A brief history of the process for those not following it. Originally for kernel-mode drivers, you needed a code signing certificate cross signed by Microsoft's root. This means that the certificate follows a chain up to a standard CA _and also_ one Microsoft use to approve that CA to issue kernel-mode certificates. It was not sufficient to have a certificate capable of signing code, even with MS' OIDs for that.
Then, around Windows 10 I think, Microsoft announced that one would need to acquire an EV certificate. You would then be required to submit the driver package via sysdev.microsoft.com and after spending time in Ballmer's Brewery, it would come out signed by Microsoft.
It was technically possible to use the old mechanism at this stage too, provided the end user did not have UEFI secure boot enabled. IF secure boot were enabled, the kernel would: a) if the driver was signed pre-Win10, accept it, b) if it was signed post win-10 RTM date and by Microsoft, accept otherwise reject.
Thus the only mechanism to realistically get your driver working on all Windows out of the box is to submit via sysdev. You can't realistically ask users to disable secure boot, even if this is entirely possible on all x86 motherboards.
Finally, the cross signed roots expire soon and I think some already have. Microsoft have decided that this mechanism will now be retired, and all drivers must be signed via sysdev from now on. You still require an EV certificate as well, to sign the package.
This is a bit of a mixed bag. On the one hand, Microsoft have repeatedly signed the shim maintained by redhat in order to allow Linux distributions to boot directly on secure boot-enabled hardware (UEFI binaries also go through this process and always have). Microsoft have their keys in the default keychain because they bothered to be involved in the process, unlike linux companies like Redhat. So on the one hand, they're being quite friendly to open source.
On the other hand, the push to EV certs rules out individual developers like myself. I could register a company but... that entails effort and expense for a hobby project. And now hobbyist projects like this run the risk of being rejected by MS.
I mostly believe this is an attempt to reduce the number of code signing cert leaks that result in people writing malware, and lock down the Windows kernel a bit more, but still. It is a shame.
 This is because most CAs won't issue EV certificates to individuals, even if those individuals happen to have detailed knowledge of cryptography and all the pkcs.
The status quo was that systems could boot any operating system the user wanted. Microsoft tried to force OEMs to lock operating systems other than those on a very short list (they tried to force Secure Boot to be enabled with no way for users to turn it off, and you can confirm this by checking out earlier versions of the UEFI spec), knowing very well that that list would always include Windows for pretty much every computer out there, but you try to spin this as it somehow being every other vendor's fault for not getting in on that list with each and every manufacturer?
But it was certainly possible for a Linux vendor to have got a key into the kek and dB lists: https://mjg59.dreamwidth.org/12368.html
That's from Matthew Garrett, who along with Peter Jones, were responsible for the first shim.
A central authority like the Linux foundation could have stepped up here and could have since, actually. I understand why fedora/redhat preferred not to be in a privileged position but I can't help but feel someone ought to have stepped up.
The other side of the coin is the windows logo program, that requires secure boot be turned on by default. For x86 I'm fairly sure it also requires that the user can take control of the platform key and therefore evict Microsoft keys from the firmware. It also requires that secure boot should be disabled. I'm fairly sure Microsoft did this because they realised there would be objections otherwise
Microsoft's ARM hardware _is_ locked down with no such options and I object to that wholeheartedly. But then I also don't buy Apple kit for daily driver use for the same reason. Also luckily Microsoft are currently irrelevant in the arm space, although that might change with the serverready profiles.
I am sure the process was onerous, but someone could have done it. Linux is big business in the server hardware space and intel for example contributed the thunderbolt code to the kernel. I am fairly sure they could between them organise a foundation and throw a few 100ks per year at maintaining a signing key for other distros independently to Microsoft.
I don't believe any entirely locked down firmware ever made it into any x86 board.
That was for 32-bit Windows on Arm hardware. 64-bit Windows on Arm laptops/tablets have unlockable Secure Boot, with a regular SETUP interface and all.
The problem with a completely unlocked bootloader is that the distinction between "a Linux distribution" and "malware" is not one that can be decided technologically. Otherwise malware could just install a heavily customized Linux kernel that directly boots into Windows, hot-patching it along the way, and who is to say it's not really Linux? Someone has to make that call for the ordinary userbase that doesn't care about operating systems and it sounds like out of an ideological fit of pique - what a surprise - Linux vendors just noped out and refused to do their part. Because, you know, malware is other people's problem. So now Microsoft finds themselves carrying water for their own competitor.
I don't understand your second part though. What is the "step up" available to Linux vendors that they didn't do?
1. Computer makers want to sell computers to the masses. This is reasonable.
2. The masses don't want un-removable malware that renders their virus scanners useless. Also reasonable.
3. Malware writers want to beat virus scanners by taking over the OS before it even boots, which is an unassailable position for them. This is "reasonable" from their POV. Likewise, computer makers - not just Microsoft - want to stop this from happening because it's a kinda game over move and there's nothing that really prevents it (pre UEFI) other than the fact that the programming is kind of tricky.
4. To fix this the computer maker must have some opinion about what the computer is willing to boot. Boot-loading code is henceforth separated into "good" code that makes users happy by letting them surf the web, print etc and "bad" code that makes users unhappy by screwing with their machine and data and possibly bank accounts. This appears to be unavoidable and can be implemented with cryptography.
5. But computer makers don't really want to have such an opinion because it's a live wire for geeks who run obscure operating systems. They just want to get rid of malware. So they need a default, reasonable whitelist that will make users happy, and then a way to edit that whitelist that is too difficult for users to get phished or scammed into doing by accident. Whitelisting public keys in the UEFI/BIOS screen seems like a reasonable approach to this.
6. To have a signing key that's shipped out of the box you must agree to some simple rules, like, you must actually not be malware, and you must not accidentally sign malware, and you must protect your key, and you must not sign a piece of software so open that it can be trivially wrapped around malware. The first three are easy but the sorts of guarantees best made by an institution, not an individual. Microsoft is an institution. "Linux hackers" are not. But, there is a Linux Foundation that could play the role and helpfully already own the Linux trademark (I think), so they already kinda get to decide what is and isn't really Linux.
7. The final condition is the harder one because it implies a chain of trust. Otherwise the malware writer can just create a bespoke Linux that boots into a minimalist Linux environment and then immediately unloads Linux and chains onwards to a patched Windows. So each whitelisted Linux distro needs to have a default opinion about what can run in kernel mode that is (again) overridable, but only by people who know what they're doing. Which Linux can do, via module signing. So no technical problem here.
8. At this point Linux vendors appear to have flounced out of the room and collectively decided they can tell the PC industry what to do by refusing to take part in the process. They were wrong, nobody gives a shit about desktop Linux because it has hardly any users. However they only realized this way too late, by which time PCs were already shipping without any Linux Foundation keys in the whitelist. What to do?
9. Answer: go crying to your primary competitor and pressure them/ask them nicely to fix your fuckup by using their own cert to sign your operating systems.
This is kind of pathetic and it appears the Linux community has still never got its act together and set up a key whitelisting process.
There are some Android x86 devices that won't boot unsigned firmware and won't let you change the signing keys. But I've only seen that in non-BIOS, non-UEFI devices.
Your text is written in past tense. But if there is a maintained list why is nobody working to get linux vendor keys in now? Yeah, it'll take a while for the hardware cycle to refresh, but it's better than nothing.
It's a damn shame that Russinovich sold out to Microsoft as that broke Sysinternals' independence. It seems clear to me that Sysinternals was getting a bit too clever for Microsoft's liking and by buying Russinovich out then meant that it could control the process. Likewise, Process Explorer is being silenced for similar reasons, and denying certificates is obviously cheaper.
- unsigned code pops up with a big warning 'your pc will explode' or something like that when you try to run it.
- signed code does not need a cross signed certificate. Any CA can include the code signing oids and voila. This displays as yellow but the CN is extracted as the publisher name.
- Finally EV certificates give you 'instant reputation' i.e. no orange warning. The difference is entirely audit related and the OIDs you may include. The crypto is identical to normal certs.
This I'm fine with. I understand Microsoft wanting to protect their kernel and the user experience and I'm on board with that but I like the fact that windows has traditionally been a very open system. It is a real shame it is heading the other way.
I haven't developed windows drivers for years though, or used windows as my daily machine for years either (it was Linux at home, windows at work, now Linux for both).
That's my ideal plan but for many reasons it's been a long road for me and others I know.
In controlled environments where the outcomes are either narrow or clearly defined then money can be thrown at the problem to ensure that Linux penetration is 100%. Unfortunately, I'd hate to count the number of times I've seen this objective come unstuck for many reasons, thus an annoying residual of Windows installations remain.
Generally, it's not the lack of Linux applications that's the problem but more a mixture of compatibility issues brought about by a diverse range of hardware types and vintages thereof combined with either a lack of Linux drivers or the poor performance thereof - for instance the nVidia driver and Linux's native NTFS driver that's now old and leaves much to be desired (yes, I'm aware of Paragon's NTFS diver and I'm hoping that it will, in part, improve matters).
Also, ordinary users still have significant difficulties in installing Windows apps in WINE not to mention getting printer drivers to work. I don't know how many times I've heard "I tried to install the CD that came with the printer and it didn't work".
It would be nice to see the Linux community spend more time on these compatibility issues for if we could solve many of them then we'd see an upsurge in Linux usage on the desktop.
Even I haven't eliminated Windows completely. As far as I'm concerned this is now a high imperative given that Windows has morphed from being an independent operating system into a fully-fledged functional appendage of the Microsoft Corporation.
This is surely not how I would interpret this behavior, even if regarding malware to a disproportionate degree.
And presumably on OSX none of this applies because it's all BSD underneath? Or is OSX different again to just running BSD out of the box?
- SIP off (totally, or just driver signature enforcement)
- kernel driver (deprecated, Apple doesn’t issue new certs anymore it seems)
- system extension (user-mode driver, explicitly intended for device compatibility)
(no idea how this actually works in practice, wonder if one could wrap open source work under a non-profit organization)
1) Test signing - do what you want
2) Kernel driver - still possible, needs EV cert?
For 2), it’s borderline impossible to get a driver signing cert for macOS nowadays for individuals, it’s easier on Windows.
This is not true. kexts are still signed by apple after being submitted and vetted.
The net effect of this: if something can be done using a System Extension rather than a kernel extension, you'll get deprecation warnings if you try to do it with a kernel extension. Kernel extension points that have not been replaced yet are still valid, will still be signed if used, and will still run on current versions of macOS.
On OS X Intel the operating system will basically refuse to run unsigned code unless you know an ever-shifting series of magic undocumented cheat codes. You have to do weird things like hold down certain keys then use the right click context menu to open unsigned apps, you need magic CLI commands to disable notarization checking, you have to go into the system preferences window to enable drivers to be approved and then reboot etc. The UX is atrocious and gets worse all the time - it's barely acceptable even for developers. That's for usermode. Kernel mode drivers are dead now, more or less.
On OS X ARM unsigned code will not run. Period, end of story. The magic cheat codes are gone. All code must be notarized, which is a server-side approval process of the type Microsoft only use for kernel drivers.
