocking).
Once GrapheneOS is installed, no further interaction with Google is required. You can happily and easily use a main profile without play services/Gapps (and Graphene allows you to block 'network' at the socket layer if you do need to use apps).
You could then have a 'work' profile or use private space which is isolated from your main profile that uses play services/app store but it is absolutely not required.
It _is_ a learning curve for sure, but I do not feel Google is going out of its way like Microsoft is here to make it burdensome. (In fact, Google is quite welcoming to OEM unlocking unlike some other phone manufacturers)
I've been running LineageOS without MindTheGapps for about 2 months. (I was using LineageOS + MindTheGapps for several years on the same phone, but recently reflashed it.) My "app stores" are Fdroid and Aptoide. Not only what I have is usable, it feels faster and doesn't slow down after a week without rebooting.
My brother is stunned that I'm still using such an old phone (8 year old Moto). Unfortunately, no recent model Moto phones can run Lineage. My next phone will probably be a Pixel with Graphene or Lineage.
Is it? I use Android without Google account (with services though). No app forces account on me, there's always option to sign in through other platform or directly via email.
> No app forces account on me
What apps? You can't use Google Play to download apps without an account.
No google acct here, I use fdroid and the Aurora store. I have no doubt though that google is working on killing the Aurora store.
https://news.ycombinator.com/item?id=41773781
Do banking apps work normally if downloaded from the aurora store? I'd very much like to fully degoogle my next phone when I get to replacing it, and it's the last stumbling stone
I believe there are reasons this isn't a solution for everybody, but I just use the mobile website. Works for me, and probably a lot of people. I'd rather not have the app on my phone anyway.
I'm the same. If my bank ever requires me to install an app, I'll change banks.
Absolutely. You should check out the list [1] to see what banking apps are verified working with GrapheneOS. It's worth noting if your banking app isn't on this list it does not mean it will not work.
[1]: https://privsec.dev/posts/android/banking-applications-compa...
I checked a couple of reports relevant to me[1][2], and both explicitly mentions Play was installed and links to the Play store for the app.
Can one still assume one can install and operate those apps without Google Play?
[1]: https://github.com/PrivSec-dev/banking-apps-compat-report/is...
[2]: https://github.com/PrivSec-dev/banking-apps-compat-report/is...
I assume that any version one might actually use will have this patched out by the torrent packager.
All the computers are connected to the Internet? Can you still buy something without having to register and without that software always be communicating to home servers? Can you still buy a software product and do whatever you wish with it, for as long as you want and without having to pay subscriptions or be forced to upgrade?
> All the computers are connected to the Internet?
no
> Can you still buy something without having to register and without that software always be communicating to home servers?
yes
Can you still buy a software product and do whatever you wish with it, for as long as you want and without having to pay subscriptions or be forced to upgrade?
yes
Could you create a slipstream ISO using nlite, create a user and then it's bypassed?
The simplest way imho would be to use Windows configuration designer. It generates a file that automate windows oobe when put on a USB key connected to the pc during setup.
https://learn.microsoft.com/en-us/windows/configuration/prov...
Easy way to create custom Win11 iso is using microwin from the Chris Titus win util suite
https://christitustech.github.io/winutil/userguide/
https://github.com/ChrisTitusTech/winutil
https://christitus.com/windows-utility-improved/
It's an open source textGUI powershell suite with hyperlinks to all the toggle tweaks, maintained by one talented MS engineer and contributed to and eyeballed by a hundred odd contibuters.
There are builds of win11 like Ghost Spectre that strip a lot of this crap out.
Why not IoT?
Every day I am more glad not to be part of the windows ecosystem.
I recently bought a new computer for the first time in ~5 years. I had to boot into windows 11. What a garbage shit show that OS has become. It took nearly an hour for updates, then it constantly dogged me to sign up for free trials of all kinds of crap. It required logging into Microsoft. It made me back things up.
At no point was any of this really optional. And when it was they made it difficult to find the option to skip.
Does oobe trick no longer work?
I give it a week before someone patches it.
I’m using LTSC. That’s fine. I suspect that’ll never require a Microsoft account.
Edit: come on EU. Step up here. Tell them they need to give the users choice.
Do you still need an enterprise agreement to get a license for LTSC? That used to be the case for 10, anyways... kinda puts it out of the reach of most users.
No you just steal it and pretend it’s ok because the machine came with windows 11. Tech companies taught me it’s ok to steal and do things without permission.
If buying isn't owning then piracy can't be stealing.
Its not stealing if you don't seed.
Adding for posterity:
Meta claims torrenting pirated books isn’t illegal without proof of seeding https://arstechnica.com/tech-policy/2025/02/meta-defends-its...
It was/is just a few hundred dollars and well within reach of anyone able to pay that price (though the required volume license agreement, while "free", may well be off-putting to some): https://tinyapps.org/blog/201811300700_windows_10_ltsc.html
You never need an enterprise agreement.
irm https://get.activated.win | iex
https://massgrave.dev/windows_ltsc_links
Fuck Microsoft