Wow, that's great (/s)! Next-gen ransomware can then finally allow zero-click payment of the ransom instead of all the convoluted "go to that site, register account, buy bitcoin, send to address X, don't forget to add gas,..."-mess.
Can you clarify what you had in mind for this? Are you imagining the ransomware would grab users' locally-stored credit card info?
In which case, is there reason to believe they'd actually be storing your card info locally? Isn't it more likely that after initially adding your card, it stays on MS servers as it does now, and this settings screen only gets sent the last 4 digits of your credit card?
Or am I misunderstanding and/or missing something obvious?
You can interpret my comment as part joke since I really hope that zero-click attacks on the payment method will not be possible, but also part "uuh, that can go wrong".
I expect MS to reduce the user friction to some minimum, since less friction = more users = more profit. But often security adds friction ("enter your payment pin or click here if you forgot it", "we need to verify your payment, please follow steps x, y and z", "Please enter the code we send to your mobile +15551234",...).
I imagine a low friction scenario in which the user only clicks a button to pay (e.g. s/he clicks an article in a newspaper application and have to confirm a UAC-style popup "Do you want to buy this stuff for x Pound Eurodollars?"). Even less friction if the user can allow an application s/he trusts to trigger payments without further user interaction (e.g. a pay-as-you-read newspaper application). A local attacker could abuse both scenarios.
So yeah, I could imagine that (given some bad design or implementation decisions) even while all the critical data is stored on the MS servers, a local attacker could trigger fraudulent payments.
Gotta hand it to Microsoft and Nutella. I was pretty bullish on them from, say, 3 years after Balmer left to about 18 months ago, but it seems like every single thing they've done since they started working on Windows 11 has been a cringey shitshow. Even the way they express themselves, and their advertisements, have - rather incredibly - gotten worse. For just one example, I was watching the trailer for the MSFS cloud service a few days ago, and the entire ad is just bullshit - nobody plays games like that, nobody sits like that, nobody holds their controller/device like that. It's like Meta and Microsoft both have completely lost their minds and don't habitate the same universe as me - I'm no Luddite, and it isn't even dystopian or Orwellian to me, it's just cringeworthy. And the problem for MS is, it isn't 2007 or even 2013 when it was properly difficult to completely get rid of all things Microsoft. The only 'must have' really is just Office, and I can still buy that standalone on my Mac and be done with it.
Anyway, the fact is that many people won't care and will use their products. That's just how it goes. But it truly is fascinating to watch as a moderately tech savvy person - not sure I can remember anything like this where a tech company in a position where it has a lot of industry/programmer goodwill has inexplicably fucked over its developer-base so often in an 18-24 month period. I mean, does anybody remember how 2 years ago Edge was the shit, seriously - it was like the best iteration of a Chromium browser, and then it was like Microsoft purposely torpedoed it. Same thing with Windows, and the TPM requirement is just the start. All of it is just bizarre.
>> Azure/Office365 was genius, its going to keep them in the black for many years to come.
I'm sure that was planned similar to OneDrive, which is an utter piece of shit. I got a laptop at work with some hundreds of GB of storage. OneDrive was automatically backing everything up (I didn't ask it to). But then I ran out of free storage space on OneDrive, so I couldn't save files properly anymore until I did something about that. They wanted me to pay for more storage. Keep in mind I still had over 100GB free locally. I disabled OneDrive. All my files seemed to disappear. My options were to pay, or find where they were archived and pull them all out and put back where I wanted them (documents, desktop, etc...). It borders on ransomware, except you can get your stuff back if you pay attention and take a little time.
Most people don't actually want cloud computing. They do want cloud storage though. What we need is for Western Digital or similar to create a personal cloud storage system that you connect to your own network. (I've got many ideas around this, including backup, sharing, etc).
I've had a good experience putting a technologically inept client on a Synology. Their support which was pretty alright as well the couple times I had questions.
I wouldn't use that at home though. FreeNAS or Nextcloud on ZFS only, thanks.
The consumer side i don't know but on the developer front they're doing pretty nice.. vscode is wildly used (and appreciated), .net is growing ok, typescript too. The github thing didn't turn out sour yet.
The next 10 years will be weird and critical because most new people on earth will be born outside of the windows ruling days. I think they're gonna pull the rug hard on any fat application ala MS/Office because it will be completely aberrant to "work" this way when everything you used since birth was a few swipe away.
Going after developers with excellent tooling has been part of the MS strategy since at least the 90s. MS knows that they need lots of 3rd party developers to make their own offerings more successful and that's why they're throwing them bones. They are still trying to lock users into MS products and services. It's always been a mix of direct and indirect vendor lock in - for example, proprietary data formats or no equivalent application/extension for competing product/OS.