There are a few silver linings to all this. One is that getting a cert isn't actually that hard. You need a credit card, basically. It's not like getting an EV cert where you need a company and for a CA to verify the corporate identity. Likewise their "notarization" process is not a manual app store like review, it's fully automated and is mostly just checking that the app is well structured and properly signed. It probably does other things like checking you aren't using internal APIs, and they presumably archive all the binaries they notarize so they can go back in time to investigate malware and so on. But it's not being used for political or commercial purposes, at this time.
Honestly the majority of Orgs don't have these chops. There's really no go way to proof anyone.
I think the rationale for Orgs is just that they have more to lose.
What is it with MS these past few months? It's like they're trying to throw away the little community goodwill they managed to build up over the years.
They are as hostile to free software as they ever were. Why wouldn't they be? It's antithetical to their business model. The only thing that's changed is how sneaky they are about their time-honored tactic - embrace, extend, extinguish.
I was thinking the same. It's not been a good few weeks for them. They're quickly losing trust which was hard to acquire in the first place given their history. Maybe a timely reminder to mention Halloween  ?
Now, MS runs the world's largest source code sharing service and many of these young developers launch proprietary MS code editing tools daily.
We old timers always knew what the end game was, but young people lack the context and so many are already hooked on MS now. It's not obvious to me that they will ever care enough to switch no matter how hostile MS behaves.
Not all of us. I had just barely started being willing to trust Microsoft again, and they've repeatedly shown themselves to be hostile since the initial "Github is cool! And WSL! And VSCode!", enough is enough.
I've read the Halloween documents, I know where this goes.
I have a feeling MS will continue to dominate due to network effects and vscode/wsl being a nice enough experience. It'll take them resting on their laurels or some great act of user hostility to change this status quo.
- rebrand as open-source friendly, only open-source whatever narrow side-projects they barely care about but could be run on other systems (VSCode, Powershell); distribute official packages with spyware
- monopolize the education system by offering bribes including gratis hardware devices to whoever in State education will work with them to pretend Microsoft loves kids and kids need computers (with Microsoft software, obviously) to learn anything in the 21st century
- force manufacturers to deploy "TPM v2.0" on their new machines so they can run Windows 11, continuing the push so that people have 0 understanding and control over the machines they own (instead are controlled by the machines), and don't have a choice of system because "SecureBoot" 
- love Linux! let them integrate all your POSIX/Linux APIs in a VM on their system, so that you never have to use anything else than Windows ever again (embrace...) ; it's just like reverse-Wine (execute Windows program on free systems) except they have an army of developers with $$$$ and don't have to waste time reverse-engineering anything because they have the source code to both systems... how convenient!
- viruses are such a huge problem, if only we had some sort of digital signatures for software, and trustworthy places to get it from?! sure let's have a Microsoft market where you can buy adware/spyware signed by Microsoft, with two key advantages: 1) it's super faster because signed software is not inspected real-time by Windows defender 2) noone else can make their own "appstore" repository with their own signature keys (like we do with Flatpak/APT/nix/guix) ; very soon they can start to hide how to run programs unapproved by Microsoft like Android or MacOS  have been doing... and it's all for security, right? because app-store monopoly has definitely stopped malware (oooh that's a nice flashlight app you got there Google Play) without harming FLOSS/hobbyist devs (yeah sure)
It's just *washing (openwashing here) straight out of marketing textbooks. If you know/learn anything about capitalism and public relations, you won't be tricked next time!
 Briefly touched upon in this bigger article about how Microsoft is still evil, why Secure Boot has nothing to do with security, and why hardware manufacturers happily play along: https://www.haiku-os.org/blog/mmu_man/2021-10-04_ok_lenovo_w...
 There was even this worrying story at some point that MacOS would refuse to open applications (whether signed or not) because their centralized server could not be reached: https://news.ycombinator.com/item?id=25074959 <-- Soon coming to your Windows setup
Yeey, brave new megacorp world!
My name is [Kumar/Numan/Punith/Suresh/Sachin] and I work with the
Outlook.com Sender Support Team.
I do not see anything offhand for the IP (xx.xx.xx.xx) that would
be preventing your mail from reaching our customers.
Good bye and fuck off.
550 5.7.1 Unfortunately, messages from [xx.xx.xx.xx] weren't sent.
Please contact your Internet service provider since part of their
network is on our block list (S3150).
- is the exact same message being sent to many users?
- does it look like previous spam?
- are messages from this host being reported as spam by users?
We have plenty of techniques to filter out spam (those above and technical ones like DKIM to enable host reputation systems) and they mostly work great. What Google/Microsoft are doing is just monopolistic attitude and has nothing to do with spam filtering. Spam from big email servers is still common, but legit emails from smaller servers will not reach intended recipients, and will not produce any indication of that on either side of the communication. It's just silently going in the trash.
If there was at least a decent way to get allowlisted on their side, we could give them the benefit of the doubt and accept that email ecosystem has turned to an opt-in federation model. But the way they do it and prevent recourse is a clear abuse of dominant position to crush the competition.
Before I moved to fastmail, my email was consistently getting nullrouted by microsoft. Everything was setup correctly (SPF, DKIM, DMARC, ARC, etc...), and every other mail host I tried would receive my mail correctly. I send out a very low amount of email (3-4 per month?).
We (small devshop + some hosting + self-hosted email) hosted a few things for a foundation for years, and about two years ago they migrated the mail stuff to MS. (We continue to host a few sites, domains, DNS.) Now when they need something and send us an email we can't reply, because our IP is "listed".
Okay, I know spam can be bad, and fine-tuning spam filters is a PITA, so let's go through the delisting process, surely with enough perseverance eventually MS will tolerate us into their graces.
Well, it has been more than a year now, and still no luck.
We have completed reviewing the IP(s) you submitted. The following table contains the results of our investigation.
Not qualified for mitigation
Our investigation has determined that the above IP(s) do not qualify for mitigation.
For devices I own, I gotta control the secure boot, or I simply don't own it.
If the schematics and code to the TPM were free and there were "tamper evidence" mechanisms in place, we could argue secure boot had some benefits for security. But in its current forms, it's just preventing users from owning their devices with little evidence for security for determined attackers.
Machines should be simpler and auditable: that's how reliable security works. Adding piles of shit on top the other piles of shit is just producing more overall shit.
Probably. But if my laptop gets stolen I would rather have the thief needing to spend a few million dollars in order to defeat Secure Boot.
Now if I were to worry about state level espionage I would combine the secure boot with a strong password for device theft, and not bring the device anywhere a long-term evil maid attack might occur. But in that case I am still happy if my stolen laptop requires a few million dollars, and that an evil maid also needs to somehow defeat secure boot before being able to do anything to some of my device.
Secure boot isn't perfect. But no practical security measure is. Secure boot is effective at making attacks more difficult, and that means it has value.
It just so happens that such value is most relevant for company-based security. And sadly it seems to be pushed on private devices for other reasons. But the move towards abuse of secure boot does not mean we should ignore the security benefits it gives to company-issued laptops.
1. Any signed app with good reputation will be ignored by Windows Defender and other AV tools. That's how Windows security works: the anti-virus programs focus their attention on activity by code that they don't recognize. Signatures are how to handle "good" polymorphic code like app updates whilst stopping "bad" polymorphic code like viruses that constantly rewrite themselves. This isn't connected to the app store.
2. You can in fact make your own app store. Windows 10 comes with something called App Installer. You put an MSIX file and a .appinstaller file on your web server, and open the XML file with a special protocol handler. The app is downloaded, installed, lightly sandboxed (but not aggressively so: win32 apps will work fine), and Windows keeps it up to date for you. This is basically the same experience as the App Store itself, but decentralized.
VSCode is still not entirely open source and the official builds have spyware included.
Spyware is NOT the same as gathering Telemetry data.
You can also just turn off Telemetry in VSCode in the settings.
I think a vast majority of people on HN gather data on customer usage of the products that they build. Because it ultimately makes us able to tailor the products better for our customers. It's just ignorant to put this in the same category as applications that slurp up as much data as they can for e.g. ad-profiles or to sell that data off to the highest bidder.
It's precisely because it's technical people who know better that you see "telemetry" labeled as "spyware", which it is, and it's how we called it back in the 1990s/2000s.
The only reason people these days call spyware "telemetry", is because it got normalized by large companies, and is now defended by devs who figure it's better to ship spyware to people than to give a damn and talk with users.
Telemetry and spyware differ only in the way collected data is used.
A lot of software lets you opt-out from Telemetry gathering when you install it. I would not think Spyware would do this.
And I feel like saying it's "only in the way collected data is used" really makes a small thing out of something that is very important.
There's a very big difference in doing something maliciously and doing it to genuinely try to make your software better!
Lots of spyware that wants to remain on one side of a less dramatic divide simply provides "options" for example in the installer that are opt in and vaguely defined that no sane individual fully understanding his options would opt for.
Such software isn't usually cryptolocking your family pictures instead its frequently grossly violating your privacy and selling your time and attention to third parties who in turn may opt to use this bought and paid for back door into your computer to waste your time or cryptolock your family pictures.
Here's a clue. If you have to make a feature opt out because nobody on earth would opt in given time and expertise sufficient to understand your offer then you are victimizing your user. I cannot think of a case where any data collection being anything other than opt in would be acceptable.
No, they first and foremost differ in the kind of data is collected. Spying is not spying if you anonymously collect information about how frequently a feature/future/option is used only.
So, the OP was correct in calling it just spyware?
Why do people jump into defending corporations that repeatedly abuse their customers when they do unknowable hidden actions?
And the illusion that it will always be possible to disable telemetry is just that, an illusion.
I'm absolutely all for privacy and limiting unnecessary gathering of data. But there's nuances to this discussion and labeling everything that has any amount of telemetry as "Spyware" does not do anyone any good.
Maybe it's not "hurr durr" and people have a legitimate reason to hold that opinion. To those people, any distinction between spyware and "good" telemetry is merely academic and effectively irrelevant.
"hurr durr" strawmen on the other hand...
My favorite part is when someone figures out "telemetry" includes the MAC address, and the dev team just goes completely silent.
There's an honest, non sneaky way of gathering usage information: pay for rigorous testing and price the cost into the product. Telemetry is lazy, invasive, and user hostile by default. Every bit of information acquired from users should be given with informed consent or not collected at all.
It's hard to really stand up to that kind of situation.
Hashed MAC address: a cryptographically (SHA256) anonymous and unique ID for a machine.
Although I disagree that they should have this to begin with, it being anonymized is still a pretty important detail.
As a developer, how do you know the data you're collecting now won't be used maliciously in the future by your org?
We don't collect customer data, we ask for feedback directly.
Such a feature should be disabled by default.
It's worth bearing in mind for those considering switching.
If you care about software freedoms, even just a tiny bit, you wouldn't touch “Microsoft open source”, and you wouldn't be happy about your friends using any of it, like you wouldn't be happy about seeing them with a heroin syringe. That is going to explode spectacularly one day.
