They really should. Windows 11 has the bullshit “requirement” of needing SecureBoot so it can’t work on BIOS motherboards, only UEFI ones. This is different than saying you no longer support 32 bit CPUs. There’s no reason to require fucking SecureBoot. Seriously. It’s like someone saying they won’t sell you a TV if your house doesn’t have a lock in the door and then advertising their TV as secure because of that.
Your entire statement here stems from not knowing what you’re talking about. That’s OK. I’ll provide some insight.
Secure Boot is a security feature of UEFI that only allows trusted, cryptographically signed operating systems to boot. The nature of this prevents rootkits. Software that runs before the OS and injects itself. BIOS has many hard limitations and disadvantages over the modern standard that is UEFI. Your comparison going from 32 to 64 bit architecture is quite fitting. It’s not that different. There are many hard limitations and disadvantages to 32 bit. It’s unfit for today’s standards due to lack of features and security. All aspects of technology have to move forward.
Yes, but you could still buy a new motherboard without UEFI support a year ago, and there are still some units in stock online.
It’s way, way too early to drop support of an OS that is the latest version that can be run on hardware that current.
People who spent 3 grand building a computer in 2021 should be able to have OS support for at least a decade. They can’t upgrade their OS, so the latest OS they could purchase should be maintained longer.
Microsoft has nothing to do with the manufacturer of mother boards and if you chose one without UEFI in 2021 then you are free to choose Linux. I honestly haven’t seen a motherboard with out UEFI in about 10 years so I’m not sure what you are even talking about, especially on the high end.
Alternatively, this is perhaps the only way for Microsoft to pressure hardware makers to stop shipping BIOS motherboards. They won’t naturally go away unless there’s an incentive.
They absolutely should push manufacturers to stop using non-UEFI boards. And they should do that by not offering an OS for sale that is compatible with the older tech.
But they also need to support the customers who purchased Windows 10 near the end of its lifecycle without knowing that future upgrades would be impossible. Microsoft is forcing users with relatively new computers to replace them.
I know all of that. Tone down the condescension. That’s why it’s bullshit for Windows 11 to say it’s secure because of SecureBoot when in reality it’s a feature of your motherboard.
Having a mechanism that only accepts trusted boot binaries is pretty critical to fighting malware. Rootkits effectively have total control of whatever you decide to boot because of their persistence. When your hardware has its own security features (Secure Boot, TPM) why not take advantage of them to make the software you run more secure?
If you didn’t know, Android, macOS and iOS have their own TPM and Secure Boot implementations that have been enforced and present for over a decade.
And those secureboot implementations in mobile devices are frequently called out as primarily a way to prevent usage that the manufacturer doesn’t want you to do.
They really should. Windows 11 has the bullshit “requirement” of needing SecureBoot so it can’t work on BIOS motherboards, only UEFI ones. This is different than saying you no longer support 32 bit CPUs. There’s no reason to require fucking SecureBoot. Seriously. It’s like someone saying they won’t sell you a TV if your house doesn’t have a lock in the door and then advertising their TV as secure because of that.
Your entire statement here stems from not knowing what you’re talking about. That’s OK. I’ll provide some insight.
Secure Boot is a security feature of UEFI that only allows trusted, cryptographically signed operating systems to boot. The nature of this prevents rootkits. Software that runs before the OS and injects itself. BIOS has many hard limitations and disadvantages over the modern standard that is UEFI. Your comparison going from 32 to 64 bit architecture is quite fitting. It’s not that different. There are many hard limitations and disadvantages to 32 bit. It’s unfit for today’s standards due to lack of features and security. All aspects of technology have to move forward.
Yes, but you could still buy a new motherboard without UEFI support a year ago, and there are still some units in stock online.
It’s way, way too early to drop support of an OS that is the latest version that can be run on hardware that current.
People who spent 3 grand building a computer in 2021 should be able to have OS support for at least a decade. They can’t upgrade their OS, so the latest OS they could purchase should be maintained longer.
Microsoft has nothing to do with the manufacturer of mother boards and if you chose one without UEFI in 2021 then you are free to choose Linux. I honestly haven’t seen a motherboard with out UEFI in about 10 years so I’m not sure what you are even talking about, especially on the high end.
Alternatively, this is perhaps the only way for Microsoft to pressure hardware makers to stop shipping BIOS motherboards. They won’t naturally go away unless there’s an incentive.
They absolutely should push manufacturers to stop using non-UEFI boards. And they should do that by not offering an OS for sale that is compatible with the older tech.
But they also need to support the customers who purchased Windows 10 near the end of its lifecycle without knowing that future upgrades would be impossible. Microsoft is forcing users with relatively new computers to replace them.
that’s not really Microsoft problem though
I know all of that. Tone down the condescension. That’s why it’s bullshit for Windows 11 to say it’s secure because of SecureBoot when in reality it’s a feature of your motherboard.
Your statements made me believe the opposite. Though I wasn’t condescending. I said it was OK to not know.
Microsoft doesn’t say that. They state it adds to the security of your computer before Windows even starts. https://learn.microsoft.com/en-us/windows/security/operating-system-security/system-security/secure-the-windows-10-boot-process
Any device security is multi layered.
Having a mechanism that only accepts trusted boot binaries is pretty critical to fighting malware. Rootkits effectively have total control of whatever you decide to boot because of their persistence. When your hardware has its own security features (Secure Boot, TPM) why not take advantage of them to make the software you run more secure?
If you didn’t know, Android, macOS and iOS have their own TPM and Secure Boot implementations that have been enforced and present for over a decade.
And those secureboot implementations in mobile devices are frequently called out as primarily a way to prevent usage that the manufacturer doesn’t want you to do.