I meant mostly that MS managed to revive its brand on this front. It was a secondary name after Apple / Google became flagships. I consider that a very harduous task. A lot of company could have shriveled and die a slow death.
It's not unreasonable that this could happen. SteamDeck, a full Linux PC, has exceeded expectations and many parts of Linux that were seen lacking only 5 years ago have caught up dramatically.
This isn't to say that competition has surged already (it hasn't) but Windows isn't in the bulletproof fortress it was in in 2009.
I do, on my desktop for gaming. Nothing can compete with Windows for that yet, especially when you’re playing competitive multiplayer games with anti-cheat systems.
Have a MacBook that I use for everything else though.
And if you’re asking why 11 over 10, it’s mostly for the UI improvements. I quite enjoy their new look and haven’t really found any drawbacks with the update.
Work. I work mostly on the Microsoft stack, and I haven't broken the habit of Windows powershell to move to Powershell Core yet.
When I got upgraded to Win11 I first switched up the UI to look like Win10. I made a copy of System32 so I could keep the scant few things which were unusable in their W11 version (namely snipping tool).
It's basically Win10 more or less now. With some annoying regressions in how Explorer works. I won't enumerate them here.
Why is this shocking ? They are copying macOS where this feature is already present. When Apple does it, it's just perfectly fine and (in Apple fan voice) - this so significantly improves the UX experience.
But, when Microsoft does it, OMG the SUN is FALLING.
I was thinking the same thing. Having payment info built into the os makes a lot of sense for my usage patterns. I like Apple Pay and I think that if ms does it well, this is a plus, not a minus, and I didn’t see any red flags in this article but maybe I missed something?
Have you been dual-booting? What's your experience been like, generally? I built my current desktop something like 5+ years ago, and have been thinking about building something new, with Windows kept as a second fiddle for when the few games I still play don't cooperate on WINE or Proton.
I've always kept a windows partition around, just in case things go sideways and for gaming. Proton is great, but not good enough for many games.
Dual booting can have odd effects on Windows. The strangest I have encountered is that windows shuts down when it thinks it is rebooting, and reboots when I tell it to shut down.
Other than that, no issues, though I always make sure when installing linux that I have Windows totally up to date (some mostly for firmware updates).
Manjaro and Pop_OS! are a breeze to install- resizing the windows partition is as easy as dragging a slider. It has been awhile since I have used something else, but I imagine any distro with a modern kernel and gui installer will be easy enough.
In fact, I recently picked up an lg gram (16")- some occasional graphical glitching I am blaming on wayland, but other than that, the hardware actually works better on linux than windows.
Thanks for the tips! As for Windows acting strange, I've heard that it can have something to do with 'fast boot' settings on the motherboard BIOS. Not sure if you've checked that already.
Have you ever seen Windows muck up the bootloader? I remember grumblings from some time ago, where it would cause grub to malfunction by making certain assumptions about the disk it was on.
> Dual booting can have odd effects on Windows. The strangest I have encountered is that windows shuts down when it thinks it is rebooting, and reboots when I tell it to shut down.
That is because it is not shutting down. Go in (power) settings and change the settings to always do a shutdown when you shutdown ( default is to hibernate) and disable fast reboots.
I think maybe you misunderstood what I was getting at.
When windows reboots during an update process, it says "rebooting" on the screen but actually powers off. Same goes for clicking "reboot" in the start menu.
When clicking "shut down", the screen displays the "shutting down" message, but it actually reboots the computer back to the OS selection screen.
I'll play devil's advocate and suggest that when one buys a Mac, one is already aware of the fact that it's more of an appliance and a subscription hub than an actual computer. Yes, it does all the regular computer things, but it's practically a loss-leader for Apple to keep you in the ecosystem (and I say this as someone who "owns" a M1 mini).
For Microsoft on the other hand, this is breaking new ground with Windows users. Microsoft has slowly been easing their users into a OS-as-a-Service paradigm, the next logical step for them is to require your credit card info (which to be clear, isn't required...yet) to continue to use the OS on the computer you bought outright. After all, the other major software players are pushing subscriptions instead of license purchases (Adobe, Parallels, Codeweavers, and Microsoft themselves with 365, among so many others), so why not charge a fee to use their preloaded and -- in the eyes of the average consumer -- required OS?
Where does it say that you need to provide CC info to setup a new user account? All I see in the article is that you can now add CC info in the user settings.
I clearly misinterpreted, so I retract. Use case does indeed seem pretty fair for people are are super bought into the MS ecosystem, I found it very frustrating how many places I had to log into windows 11 to get a new pc setup and running and this feels like a step in the right direction.
Edge literally offers you loans when you are checking out on a website. How is that FUD or edginess? Sure, it can be better for battery life, but they still took a "clean slate" browser that started having a pretty good reputation after the chromium switch and began slowly filling it with cheap adware.