Being spied on, having forced updates, a remote kill switch on your computer, "telemetry", advertisement, and the best of all: your government being bullied and lobbied on with the money you paid... it is all worth it because you can run a stupid DirectX game at 60 fps instead of 58 fps. Until the forced update interrupts your game, that is.
If you wouldn't touch Microsoft open source but you would touch Google open source (say Chrome or their contributions to the Linux kernel), I would love to hear how that is different. Personally, the software I use is not a matter of ideology but a matter if the best tool for the task at hand. But your observation on how MS is using adversarial compatibility against Linux (flipping the table) is correct. I just don't see how post-systemd gnu/linux is all that different, perhaps because it is many megacorps contributing and controlling Linux? It's not exactly driven by software freedom anymore.
>The existing drivers are compatible with Win11 and haven't been blocked by Microsoft yet... The large majority of changes by Microsoft are limited to restricting the Windows API with signature checks that block competitors software (e.g. CreateWindowInBand, NtQuerySystemInformation, NtQueryInformationProcess to name a few) rather than directly targeting the drivers themselves.
>The signature checks added to those functions and classes only block third-parties and this includes signed binaries. We won't be able to implement the same functionality as Task Manager and Process Explorer because of those Microsoft-only signature checks even after we sort out the submission issue.
>Always-on-top, Auto-elevation, DPS statistics, Default taskmgr application preferences (Microsoft hardcoded taskmgr.exe blocking competitors), GPU statistics (deliberately broken on Win10 and Win11 recently) and the DirectUI framework are some examples of features that I want to implement and are currently implemented by Task Manager but are Microsoft-only signature restricted while newer more advanced security like PPL that we desperately need are also Microsoft-only signature restricted.
>The only certificate allowed to use these and other functionality is now limited to Microsoft Windows certificates - the same certificates used with Task Manager and Process Explorer - while SAC has even more powerful functionality than anything else (including Process Hacker) with absolutely no security whatsoever.
So, basically, for some reason, Microsoft wants to make it very hard for you to see whats running on your computer...
and there's a mile of difference between undocumented and "can't be called by non-MS products at all"
Windows components, of course, aren't subject to any such rules. There have always been and always will be interfaces necessary for Windows to call itself that the company has no interest in supporting in a backwards-compatible way and publicly documenting. An example is pinning applications to the taskbar: Windows needs to be able to do it, but if it was a public API every app would do it and the experience would be ruined.
Of course, Chrome eventually figured out a way to bypass and do it (I believe using accessibility hooks to simulate user input? I forget the details), at which point the arms race escalated from there - the Windows team added new protections in that area - but I haven't worked in that area in a long time and don't follow it in detail.
That's my take on it, too. I doubt they care about a "competing" task-manager tool.
That sounds a little conspiracy theory-ish. It seems like there are other tools to access this info, is that not the case?
(Also, isn't this straight up illegal according to their previous settlements?)
So they can run spyware. Nearly every user hostile policy or behavior can be explained by the insatiable lust for data.
Always-on-top, Auto-elevation, DPS statistics, Default taskmgr application preferences (Microsoft hardcoded taskmgr.exe blocking competitors), GPU statistics (deliberately broken on Win10 and Win11 recently) and the DirectUI framework are some examples of features that I want to implement and are currently implemented by Task Manager but are Microsoft-only signature restricted while newer more advanced security like PPL that we desperately need are also Microsoft-only signature restricted.
CreateWindowInBand also fails with Access Denied.
EDIT: I guess they want to prevent you from doing interesting things like staying on top of the lockscreen. This article sheds some light on the Z ordering changes since win8
Locking other vendors out of that functionality (eg. can't create a Notifications panel alternative) is anti-competitive and degrades one of the best features of Windows (the ability for others to improve it as they see fit).
I think MS is going for the kill against Steam this time.
And this is with Windows 10. Windows 11 will require MS permission, and some Steam games will simply never work there.
But you will be able to purchase them again in the MS Store.
They've had a LONG time to fix this.
As for the matter, some teams here are just as incompetent so someone's probably going to have a fire lit under their arse to either fix the signing issue or publicly document why these APIs are now "protected"
Reminder that they own Github as well as what is likely the single most widely used code editor.
> Microsoft has been secretly adding more powerful features than Process Hacker via their SAC product – SAC has no security whatsoever by design – they're clearly targeting the project not because of any actual technical issues but rather because we're more popular than their products, so they're using the same (illegal and anti-competitive) tactics they used against Netscape Navigator to eliminate competition but also labeling the project malicious in an attempt to mislead the competition regulators.
Yet another example of a trillion dollar tech company stifling competition and innovation with anti-competitive tactics.
Both Microsoft and Apple require developers to sign software in order for their apps to run on Windows or macOS. Developers must pay to buy and renew their certificates regularly and must remain in good standing with either company if they want their apps to run on either OS. At any time, and for any reason, Microsoft or Apple can revoke your certificates and prevent Windows or macOS from running your apps at all.
The control over what apps can run on Windows or macOS is all about securing profits for either company, first and foremost. Actual security is just an afterthought.
Both companies take it one step further and are locking developers out of kernel space. Apple stills signs a few third-party .kexts, like macFUSE, but everyone else is out of luck. Microsoft needs to sign kernel-mode drivers or situations like the one in the OP will occur.
This is certainly different than, but reminiscent of, the situation with AppGet and Microsoft's clone, Winget.
do you mean Special administration console? or Semi-annual channel?
It's special administrative console, more in depth info what that actually is in the comment.
on 16 Aug
is the process termination feature of PH the only thing MSFT has a problem with?
I mean if its the only thing they don't like, may be its worth moving that feature into a separate tool or a plugin with an own unsigned driver?
Also changing the name would be an option, if than all the problems can be avoided.
on 16 Aug
the only thing MSFT has a problem with
MS refused to discuss anything and have ignored every email so who knows what their problem is.
if its the only thing they don't like
It's not the only thing.... There are recent changes to APIs that block and limit features when the caller isn't taskmgr.exe.
Either way this discussion is offtopic from the KPH updates.
If you're using these keys as part of a disk encryption scheme, you may find that your government deems this to be an illegal attempt to prevent yourself from complying with search warrants (even if you're not suspected of any other crime).
This is a bit FUD-y. TPMs are key stores, the same as what Apple calls a "secure enclave." When you activate a device with a service like Netflix or a software like Windows, they stick their key in the TPM. As a user you can clear of disconnect the TPM any time you like - you're in control of your device. What you're not in control of is Netflix and Windows - Netflix and Windows are only going to authorize 5 TPMs. If you reset your TPM, you're going to need to re-enter your license information.
To me, operating with a well designed model, when and if I choose, with the ability for me to shut it down at any time - that's control.
1. Under no circumstances would they ever be sold with any private keys already on them
2. There would be no way to prove or determine after the fact whether a given key was generated internally or imported from an external source
If those two things were true, then you'd still be able to get 100% of the legitimate security benefit of them, but they'd be completely unusable for DRM and other evil things.
Microsoft never did change, nor will it, no mater how many they manage to fool, manipulate or bribe. It remains a criminal enterprise that should be cut down. But that will never happen, as long as the government(s) controlling this company are made of the same DNA.
Good luck to those who have the luxury of a choice to avoid this company (and similar ones). Even more if they still choose not to. Most of all, good luck for those who don't even have a choice, for they most likely will need luck more than anyone else.
I thought recent efforts of MS were a sign of wisdom somehow.
No, they sold out to Google on that already.
Edit: Correction, MSDOS 1.25 and 2.0 was released too
As far as opensource DOS, nothing beats FreeDOS: https://www.freedos.org/
Oh yes please...i want that universal Linux Distribution ;)
>nothing beats FreeDOS
Dosbox and dosbox-x beat FreeDOS anyday.
And, still, XDOSemu+FreeDOS runs circles over DOSBox and DOSBox-x.
That's exactly what i don't want.
>And, still, XDOSemu+FreeDOS runs circles over DOSBox and DOSBox-x.
No, not really have you even installed FreeDOS once? BTW the FreeDOS developers will perfectly tell you that they have no interest in being dos game focused...and you can feel that 50% of all games just refuse to run...that's not the case with MSDOS 5.22.
FreeDOS runs the 99% of software and drivers available for DOS.
Windows also has DTrace, which does support arbitrary kernel hooks, but it requires booting in a special mode with bcdedit /set dtrace ON, which makes it unusable for machines not under your direct control.
None of those give enough visibility in the kernel structures to fully subsume kernel mode drivers. And further, they don't allow some of the advanced capabilities that are provided by things like ProcessHacker, such as killing PPL, forcefully closing remote handles, and a bunch of other stuff that is only possible via a kernel driver.
> Dave-o says:
> 2021-10-24 at 23:45
> Notice how it's now virtually impossible to disable Windows Defender nowadays? Libvirt is also having trouble getting Microsoft to cert their drivers. Etc, etc etc. Who gave them the right to limit our freedom to run what we want on our computers?
> Reviews about Windows 11 at formerly-credible websites like http://www.arstechnica.com & http://www.thevirge.com, etc are so pathetic, "oh the new toolbar! But mah techichial anayasis is that there are some old dialogs still in control panel! I wants mah new eye-candys!". And their sycophantic commenters are vastly worse.
> Truth is, Microsoft's strategy may have been FUD in the past but now it's evolved to 'slowly tighten the noose'. The reason I liked Windows was my ability to audit it. At least someone should be able to. Now with hardware-enabled DRM secure envelopes & encrypted memory regions, that is becoming impossible. Which is exactly their plan.
> Because, you see, Microsoft wants to become like Apple: "We respect your privacy; your secrets are between just you and us." Do you trust there's no and will be no future Microsoft-only back-doors in the Windows Firewall? Really?
> Who actually owns your machine? Can you actually stop your iPhone from updating? Nope. In the past I tried and their upgrade permanently broke some CAD apps I heavily relied on. And there's no way back, baby. The content I created? poof
> It used to be more a Facebook / Google thing. Post on social, they have a permanent free license to use your content and treat it however they like. All corporations are liable to their shareholders if they don't maximize profits. Why are these guys so insanely profitable? What do they actually create? They're all just leaches on our data.
> SO, either get used to the 'brave' new world: mega-corporation$ & the government own your most intimate personal information and control the devices you rely on. Or switch to linux and at least have a prayer of someone keeping the software you rely on honest by auditing it. Just someone having the ability to see what's going on inside that secure-enclave hiding in your computer is enough of a threat to keep them honest.
> These days, most folks live in their browser. Maybe play some games. Install Kubuntu and run firefox and most Windows users will barely be able to tell the difference. Getting Windows running inside a QEMU virtual machine isn't really that difficult. At least that way you have a way of firewalling Windows that's outside of Microsoft's control. It's a bit more tricky for mom but is becoming more turn-key & productized all the time.
> Linux Wine is coming along nicely. The day is fast approaching when Windows games will run great directly on Linux. Steam Deck will push this over the curve and it's all down-hill from there. Why prioritize targeting Windows when Linux becomes a large market? Multi-platform is kinda ugly but it's a thing. All other things being equal (usability, compatibility, etc) consumers will always opt for more privacy and control. And this is the way out of this privacy & control mess.
> With IPFS and distributed platform tech so close, the new future will be the public ridding themselves of these menaces both for social and their personal devices. At least I hope so.
bcdedit /set testsigning on
I'm not sure but DRM might revert to lower levels (e.g.: 720p), but that also happens on macOS when you disable SIP IIRC.
It’s the reason that game cheat makers look for exploits in random drivers to load their cheat in kernel space.
Also, updates will probably revert the changes too.
I guess after a decade of watching Apple and Google getting away with stuff that Microsoft would have been drawn and quartered for twenty years ago, they decided it was safe for them get back to their old ways.
sigh Would have been nice, though.
How did you come to THAT conclusion?
If based in the US, they would be SOL.
You know, the ones that don't have a TPM chip?
Now you know. Windows 11 completes the lock-up of the OS.
That's why Windows 11 exists in the first place. All other changes are secondary. Microsoft knows they would've not been able to pull shit like this as a Windows 10 update, so they were effectively forced to do a version increase. Against older promises of W10 being the last Windows version ever.
Welcome to the future that Microsoft always wanted, but couldn't have - a platform with airtight control. Just like what Apple has with its AppStore and its wonderful, wonderful 30% commission. Almost there and the lemmings didn't even notice it, distracted by the new and friendly Microsoft front, free upgrades to Windows 10 and centered Start menu in Windows 11.
Mark my words - Windows 12 will severely impede direct installation even of an user-space software, funnelling everyone to go through the store. That's the end goal and we will all be there in a couple of years, whether we want it or not.
--Richard Stallman, "The Right To Read"
Right now the chip fabs require billions of dollars in investments in order to make our processors. They are single points of failure. There's nothing we can do if the government starts targeting them for regulation in order to curb effective cryptography, copyright infringement or any other subversive technology.
Imagine tax software (comercial or gov provided) refusing to work unless you use an OS with TPM support for "security reasons".
Or even worse, what would happen if gov regulations started requiring ISPs to stop working with non-compliant hardware? I.e. something like requiring network devices to attest they are "oficially" approved before allowing to connect?
I don't think this will happen any time soon (hopefully) but I can see how even making your own hardware might no be enough.
> I don't think this will happen any time soon (hopefully) but I can see how even making your own hardware might no be enough.
This already happened in Android, at least where I lives (Indonesia). Most of Banks, Government Services, and freaking McDonald's apps will refuse to run if your phone are rooted "for security reason".
Websites can't tell, but lots of companies don't provide equivalent functionality via website. I know I can't upload check images for remote deposit unless I use the native banking app.
What irked me is sometime app developers are abusing it without asking themself "Does this app really need to check for rooted phones at all?"
I'm okay if banks apps are using that. But why does fast foods apps need to use that? Most people that I know are paying with cash when they order foods online (and you can't hack paper money with rooted android phones).
I'm not okay with it, to be honest. It's my money, and I trust a rooted LineageOS with it much more than I trust the default firmware of most phones. Besides, my bank lets you do the same operations from their website that you can do with the app, so in my case it's pure inconvenience, not security.
like having to rotate your password every 3 weeks and requiring 4 special characters/...
Perhaps “food delivery” means pizza to you, but there are many places where it also includes thousand dollar bottles of wine.
Fraud becomes significantly less profitable and more of a pain in the ass if you need to set up a new phone for each account.
I have Google Pay and several banking apps on my rooted phone without issue.
Google can make it mandatory at any moment and then you won't be able to "hide" anything.
> Or even worse, what would happen if gov regulations started requiring ISPs to stop working with non-compliant hardware? I.e. something like requiring network devices to attest they are "oficially" approved before allowing to connect?
Looks like we're going to need a concept of networking freedom as well. Ideally, this will be solved by ubiquitous mesh networks that the government can't possibly hope to ever regulate or outlaw. Practically... We'll probably end up living in some dystopian cyberpunk hell since the vast majority of the population is too apathetic to join this cause and help run this decentralized infrastructure.
It doesn't have to be. The main goal is a free uncensorable network, if we must pay a price in performance for that, so be it. People use extremely old ThinkPads with libreboot because they're the last processors without Intel Management Engine.
> Governments have also shown the ability to regulate radio usage very well the world over.
Yes, because usually it's only a few people at a time who are interfering in radio communications. Easy to respond to a few isolated incidents. What if it was everyone at the same time?
What if every smartphone in the world could create and maintain its own mesh network? In some places there wouldn't even be a need for ISPs. They'd be needed for long distance connections only.
If you look at the IT/computing/internet position from a global perspective you'll note that there are many outrageous situations that warrant political action. These issues include copyright overreach, gross privacy breaches by the likes of Google, Facebook, et al, to internet protocols done at the bequest of corporations for their own benefit, to the ever-increasing proprietary nature of both software and hardware including CPUs not to mention hidden proprietary firmware code in vehicles that drivers do not have access to, etc. - much of it done under excuse or the false premise of security.
If one matter stands above all else then it is that there's no cohesive political opposition of any notable size that's capable of disrupting the political system/establishment to the extent where politicians must take notice.
This is a serious problem and it's a fundamental one. For instane, Cory Doctorow noted that the problems with copyright including copyright reform can't be sorted out as the big players have too much money, power and influence and those of us in opposition are just too few in number to make any difference no matter how just and legitiate our cause may be. In essence, in the grand schema of social and political life, copyright essentially amounts to nought - so it's little wonder copyright reform is left to wither and languish (note, this is my interpretation/summary of what he's been saying on various occasions).
Even organizations such as the EFF and influential people such as Tim Berners-Lee and Bruce Schneier have very little influence on their own in the face of huge corporate opposition, MS, Google, Facebook, etc not to mention governments, the NSA, GCHQ, etc.
In essence, it's all a lost cause unless we can all coalesce together to form one overarching body of international standing that's politically able to fight the forces of darkness. Unfortunately, I'm pessimistic that this will ever come to pass simply because pretty much all of those involved have demonstrated that they're very independent and headstrong and thus they're unlikely to be sufficiently united to be fully effective in a common political cause (one only has to look at the hundreds of disparate Linux distributions to see that). Nevertheless, it'd be wonderful if I were to be proved wrong.
In the same vein, I'd suggest that there's a more fundamental problem at stake here. That's the general apathy and unease about democracy currently held by huge swathes of the citizenry. Modern democracy formed hundreds of years ago when life and times were simpler thus the democratic systems that were set up to deal with them were structured accordingly and there's been precious little change since.
This brings us back to issues such as the
copyright one I've mentioned. Modern democracy has no simple way of dealing with the many thousands of genuine legitimate causes that have arisen out of the complexities of modern-day life.
Modern democracies with their mainly (effectively) two-party systems can't effectively accommodate all the nuances of these complexities and like the parable of The Man, the Boy and the Donkey, they try to please all with botched compromises and end up pleasing none (for example, just witness the many political shemozzles over COVID).
In my opinion, the only way to overcome such problems is to review and then agree on new - or even which covenants should bind citizens and The State then take it from there (on some issues where there's no common agreement society may have to divide into groups and individuals be bound by the laws of that group, etc.) Whatever the outcome it's highly unlikely to be resoled in the foreseeable future.
I believe that the creation of the Java version of that application was due to complaints from Linux users, so this is AFAIK a case where citizens used to be excluded based on their choice of operating systems, and convinced the government to allow more choice.
Another example is online banking in Brazil; for a while, most banks required the use of an horribly invasive "security plugin" for the browser which ran only on Windows. Nowadays, there's also a Linux version of that invasive software, so users of Linux are no longer excluded from online banking on their computers (it's not perfect because it still requires that invasive software, but it's better than before).
Is this a fact? I too remember something along these lines but I wasn't sure. If that's the case, it's amazing. Those Linux users are still citizens and they pay taxes too, they absolutely deserve to be supported even if they are 0.1% of the population. The government has nor should have any profitability excuse.
> for a while, most banks required the use of an horribly invasive "security plugin" for the browser
Yes, the Warsaw plugin. It's even on the AUR.
I HATE that thing. I tried to reverse engineer it once to see what it does and why it slows everything down so much. I caught it intercepting every single network connection. I actually switched banks to get away from this stupid software. Literally malware.
- To what extent do you interop with existing (closed?) hardware, vs trying to recreate the world from scratch. Do you implement usb, pcie, etc, or do you make your own philosophically free equivalent that isn't compatible with existing devices?
- In any case you will have to cope with the fact that homebrew CPUs will always be a decade or two behind the cutting edge intel/amd cpus in terms of performance
- Your system has to be useful in order to get people to use it, but it has to have people working on it consistently in order for it to get to a state where it's useful. A chicken and egg problem.
There is, however, at least one off-the-shelf free computer system - I'm thinking of the Raptor Talos platform. But even then, you're paying significantly more for a computer that performs worse, unless you're running supercomputer-esque workloads on your desktop PC
If valve doesn't make Linux a viable gaming platform, they are going to be chess maneuvered into a checkmate by MSFT and Apple. Epic recognizes a similar issue too which is why even if they are competitors, they recognize the greater threat and are working together somewhat with Epic porting EAC to Linux & proton.
Right. I admire them certainly, and I'm thinking about getting a framework laptop myself, but we shouldn't really call their products free/open hardware because they use backdoored CPUs from Intel/AMD
Create market demand, and companies start providing market solutions.
"If you outlaw freedom, only outlaws will have freedom."
The fight is not about which programs the user can run, but who controls the user data
Control of data is a related problem. It's absolutely relevant but it's not in any way opposed to computing freedom. In fact, they are aligned. Computing freedom helps us retain control of our data even when faced with hostile corporations.
The move to ARM will highlight the hardware freedom in a big way.
People are used to ARM being different and are that much more likely to forget open, general purpose computing right along with that "old" x86...
Heh, I always disliked x86. But now? I look at it fondly.
Edit: It is the IBM PC lineage I speak of here, not just the ISA.
Remember the drama about whether Linux would be allowed to run under Secure Boot at all? That was last decade's reminder about hardware freedom and it had nothing to do with a new ISA. Thankfully Microsoft graciously decided that all Windows 8 logo hardware should allow users to load their own keys, but there's nothing intrinsic about the PC platform that forced them to make that decision, and nothing forcing them to keep it.
* This Ars article seems to say it's already been taken away. I'm trying to confirm Microsoft's current UEFI requirements in their docs, but I can't find them. https://arstechnica.com/information-technology/2015/03/windo...
There is something intrinsic to the PC: expectations.
The PC comes from a time where we got schematics, could build our own I/O cards...
None of that happened on mobile, and most ARM devices. Maybe the Acorn Archimedes...
And what I meant is ARM will highlight the LACK of hardware freedom. Maybe we agree here and got snagged on words?
Frankly, I am learning how to build more things. Probably will need to.
They do hold the keys. That is the unacceptable part.