Plus, it's one of the browsers that has the most telemetry to the point where it sometimes can phone back everything you type to MS IIRC. So It's not "hate", they just don't like it for several good reasons
I had switched to Edge for a year or two but was eventually pushed back to Chrome a few months ago because I got sick of how often they were shoving services I don't want to use in my face.
Plus it seems to have some kind of quality control issue. Pretty glaring bugs were making their way into the stable channel, and they wouldn't be fixed for far too long. There was a several week span (maybe even months?) where in Edge for Windows, clicking and dragging the scrollbar would make the scrollbar disappear and the entire web page would jut to the side. I don't recall ever having issues like that in Chrome, let alone as often as they happened on Edge.
And another minor niggling is the awkward update process on macOS. Chrome can just install updates in the background, then I click a button to restart the browser and the update is done. With Edge you have to do updates through their janky Microsoft updater application which you don't even install manually and can't seem to launch manually. It just appears when it wants to and then disappears again until the next time it decides to appear.
We already had anti cheat with quake mods in the 90's, aka everyone can host their own multiplayer game and spec games. Pre-steam quake and half-life had in game consoles where you can literally spec players, gather stats and observe players.
You don't seem to grasp you can't "prevent" cheating, most game companies don't care about cheating they care about if cheating effects microtransactions.
You don't seem to grasp, that the game industry has been stealing games for hte lats 23+ years, there'sn o need for mmo's, steam, f2p, those were marketing monikers invented by the game industry to kill PC games as local applications.
We already had infinite multiplayer networking engines with quake 2 in 1997. If in doubt check out this by mr carmack. That means if you bought any client-server game requiring user name and login account, you're being robbed and you should tell the FTC. DRM was literally them back ending apps to undermine local binaries.
(somewhat paraphrasing) "No limit to the # of players"
Tow or more computers networked together become and behave as a single machine. So that meanys any EXE can be broken into two programs and two sets of files and run over the network. It's called the client-server model of computing, or mainframe dumb client model.
You'd only commpile a program like that if your intent was to undermine game ownership on the PC.
AKA there is no special magical networking code that requires "MMO's" to be controlled by game companies, that was propaganda so they could just back end PC games and monopolize their own products to drive up game prices, sell mtx and prevent piracy.
The end goal from the entire software industry was to take us towards mainframe cmoputing with trusted computing chips policy unlicensed software so that executables refuse to run and any ways around it can be removed by forced bios and OS updates. Windows 10/11 is just the console method of DRM, aka newer games force bios updates if they figure out you found a way around their content protection.
In the PC space this was hard because we always had access to the raw bytecode in text, they want to kill raw bytecode by using encrpyted binaries and signed exe's, then if they get cracked, they can force via windows update with the pluton/tpm to disable it so the exe's wont play/run.
That was their end goal from the very beginning in 1997. They knew the public was computer illiterate.
What is trusted computing?
ow does TC work?
TC provides for a monitoring and reporting component to be mounted in future PCs. The preferred implementation in the first phase of TC emphasised the role of a `Fritz' chip - a smartcard chip or dongle soldered to the motherboard. The current version has five components - the Fritz chip, a `curtained memory' feature in the CPU, a security kernel in the operating system (the `Nexus' in Microsoft language), a security kernel in each TC application (the `NCA' in Microsoft-speak) and a back-end infrastructure of online security servers maintained by hardware and software vendors to tie the whole thing together.
The initial version of TC had Fritz supervising the boot process, so that the PC ended up in a predictable state, with known hardware and software. The current version has Fritz as a passive monitoring component that stores the hash of the machine state on start-up. This hash is computed using details of the hardware (audio card, video card etc) and the software (O/S, drivers, etc). If the machine ends up in the approved state, Fritz will make available to the operating system the cryptographic keys needed to decrypt TC applications and data. If it ends up in the wrong state, the hash will be wrong and Fritz won't release the right key. The machine may still be able to run non-TC apps and access non-TC data, but protected material will be unavailable.
The operating system security kernel (the `Nexus') bridges the gap between the Fritz chip and the application security components (the `NCAs'). It checks that the hardware components are on the TCG approved list, that the software components have been signed, and that none of them has a serial number that has been revoked. If there are significant changes to the PC's configuration, the machine must go online to be re-certified: the operating system manages this. The result is a PC booted into a known state with an approved combination of hardware and software (whose licences have not expired). Finally, the Nexus works together with new `curtained memory' features in the CPU to stop any TC app from reading or writing another TC app's data. These new features are called `Lagrande Technology' (LT) for the Intel CPUs and `TrustZone' for the ARM.