Exactly. The issue isn't the TPM itself, such a device could even empower us. The issue is who holds the keys. Those with the keys own the machine.
I started discussion about that in this thread:
[Looks over at Apple //e and IBM XT]
We need another open effort. Soon.
It's worse than not having the right to execute. You can't even build the program you want. You have to use Apple pay, Apple subscriptions, Apple login. And you don't even get a relationship with your customer.
Their behavior is inexcusable but not surprising; what baffles me is that it's allowed.
We are still headed directly to the place he described.
And the fight to stay in control of your data is far easier when you use Free Software.
But the user data is mostly in the cloud, owned by Apple, MS, Google, Amazon, Facebook.
In the future we will be lucky to have apps that work offline with local data.
Are you from the past? This here is 2021. And right here, the expensive, professional apps still lets you grudgingly do it, but small/casual apps that work really offline? That became rare. Usually it is mainly server and some local cache, you better take care of, if you are in an area with bad connection.
But more and more of my peers realize, how much spotify sucks, when there is suddenly no more internet.
Well, I still have my own music collection(and my own player for it) and use spotify just for discovery. Each to his own and thank you, for the existence of open source and foss.
I do not have single small/casual app I paid for or free ones that does not work with offline data.
And they get removed after some time.
Some things were so horrible, not even Stallman could imagine them happening in his worst nightmares.
Then I got into arguments with people proclaiming that it's just Microsoft enforcing it for the casual user's safety, and that I'm a Microsoft hater. Who? Me, whose first programming language was C#, who worked as an Windows server administrator for years, and my operating systems have been nothing than Windows for 2 decades. And I'm suddenly a hater for daring to raise an eyebrow and question their design motivation?
I'm very convinced that the desktop world is at its worse. You have the commonly owned yet absurdly powerful tool known as a desktop computer have its market dominated by a single company, with no competitors whatsoever. Even worse, Microsoft's deal with hardware vendors ensure that even if a competitor were to rise they'll have to earn their favor as well. The game is lost for any competitor before it even starts.
And with the PC dominance under their thumb they test the waters to see with how much they can get away with, an approach they cannot even afford to consider when it comes to their other products like Azure or even the C# programming language. They also did their best to make Visual Studio Code great, until you realize that this also follows the same pattern.
There was an openness that existed in the world of computing. Despite all that was said of Microsoft back then, and much of the complaints about proprietary software were true then also, it wasn't anywhere near as bad as this. Back then, new releases actually did improve my experience of computing.
Every time I use Windows 10 I feel like I'm constantly in battle with the PC. Every new piece of news I read, every new feature in software and now hardware I read and shudder, thinking, how much more of my privacy will it cost? What other aspect of my life is being invaded?
And because of the network effect, I'm trapped in their clutches. I have to use these services or I can't work, can't talk to friends. All well and good saying 'use Matrix' but a chat program with no friends is just a note taker.
Such a seismic shift and it was only two decades. I just want this hostility to end. A computer is a machine, which is an elaborate tool, for Pete's sake. I don't feel the same way towards my garden hose or washing machine.
(And I increasingly wonder, were we freer back then because there was still some empathy towards customer needs at Microsoft, or because they were simply stifled from their real intentions by technological limitations?)
This by itself is not bad, problems arise when companies use this to justify deny control even from those who can be responsible with it.
I have no idea what the answer is, other than having Linux et al be the place for free computing (protected by its various barriers to entry) while the consumer OS space eventually becomes increasingly locked down. The only other ideas I have are dumb ones like requiring regular examination/certification/licensure to be able to use the “developer” version of Windows or something.
"We are not truly free if we don't have the freedom to make mistakes."
It's nice to hear about cyberattacks and such continuing, because it means freedom still exists.
They've been slowly cooking the frog in the background for a while now with the "trusted computing" stuff. It's over a decade old at this point. Back then the userbase was more technical and likely to smell BS, and DRM was definitely not liked even by the general public.
...but then they eventually found out that people could be scared into doing anything by justifications of "security" (regardless of what's being secured, who it's being secured by, and who it's being secured from), and here we are today.
Ah, so they took a page from the politicians' handbook. The same drivel that drives the public to concede privacy and freedom to their hands in the state also applies in private industry (I am thinking of the ominous UK Online Safety Bill). Like it is all the same zeitgeist.
> I don't feel the same way towards my garden hose or washing machine.
We just built and furnished a remote vacation home from the ground up and the shiny new appliances and even some fixtures (mostly ordered or approved by my wife) default to stubbornly demanding cloud access, often before they will even perform their most basic functions. At the moment, internet is only via 4G hotspot as we await Starlink's rollout next year.
This of course includes the Samsung TV but extends to the Denon amplifier, all the major appliances from washing machine, refrigerator etc all the way down to the light switches, thermostats and 'smart' toilets (which I view as 'input-only' devices). Fortunately, I intercepted the light switches before installation and hacked open source firmware on them but that required opening each one and temporarily soldering to reflash the firmware (I had to draw the line somewhere).
Most of the devices can be coaxed into functioning without permanent cloud access but it's a time-consuming escape-room adventure through dark UX patterns. The rest will require blocking at the router firewall level.
Then the rest of it was just a dour decline. Man, oh man. The worst of it is that all these devices could integrate genuine 'smart' functionality, but a user-respecting way would be locally run from a central box with open and interoperable protocols across devices. Exactly how a router and server works on a LAN. It isn't impossible to design this in a consumer-friendly way either. But the will and the demand just isn't there.
I wonder how these devices will be when the remote servers are inevitably switched off. I learnt this lesson very early on with online games (think GameSpy), the servers are not forever.
What has come over the population? It wasn't that long ago that they burnt identity cards in the UK (at the end of the second world war), the public were glad to see the back of them despite the touted 'benefits' by some politicians. My grandmother shuddered at the thought of giving any financial details online. In the early days, I never used my real name anywhere on the Internet. There is just so much passivity now.
> There is just so much passivity now.
For anyone interested there is a large, active online community around the open-source Home Assistant platform. I'm using it and the community has been a terrific resource for finding those still too-rare devices which both work well and are willing to work sans-cloud. There are thousands of contributors and hundreds of thousands of HA users now and together we comprise a market large enough for even low-cost Asian manufacturers to notice and start targeting products toward.
We are firmly in a new era of increasing DRM within the OS. As a producer I can see the desire but am saddened as a consumer with fond memories of a freer time.
Microsoft doxed itself on the TPM limitation being purely arbitrary when Windows 11 compatibility checks passed on a Pentium 4 CPU and installed just fine due to a mistake from Microsoft where they forgot to blacklist that CPU family lol.
Does "dox" mean "anything vaguely secret" now? I still remember the days when it meant "personal information".
As if years of experience hasn't taught us that opt-in security is stupid. This would be arbitrary if the TPM was useless, but it isn't.
You average consumer/home user does not benefit at all from the features of TPM since they're not subject to the same threat model. Here TPM, and also stuff of the UEFI security chain like Management Engine and Secure Boot in the past, act more like hostile wall-gardening that limit what a user can install on his system (remember how enabling secure boot originally meant you couldn't install any linux distro?) rather than add any meaningful security (will TPM and Secure Boot prevent grandma from getting her PC infected by malware off some shady phishing site? No? Then don't force those requirements for private users)
My friend, no doubt influenced by dementia and paranoia he was feeling, changed the passwords, made no note of them, and subsequently died. The computers in question run Windows 10 using Bitlocker and key storage in the TPM.
The data is effectively gone. I believe he was using encrypted backups to a "cloud" storage provider, too, but I'm also fairly certain the key is only on these computers. (The Windows accounts on these machines are local accounts so the Bitlocker recovery keys weren't saved on Microsoft's servers either.)
Matters were arguably handled poorly on my friend's part prior to his becoming of unsound mind. He wasn't terribly technically savvy and I'm not sure he considered the "losing my own mind" threat model. Nonetheless, it adds insult to injury that Bitlocker, which added no security for his day-to-day use, effectively caused the loss of his data.
Bitlocker is, apparently, enabled-by-default on consumer machines that, I'd argue, don't suffer from a threat model that necessitate its use.
There is a huge problem with technical and legal constructs associated with the rights to accounts and data after death. I don't have the answers for everybody. I've done what I can for myself and my immediate family.
The "I've lost my mind and undermine efforts I made, while still in my right mind, for successors-in-right to access my data" is one that I'm not sure how to defend against, and one that scares the willies out of me. I can document my last wishes but if I, in a fit or paranoia, change keys / passwords / remove recovery mechanisms, then those last wishes might be irrelevant.
It kind of defeats the purpose of the second factor -- the password manager becomes it -- but at least it makes the services that insist on it happy.
Reading the comments, before posting, helps.
And in fact Secure Boot does protect against Grandma being infected by boot-time malware. And when has it ever been the case that it prevented you from installing Linux?
There was a window, when shim.efi was not signed.
> And in fact Secure Boot does protect against Grandma being infected by boot-time malware.
When it was the case that grandma was infected by boot-time malware? One-half-like malware happened decades ago, and under windows they need administrator rights anyway.
And how can grandma get boot time malware at Home? IIRC those were common back in the days when people were plugging in infected floppy disks or thumb drives everywhere and you'd try to boot off them. Can't remember last time I saw this type of malware in the wild as phishing and ransomware is a lot more profitable for malicious actors than boot time malware.
>And when has it ever been the case that it prevented you from installing Linux?
This was always the case ever since secure boot launched and any OS that didn't have it's first stage bootloader signed by Microsoft could not boot. Even To this day, to install arch or puppy on my XPS i had to disable secure boot. Ubuntu and other major distros are fine here though but this gate keeping doesn't make it ok in my book.
But this is kind of a circular problem, isn't it?
If everyone's bootloader is signed and recognized by every Secure Boot implementation, then signing is useless since it doesn't afford discrimination between "known good" and "dubious" bootloaders.
I'm not familiar with XPS computers, but to me what's important, as another sibling says, is that the user be able to load their custom keys with which they sign their own bootloader. This is how I run Arch on my HP computers.
This way, I can be reasonably sure that when I boot my arch linux, it's actually mine, and not some random live medium based of arch's (or whoever's) install disk that will sniff my passwords or whatever.
To me, this is what SecureBoot is supposed to offer, and I don't see how you would implement this if you could easily get anything signed and accepted by most PCs.
Like I said above, this and stuff like management engine and TPM makes perfect sense in the enterprise environment where the owner of the device (the employer) is different than the user (the employee), so IT needs to strictly control what's running on the devices they trust on their infrastructure, but why should we expect home users to have to sign bootloders to use whatever software they want as they're both the users and the owners of the devices and the network infrastructure in their homes?
But the thing is that, like it or not, most people simply don't care enough, so they'll just use Windows. I remember a while ago, when there were many live CD-based distros and there was no such thing as SecureBoot, people wouldn't even be curious to give Linux a spin. All it would have taken was to pop a CD in the drive and boot up. To paraphrase another commenter, I think many people feel the same way about their PC as their washing machine: just another appliance. Of course, lock-down platforms don't help instill curiosity in people...
So you get, roughly-speaking, two populations: those who care and those who don't. And usually, those who do care are curious enough to follow a few simple steps to disable SecureBoot for the installation and then set up their own signing process.
But I stand by what I said earlier: the process cannot be fully automatic, or it defeats the purpose. But I do think that willingly making it a pain is wrong.
That's exactly because widespread secure boot has made it impractical!
As for niche Linux distros, it's been mandated since the beginning that you can install your own Secure Boot keys on Microsoft certified desktop platforms.
> it's been mandated since the beginning that you can install your own Secure Boot keys on Microsoft certified desktop platforms.
...on x86; on ARM they mandated that the user couldn't install their own keys, which shows that they will lock users out as much as they think they can get away with.
Depending on the demographic, they can: get caught up in during some (possibly unrelated, likely automated) attack, click the wrong ad, or load the wrong common page with JS.
IME does not affect your average user at all, so I'm not sure why you'd bring that up.
>remember how enabling secure boot originally meant you couldn't install any linux distro?
A lot of people were spreading this FUD back when secure boot was being introduced. It was a lie back then, it is a lie now.
> rather than add any meaningful security (will TPM and Secure Boot prevent grandma from getting her PC infected by malware off some shady phishing site? No? Then don't force those requirements for private users)
Secure Boot essentially killed off bootkits, that's a significant achievement. Perhaps you should learn what these technologies are actually used for before attacking them?
Those who own the keys own the machine. We must ensure we are the ones holding the keys at all times or suffer the consequences.
I do not recall giving the keys to anyone, and yet it feels like the person building your house is telling you that they can pop in for dinner and lock you out should the need arise (deny you the ability to run your choice of software and your control is forfeit).
There is something flagrant when the question is brought home to the personal computer. No user complains too much about not being able to replace the firmware for some faraway BGP router, yet that router is also part of the infrastructure like the PC and the OS installed on it. If a consumer thinks about the PC less as providing a personal computing service and more as an Internet terminal, then the problem goes away a little. Naturally, the PC does both, but since the two are at odds with one another, the PC has conflicting interests, serving two masters.
A similar issue exists with cell phone debug, where the carriers log into your phone to troubleshoot. Granted, debug is control for the sake of helping the user and does not deny the user the ability to run software (the OS and app store do that).
This just leaves the problem of where can a user actually go to do secure compute. An abacus works nicely, but is impractical. Free open source hardware (FOSH) is really the only option.
The originators of the idea were thinking of DRM and came from the content industry. I don't think it's a neutral technology at all.
You cannot be serious. How do I know if this can happen to me?
> Free open source hardware (FOSH) is really the only option.
> No user complains too much about not being able to replace the firmware for some faraway BGP router
The network is a very clear line to me. The BGP router is not my computer. It's the ISP who should be demanding free software from their hardware manufacturers, so that they too could enjoy complete control and trust.
> If a consumer thinks about the PC less as providing a personal computing service and more as an Internet terminal, then the problem goes away a little.
In these cases, the user is not using a computer. They're using appliances that just happen to have computers inside. Modern consumer products make every effort to hide the computer. There is no computing freedom if there are no computers we can use.
We must oppose all "consumer" products, all "fully integrated and converged" solutions. Computing is about simple parts in the form of hardware and software; from these parts, powerful systems emerge. Consumer appliances are these whole things that have swallowed up the entire system. They are indivisible, non-interoperable, uncontrollable, they only do what was foreseen by the corporation that made them despite the perfectly capable computer inside. I can't interface directly with the computer controlling my air conditioner, I need an infrared controller for that.
This article is linked from Stallman's website, it covers this matter with a lot of depth:
> We are giving up our last rights and freedoms for “experiences,” for the questionable comfort of “natural interaction.”
> But there is no natural interaction, and there are no invisible computers, there only hidden ones. Until the moment when, like in the episode with The Guardian, the guts of the personal computer are exposed.
> Every victory of experience design: a new product “telling the story,” or an interface meeting the “exact needs of the customer, without fuss or bother” widens the gap in between a person and a personal computer.
> The morning after “experience design:” interface-less, desposible hardware, personal hard disc shredders, primitive customization via mechanical means, rewiring, reassembling, making holes into hard disks, in order to to delete, to logout, to “view offline.”
I doubt I will activate TPM on my home PC as it doesn't offer much security to me. You can already say that some services will use remote attestations and I think these services can do without me.
> Now you know. Windows 11 completes the lock-up of the OS.
Stallman and others talked about exactly this 15+ years ago.
There's another part to the exclusion of old hardware, which is that modern chips are a lot more reselient against crashes according to the telemetry Microsoft collects. The same is true for secure boot and other security lockdowns every Linux user disables. You could make the argument that this means that Microsoft is failing to provide stability for this older hardware, but it doesn't necessarily mean that it makes business sense for MS to put money and resources towards resolving the issue. Not making Windows 11 available on old chips doesn't hurt sales, helps them boast with great stability and security statistics and barely makes a dent in their reputation. Most people with a negative opinion of the company here were hating on Microsoft long before Windows 11 was even announced.
The TPM story makes sense from a Windows Hello standpoint. I don't think there's any doubt that the hardware trust system is more secure than the previous system. However, that trust is completely useless because Microsoft STILL doesn't enable Bitlocker unless you pay extra. It's current_year and Microsoft still hasn't brought data security to the masses. This is an area where proper use of the TPM can be benefit users massively.
Linux is having the exact opposite problem, I want to use my TPM and secure boot to leverage the hardware security built into my devices but it's as if every part of the Linux boot chain has implemented some kind of limitation to make the process difficult. Bitlocker works great, and I want it on Linux too, but nobody writing code for the Linux ecosystem seems to share my preferences here.
So it was/is recommended to use a pin/key and/or recovery key to ensure the security of the data. Unless your only threat model was to protect against common thievery and assume the attack had no technical prowess (and that’s perfectly fine, I do this for my company). Not to mention they were kinda used as a warranty canary for Truecrypt . There were suspicions that nation states may have hardware bypasses worked out.
Later there were implementations of hardware encryption found to be vulnerable. So even now bitlicker does everything in software by default. 
So I understand why FOSS devs would rely more on standard practice (shared keys) with LUKS and not embrace hardware enclave options like TPM. They haven’t been the most reliable over the long term and are harder to patch/fix.
Bitlocker is still vulnerable to key exfiltration attacks because it's not using any encrypted communication protocols that exist in the TPM standard, but that can be (and should be!) fixed.
In the end, I use encryption to make sure nobody can just plug in a flash drive and copy all my personal files and passwords off my laptop. If they have the time and tools to exfiltrate the security key through the SPI bus, they probably have the means to install a hardware key logger in my keyboard as well. The attacks against TPMs are out of scope for my threat model and honestly they probably should be for anyone but businesses carrying secrets as well.
If the United States or China wanted my passwords that badly, they'd probably just drug me or hit me until I hand them over. Defending against such adversaries requires more than just encryption, you'd need to use something like Qubes and alter your entire lifestyle to be secure.
What I want is to have a Linux system where I can turn it on without a password and have a good reason to believe that my files weren't compromises by the maid and that the OS didn't get keylogged. That requires several parts working together.
Getting secure boot to work is easy enough these days, but once you get through secure boot you're in for a challenge. I don't know of any stable bootloaders that don't allow you to edit the init binary to /bin/bash to give you a root shell from the menu, which is a requirement for the ease of use Windows provides. I also don't know if it's even possible to get a chain of trust from initramfs back to the hardware like Windows allows for. The *BSDs seem to be doing some kind of checksumming, but I don't know how far Linux is along with this.
In my ideal world, you get prompted on how to encrypt your Linux system upon install. "Disabled", "Automatic" or "Secure", with a note that "secure" is probably what you want if you can't pick but you have to provide a password at boot. I'd also like for popular distros to switch to full disk encryption because the unencrypted boot partition defeats half the point without secure boot and custom keys (which nobody actually uses).
Microsoft proves that this can be done, although their default allows for booting without a password a bit too easy. If you buy Windows with a Pro key, they'll encrypt your system in place with the click of a button. Everyone can set it up, and in many cases it's even the default. This is a basic usability security feature that Linux just can't compete with, and in my opinion that's a shame.
> modern chips are a lot more reselient against crashes
I think it has something to do with the modern instruction sets being kinder to the kernel and the fact that on computers with recent processors certain processor features are enabled in the UEFI config by default more often, but I couldn't tell you which features that would be. My hunch is that I has to to with stuff like virtualisation based security and the like?
If a program crashes on an older CPU, it damn sure will crash on a modern CPU just as well.
Not necessarily; if the crash is caused by an instruction that's absent on older CPUs (for instance, trying to use an AVX2 instruction when the most the CPU has is SSE2), it will work on a modern CPU but crash on an older CPU.
Why would you present Microsoft PR as fact?
Sort of a side point, but this got me wondering...Is there something inherently less stable about these older chips, or maybe is their stability somehow a function of their lifetime that would really matter here? My own anecdata (which is from a far smaller dataset than what I imagine Microsoft would have access to) would suggest that this isn't really the case, at least for anything otherwise capable of running something like Windows 10 or Windows 11, but I'd be interested in reading more about it.
Is it that old systems tend to not be physically maintained as well thus resulting in cooling issues and more overheating?
Is it that these "crashes" are application crashes due to the attempted execution of instructions in (newer) x86 extensions not implemented by these (older) chips?
Whether it's because only newer chips without wear and tear come out on top in these statistics or because there's something in the hardware itself, the perception that Windows 11 is more stable is something Microsoft can market. Dropping chips that lack certain instructions also make their support and testing workload lighter. In the end, the quality and range of support Microsoft provide for their operating system depends on how much money they can make off their sales. If their losses from the move are lower than the cost of supporting older hardware, it's a decent business decision to do the unpopular thing and drop support. It's a private company, after all, focused on making their shareholders money.
And the said company would oblige to help NSA getting access to some users data.
Both China and Russia demand users with sensitive information to use their own operating systems and they also build their own hardware because they don't trust the hardware.
Everyone just buys the ABC company's TPM to put it into their heads and out of their minds.
Perhaps you will be the first person to actually prove the existence of the NSAKEY backdoor? (I doubt it.)
Any hard evidence for such a backdoor wouldn't really change anything towards Microsoft for me.
We’ve seen NSAs incredibly cool 0day exploits leak, we’ve seen some of their backdoors exposed, but so far there hasn’t been anything indicating a desire to backdoor Windows itself.
If MS or Apple or Google or some hardware makers or some communication equipment makers have some backdoors for NSA, why would you think they would do such a poor job that anyone can pay $20k to prove it?
AFAICT it doesn’t, you can’t hit those code paths unless you already have access to the machine.
(This is a pretty unfair example though, _NSAKEY is the “Bush did 9/11” of backdoors.)
In Python, Microsoft employees (who don't develop much ...) have two seats in the Steering Council and GvR, who still seems to pull strings.
Opposition on the mailing lists is shut down ruthlessly and is censored. The new "JIT" project has all the hallmarks of NIH and will end in minor insignificant speedups. The C# guys will be amused.
This would be stupid. People use Windows because it's usable and because they can use software they want. But forcing the users and developers going through an app store won't be taken lightly neither by users, nor by developers.
If Adobe and Autodesk would sense something like this is planned, they would start porting their software to Linux. Microsoft doesn't have a chance to lock their system down. What would be the next step? Use Windows only on MS hardware? They can't pull an Apple and I think they've realized it.
Most people already use computers that, by default, only allow them to install signed software through app stores. For perhaps a majority of them, that's their primary or only computer.
macOS is even more locked down, but they don't impede or force users to use Mac App Store.
What I infer from your observation is that closing down Windows could also adversely affect Mac users, since Apple would not miss this opportunity.
Apps need to run/execute in an open source runtime environment that operating systems can choose to integrate...and would need to if they wanted to run any of the applications on the market. The browser is not the answer.
Once these guys get settled in they are going to push for regulation that will somehow preclude people from using Linux desktops.
Only way to stop this is to react strongly, so if most users are apathetic like you then it is inevitable. Of course I believe that you are right and most are this apathetic, so from my perspective this is inevitable. When they roll out the enforced appstore you will say something along the lines of "but this appstore is secure and I can get all the programs I wanted from it anyway, and even if I couldn't would I really want an insecure program?".
iOS is and has always been a closed platform. We knew that the day they announced the first iPhone and they have been consistent in their messaging about that ever since. iPads and iPhones are globally successful though, far more so than the Mac, and with a far wider target audience that encompasses most people. It would be great for power users to be able to side-load without jailbreaking, but there are plenty of less technical people out there for whom side-loading actually presents much more of a risk than a benefit. That’s what makes it a complicated issue.
The Mac, on the other hand, doesn’t stand to benefit from that same closed model in the slightest. The real target audiences for the Mac (i.e. software developers, professional photography/cinematography, music production, publishing) all live and depend on software that requires flexibility, plugins etc and they stand a much greater chance of knowing what they’re doing. They would walk away from Macs in an instant if the platform stops being useful to them.
Apple Silicon was the perfect opportunity for Apple to close the platform if they really felt strongly enough to do so, but here’s the thing: Microsoft tried to do it with WinRT, it was an absolute disaster and the market spoke accordingly. It doesn’t seem worth the risk.
Didn't the phone launch without an app store an web/html based apps?
Only if there was a better alternative. That is the point, both Microsoft and Apple works towards there not being any better alternatives out there. It wont happen in 5 years, but almost surely in 20, as they have to do it slowly enough for all major programs to get into the appstores.
Just have to slowly make it more and more difficult shipping software that isn't in their appstores. Then you start paying for exclusives, imagine if Apple paid photoshop to only ship in their appstore and not distribute indipendent binaries for macOs for example, people would quickly learn to use the store. Ship cheaper variants of the OS with only access to the appstore etc. There are so many ways for them to reach that destination, and 20 years is an eternity in this space.
Valve established their Linux presence because they thought MS might force developers ship only through appstore. What is stping others to make the same move if they sense the same danger? Big software companies won't be dilighted to be forced to use the app store. Nor would smaller companies.
So we will see the rise on Linux on the desktop.
Apple has about 26% market share on mobile globally, that's not exactly market dominance.
Them locking down the platform limits piracy, which is one reason why developing for iOS is much more profitable for many kinds of apps, which causes better apps that drive consumers to the iPhone. That's the reason they put so much energy into locking down the platform
Maybe we should have some company lock us in our houses for safety? You know, if you wander outside you might get robbed.
I don't like how Apple locks down their phones, that's why I prefer Android. That doesn't mean I can't appreciate why they do it and why some people might prefer it.
.. yet. The notarization and signing requirements are steps towards that; there's an escape hatch, but they could close it when it suits them.
They briefly pulled Epic's desktop signing keys, which they promised were for security only, over an unrelated iOS business dispute.
There was no “unrelated iOS business dispute”, Epic was simply using their keys to sign software that they had agreed not to sign. Epic made it clear that they can not be trusted with signing keys, you can’t claim that this is unrelated.
Epic could have sued Apple and proceeded with their business dispute without abusing their signing keys, but instead they made a calculated decision to abuse their trusted position for a PR stunt.
Even if you fully agree with the position Epic is pushing in their lawsuit, these facts remain the same.
Epic never abused their desktop signing keys, which are stated to be for security only, what are you talking about?
Apple did more than that too, they also briefly pulled their Apple logins, which they had surprise mandated on everyone who allowed third party logins. They went full mask off.
Epic made it clear that they can’t be trusted with any kind of signing keys.
Epic promised not to do certain things, but they decided to break that promise. You can call that a “business dispute”, but that doesn’t portray Epic as any less untrustworthy. Epic obviously can’t be trusted to not abuse their signing keys.
Why should Apple allow a known untrustworthy party to sign OS X apps? Honestly, the idea that you should somehow separate these things is probably the stupidest thing I’ve heard during all of my years on HN.
Apple even promised: security only for keys on desktop, none of their iOS control games.
They do for iOS, though? I'm not convinced we won't see something similar for desktop (possibly with an "opt-out" for power users, where you can manually sign and accept binaries - much like you can build a dev build of an ios app, but not distribute it).
Until now. And because it faced competition from Windows. If they gain some market share, they will.
For what it's worth, it looks like macOS tends to support hardware that's up to 7 years old and macOS versions tend to stay supported for about 3 years.
My guess is that by 2027, all Windows and macOS releases for non-enterprise users will either require a TPM or be out of security support, and governments will start banning the latter versions from accessing the internet.
(I realize this is a slightly different goalpost, but I’m not GP.)
I don't think it should have been required for Windows 11, but TPMs are a useful tool for mitigating brute force attacks.
That way, you can leave Secure Boot enabled. However, leaving the secret part of MOK on the machine and let the dkms or whatever updater of kernel modules to use it unattended kind of defeats the purpose.
I'd say about as much as Intel's Management Engine. /s
That definitely counts for a lot. It's just a shame that they can't let that stand on its own with their current marketing.
Except of course some older Surface line hardware, because why even be subtle?
WINE and the very popular/well maintained Linux distros have gotten so good in recent years that the scenario is nearly identical to Windows + WSL2, except with the DE reversed.
And WINE is never going to run entirely as smooth/easy as regular Windows, though it's pretty damn close.
I prefer Linux DE, both for aesthetic and resource (but mostly resource) purposes.
I think Win11 looks great despite internet's opinion, but wow-ee I cannot justify/cope with the amount of resources (modern) Windows takes just to idle and run explorer.exe
Now -- OLD Windows? Windows 98, Windows 2000? That was (is) some good stuff.
ReactOS recently released an x64 compatible build and I've booted into QEMU with it and toyed with the idea of trying to use it as a daily driver/work, even for a week as an experiment.
Feels nearly identical to Windows 2000 or so.
Can check news announcement here and get the x64 MSVC build from the nightly page + boot into it using QEMU or whatnot (I used LiveCD to test):
I doubt it’s really an option for 99% of people who need Windows for serious work.
Off the top of my head, I've gotten:
- Ableton Live 10
- FL Studio 20
- A lot of popular Windows games
To work without any bugs (Borderlands 3 had a bug loading an asset once)
The one program I couldn't get working with WINE was Studio One 5.
Ableton and FL Studio are multi-GB programs with dozens of .dll's, really complex -- and all I had to do was:
So yeah it could just be a crapshoot as far as what works. Maybe it winds up that a lot of the apps you personally use/need don't run at all, which would really suck =/
But WINE sees constant improvement, including contribution from Valve who have a vested interest in Proton for running games. Not to be cliche, but it's always improving.
(I've never used the paid Codeweavers product which is supposedly better, so can't comment on that one. Maybe someone else can chime in with recent experience if they have?)
It will be the same driver dance and boot loader stories since Linux exists.
In spirit, I love FOSS, though I won't cripple myself by sticking to if something that works better for me comes along/use it to my own detriment.
In fact, I would be willing to pay a good amount of money for Windows 98/Windows 2000 with a modern kernel, x64 support, and icing on the cake would be a Linux shell.
If there was "Ubuntu: Windows 2000 UI Edition" they could take my money.
It wasn't really feasible (IMO) until they put out that initial x64 build in August, but in my ignorant understanding with x64 compatibility there's nothing stopping someone from running VS Code or whatnot on there right?
What're your opinions on ReactOS?
The 30 minutes I played around with it on QEMU were amazing.
We've truly regressed so much in functional UI design. I genuinely felt able to focus better because there was less "going on" on the screen. Felt like my brain wasn't overstimulated with visual information.
Switched from 10 years of Debian-based linux (mostly Ubuntu, recently Pop_OS) to Windows because of some MIDI driver thing I could not get to install in WINE.
I have had a significantly less pleasant time on both Win10 and Win11, and it's slow as hell. Ubuntu/Ubuntu-derivatives with Regolith as a DE + Tiling WM is the best computing experience I've ever had
(Disclaimer: Have never used a Mac. Have been told OSx is better than Linux by people who have used both for long time.)
The ironic thing is that, I later had a passing convo with a developer of a DAW, who told me that MIDI driver stuff is usually for running specific software from the vendor and that MIDI is universal over USB.
So I never even needed to switch in the first place! I was just too hardware-stupid to know this!
Oh man it hurts my soul.
I could switch back but it takes a whole weekend to properly backup + wipe and setup a machine. I think I am going to go back to Pop_OS or Ubuntu though.
As someone who used both for a long time, I would agree 2-3 years ago, now though I'd say I prefer Linux. I do really love the new m1 macs in term of temperature control and performance though.
The advantage of Linux is that when it doesn't work it's much easier to diagnose and fix by yourself, that didn't use to be a problem on macs because Apple's QA was much better and they were pretty stable (if you skipped the first 3-4 months of a new OS release) but nowadays, it's a lot less stable, my mac cannot even go to deep sleep properly (which ironically used to be a major pain on linux) and it's just a black box that's hard to diagnose but doesn't work well enough to justify it being a black box. And for the mac, I used to use things like SIMBL to modify the system exactly how I liked it but all of that has been slowly removed by Apple. Now I just want the flexibility of Linux.
> "I would agree 2-3 years ago, now though I'd say I prefer Linux"
Call me a heretic, but I am jealous of the M1 performance-for-price being outside the Apple ecosystem and have thought to buy an M1 laptop and wipe it + put Asahi Linux on it hahaha
It's a bit the straw that broke the camel back. As time went on, little things became more and more aggravating.
I'm eagerly watching Asahi Linux's progress :)
Active Directory - The centralised control it gives corporates.
Games and DirectX - Although this seems to be getting to be less of a reason.
Backwards compatibility - Windows 16 bit apps are now dead, but you can take the VB6 code I wrote pre-Y2K and run it today.
Linux fragmentation - It's difficult to support all the Linux variations with a single binary (or at least it feels that way to me) I suspect it has a very high support cost. Related to this is the GPL and it's potential to force release of source code.
you don't have to bother with the console. Everything can be installed and run with a mouse.
Don't take me wrong. I understand the good sides of console programs. You can do a lot there but your average user doesn't care.
That sort of thing would be a small (though very irritating) waste of time for many of us on HN but it could have been a showstopper for other potential Ubuntu users who aren't technically inclined and just want a system that works.
Unfortunately in my experience that still sums up desktop Linux in a nutshell. You probably can fix just about anything if you know what you're doing. If you do, you get the benefits that come with running Linux, including avoiding the kind of controlling behaviours we see from Microsoft and Apple in their desktop platforms these days. But the reality is that most normal people won't know what they're doing to that degree and so can't fix the problems.
So continues the cycle where "normal people" don't use Linux and so there is no big market for commercial applications and so most commercial applications don't run on Linux and so "normal people" don't use Linux.
> Ubuntu Software Center is a one-stop shop for installing and removing software on your computer.
> It is included in Ubuntu 9.10 and later.
> - https://help.ubuntu.com/community/UbuntuSoftwareCenter
"Should" being the operative word unfortunately. It clearly wasn't installed by default for this machine that had been upgraded through earlier versions (starting around 16 I think so well after 9.10), nor was there any obvious indication to the user that it was missing and available to be added.
There were some other oddities after that upgrade, for example Firefox no longer appearing for one-click launching from the default UI layout when it had before, so the lack of Ubuntu Software (and, apparently, its underlying apt package) wasn't the only anomaly. It just wasn't a polished experience that a non-technical user should have to deal with.
I understand your frustration!
In fact, there are apps that can do that automatically. Admittedly these apps tend to create not very good UIs, but the point is that it’s not hard at all.
When my Asus Netbook dies (1215B with XUbuntu), the next UNIX travel laptop will be an Air.
So you can spare the talk about how much GNU/Linux has progressed, since I see it every time I take that netbook into use.
> "Maybe Linux on the desktop doesn't suit your individual needs, but you seem awfully combative about it on the basis of your specific niche."
Ideally an OS should have tools for everything. Though I'm not certain if "Graphics Programming" means like GUI in C++ (pjmlp often talks about C++ Builder and C++/CX, so I believe he means that kind) or programming GPU's via CUDA. I don't think it's the second one -- Linux is much easier for GPU stuff (IE most ML projects/tutorials are only set up for Ubuntu) than Win.
I imagine the argument stems from a lack of Visual Studio equivalent on Linux. It looks like the only version that runs properly on Linux is VS 2005 -- LOL!
If you work with some of the Visual Studio specific tooling around things like XAML or C++/CLI etc, yeah there's absolutely no substitute.
It's like Sketch on Mac (god I hate that company for being Mac-only) or Xcode. You're SOL, better buy a Mac.
Lettuce pray for the day WINE is good enough to run Visual Studio.
I do think it's a little reductive to discuss Linux struggling with things like Visual Studio that are only relevant because Windows is relevant, but that is our unfortunate reality.
Have you ever considered that this "huge amount of users" might not care about graphics programming or usable UI/UX tooling, but that >99% of them sure care about either graphics (games, photos, video, digital painting, ...) or usable UIs and UX?
I'm using Linux all the time, and it's quite amazing how terrible anything Desktop related is. Who is going to fix that if the state of graphics and UI/UX tooling is so poor that it either drives away or stymies all the people with relevant skills to drive some improvements?
Linux has an obvious lack of contribution from designers, designers are employed for products, noone is making money selling desktop Linux as a product. Also, most designers aren't tinkering with open source software alternatives in their free time like developers do.
I also feel like I'm missing something because my experience on desktop Linux is way better than anything I've ever had on Windows or Mac, meanwhile everyone's saying it's unusable. Can't be easy for the handful of people working on desktop environments and the like.
 for literally any distro choice
 even when it isn't a hardware problem
I know what you mean, but in this instance the complaint is poor UI/graphics while the distro in question is using a very cut-down desktop environment (running in a VM).
> "which to this day still doesn't provide a proper experience to anyone that cares about graphics programming and usable UI/UX tooling."
Not one of those raving Linux zealots (don't really care that much about privacy), I've just had positive experiences on Linux -- not using it masochistically for ethical reasons, but because it worked very well for me.
So I would be interested in hearing the other side of the coin, since you've been around the block a time or two.
> it's actually a decade-old hairball which significantly harms the experience and can't be fixed cleanly under X.
This is literally the whole argument for Wayland - things that can't be fixed under x11?
I suppose the only answers here are qt or game engines like godot/heaps.io etc - and they probably aren't as good as windows. But it's a little tricky to know exactly what you mean.
> When my Asus Netbook dies (1215B with XUbuntu), the next UNIX travel laptop will be an Air.
> So you can spare the talk about how much GNU/Linux has progressed, since I see it every time I take that netbook into use.
If you're looking for a "windows desktop replacement", you should probably compare it to one of the "big" desktop projects - ie: Ubuntu standard desktop (not a spin, like xubuntu), Red Hat or SuSe.
It's also not clear which version of xubuntu you're running - 20.04 lts?
Personally I think 20.04 with Wayland and pipewire has made great strides as a "just works" Desktop - and I'm looking forward to the next lts (pipewire baked in, hopefully).
That said, I doubt much will beat an m1 Mac in the near future, if you're happy with apple/macos.
It is the best cross-platform C++ GUI framework, but nothing specific to Linux per se.
Thanks for educating me on Linux distributions, pity that I have been using them since 1995, and yes it is the LTS version, it tends to break less.
VMWare is crippled performance wise, doesn't detect autorotate, and using it in full-screen requires me to resize the VMWare window every time I reboot the VM.
VMWare also doesn't detect all the buttons in my mouse.
Vast majority of people use Windows because it comes preinstalled. And it comes preinstalled for business reasons that are very hard to counter or reverse.
The only way to weaken Windows is through legislative measures and that ain't likely to happen.
I'll never trust BitLocker or anything that relies on TPM to encrypt any data I actually care about not being compromised (read: my very personal data, not work data).
A much more likely explanation for TPM is that it can enforce weak and vulnerable cryptography at a hardware level. It's an open secret by this point that the NSA weakens elliptic keypairs to make them vulnerable to differential cryptanalysis. With TPM, software can now be forced to use hardware crypto, which is almost always weaker than the programmable software crypto we had before.
Desktop revenue from apps is small and will get smaller. MS gets that the web will continue to grow larger.
I just don’t believe the App Store angle. I don’t think Satya does either. The cloud runs the company now. They did this for a different reason. I just feel like people aren’t even trying to reason through what it is.
Open source solutions may also meet a hindrance when they somehow collides with MS's line of business (postgres).
Theoretically Microsoft can get a cut from adobe subscription (no longer puchase, screw them too). They can also potentially force valve or epic for a fee or shared revenue, which is why steamOs are there. Netflix and spotify are also potential targets.
Then no telemetry can be published if MS said so, forcing third parties to deal somehow with MS.
And then, sure there's Adobe, but 99% of apps are pure web apps. No desktop client needed. Netflix Windows dekstop usage is small compared to their webpage and if MS pushed hard on this, they could just pull the app altogether.
The app store angle just isn't going to be this revenue monster for them long term. When I look at my desktop the only apps I have open are Microsoft and Adobe apps. That's it -- and the occassional game.
IMO, I think the thing they should care about the most is preventing ransomware/malware on their devices. Apps will be in the cloud, but the entry point is the device. Enterprises will want to have the most secure and easy to use entrypoint.
We tried to tell you, but you were too busy playing your dumb DirectX games. It's not that those same games could not have developed for Linux, though.
Let's see how long you tolerate having to kiss Satya Nadella's ring every day now that you have forced choices.
People have been saying that forever. At our company we rely on windows backwards compat to run older commercial software which has saved tens of thousands of dollars for us. It seems to me like people are not exposed to a large swath of the computing landscape that uses industry specific commercial software that isn't going anywhere.
Also who are the "lemmings" in your analogy? Hopefully you're not referring to normal people who make rational decisions based on their needs.
At least Google is planning to lower their 30% commission for a bit.
It's been years but Linux remains much more badly sidelined compared to working under BIOS, rather than UEFI.
TPM is to hasten the demise of Windows 8 & 10 and the hardware that dragged them in.
Numerically developer desktops aren’t significant, but mindshare is.
What is the problem with using it? My non-technical relatives are quite happy with their Debian which I installed for them.
How did that end up? Well, turns out that they can now safely be called clowns.
"Crazy conspiracy!" He yells between two heavy gasps for air.
I sure hate to be able to kind of trust my computer http://0pointer.net/blog/authenticated-boot-and-disk-encrypt...
As long as I can't extract the Endorsement Keys from a TPM I legally own you are not convincing me otherwise.
Microsoft really thinks they can compete with platforms like android or iOS, i have to say: Thank you Microsoft!! You accelerate the downfall of Windows! No one will need you in the future, Adobe on M1(Apple), Development on Linux, Gaming on Linux, Workstations Linux maybe some Apple.
Out of the bunch, Microsoft is the only one that even allows custom kernel drivers, since Apple deprecated them with macOS Big Sur, and iOS/Android never really allowed them.
>Microsoft is just late to the game, and it's slowly catching up.
Why do you think people want yet another platform but in the Microsoft-verse, you choose Windows because it's open and you can run ~every application on it. There is no catching up by closing down your hard-ware framework (aka OS)
For those few that want to test things or run custom drivers, they can still disable driver signature enforcement, but some features/apps might be unavailable in this mode.
But on the other hand people also use Windows because its the default that comes with their new computer. (Not talking about HN community, talking about regular Joe) As long as Microsoft keeps lobbying OEMs to include Windows and there's no good alternative (looking at you, non-tech-savvy user-friendly Linux distros and major software vendors like Adobe, Autodesk etc, they will only keep locked to using Windows.
I'd love to see an alternative world where everything has an equivalent open-source software that people can switch to, but let's get facts right, many open-source software is inferior to their counterparts (especially on the design/photography world against Adobe).
Keep in mind that software doesn't need to be open source to run on Linux. Developers can still support the Linux ecosystem by creating/porting proprietary software for Linux, and users will consider it when they choose an OS.
Examples of proprietary Linux software that is used professionally:
- DaVinci Resolve (video editing suite): https://www.blackmagicdesign.com/products/davinciresolve/
- Bitwig Studio (digital audio workstation): https://www.bitwig.com/overview/
- JetBrains Rider (IDE for .NET): https://www.jetbrains.com/rider/
True, but if Windows cannot run the application regular Joe wants, people will just switch to Chrome OS or Apple or Linux (wine?). Sometimes regular Joe's uses more exotic Software we can imagine, and they choose windows because it runs on it since 25 years. Just some examples i have seen:
-VisualBasic 6 (for model train automation)
-A 20yo siemens software for relay automation
-A ~25yo CNC maschine (Windows software to convert CAM to N-language (self-written postprocessor again in VB6))
And much much more
Not sure about the solution.
However I don't think you can expect to run e.g. a machine controller on another OS.