Once the machine is in an approved state, with a TC app loaded and shielded from interference by any other software, Fritz will certify this to third parties. For example, he will do an authentication protocol with Disney to prove that his machine is a suitable recipient of `Snow White'. This will mean certifying that the PC is currently running an authorised application program - MediaPlayer, DisneyPlayer, whatever - with its NCA properly loaded and shielded by curtained memory against debuggers or other tools that could be used to rip the content. The Disney server then sends encrypted data, with a key that Fritz will use to unseal it. Fritz makes the key available only to the authorised application and only so long as the environment remains `trustworthy'. For this purpose, `trustworthy' is defined by the security policy downloaded from a server under the control of the application owner. This means that Disney can decide to release its premium content only to a media player whose author agrees to enforce certain conditions. These might include restrictions on what hardware and software you use, or where in the world you're located. They can involve payment: Disney might insist, for example, that the application collect a dollar every time you view the movie. The application itself can be rented too. The possibilities seem to be limited only by the marketers' imagination.
Unfortunately, besides Office, my employer still has a much longer list of desktop and web applications that only work with Windows and Windows-only software (e.g. Internet Explorer). The most prominent obstacle is Acrobat, as we use fillable PDFs with smartcard digital signatures for all of our internal paperwork. Adobe stopped supporting Acrobat for Linux around 2013. I can't even view a lot of our PDFs with the alternative viewers, let alone fill and sign them.
Anyway, I agree to your point about Microsoft turning my opinion against them with all these things about Windows 11. I used Windows 10 at home quite happily from 2017-2021, and I even praised the new Chromium-based Edge to my friends and coworkers. I switched back to Linux when I got a new laptop in October, and I feel like I got out of the Microsoft ecosystem at the right time. I still need a Windows 10 virtual machine on-hand for occasional work-from-home tasks, though.
> For just one example, I was watching the trailer for the MSFS cloud service a few days ago, and the entire ad is just bullshit - nobody plays games like that, nobody sits like that, nobody holds their controller/device like that.
Anyone got a link? There are a ton of ads/trailers showing up in search but I can't find that one.
Don't get me wrong - the game is beautiful, but so much about it - the way updates are handled, the lack of proper 'deep' add-on support, and the marketing - are done in a way that is frustrating to the point that many users give up, so poorly baked that large developers (PMDG) have had to spend years on something that should have probably taken 3-4 months (essentially porting their 737 from FSX/P3D), or cringeworthy, respectively. I get that Asobo is its own studio, and people might criticise me for taking some pretty specific criticisms and generalising them to the entire company, but from the interactions I have had with Microsoft - Xbox Live, Windows, Office 365, the office iPhone apps, Outlook, Edge - those sorts of issues - frustrating, half/poorly baked, and cringeworthy - are elements that absolutely permeate Microsoft's entire product line. There'd be a certain charm to it if it was just cringeworthy and noting else, but the fact is their incompetence (or whatever it is) makes life harder than it otherwise would be - and that's a big no from me.
I mean, as a random aside, I've been a huge Flight Sim fan since FS9, with tens of thousands of hours in FSX, XP11, and P3D. MSFS should be the final word, but the fact is I haven't touched it in months and I'm just looking forward to XP12, with graphics that are from 10 years ago but with a fucking developer platform, and a developer itself, that just seems to 'get it'. Microsoft doesn't.
Like I said, I'm not predicting their doom as a company, but I think it bodes ill for them in the longer term as developers and even some users gravitate towards entities that don't feel like they're constantly working against them in frustrating ways.
I worked part-time at a gas station many years ago. When the chores were done, I'd often be reading the newspapers, or straightening things out, and I'd inevitably end up reading the labels of snacks and drinks and such. Eventually, I'd end up reading all of the asterisk'ed statements on the junk food, and it left me with a severe distaste for 'marketing speak', as well as how less-than-honest some of the labels were. This distaste carried over from snack food products to just about all consumer goods.
Windows 8 forced defaults that people didn't like on desktops. You could fix this relatively quickly, but my issue is the principle of MS assuming that MS knows better than their users. Otherwise, I was a fan, so long as I could use educational licenses for free.
Windows 10 was kinda nice, but is (imo) roughly when MS decided that they should force their ways on people. No matter what settings I provided to their update service, it would inevitably decide that I must update and restart when I was trying to use my damn machine. Multiple times in college, I'd get up from what I was working on to do some little 15-minute task, and find that Windows had shut down and was in the process of updating. After the second time I lost work, I made some registry edits to block the auto-install and auto-restart. Updates would get run at my convenience, finally.
Microsoft managed to make updates easy, and then painful again.
Around that same time, it felt like the 'marketing speak' was starting to talk down to me, infiltrating dialog boxes, and implying that Microsoft knew better than I did as to how I should be using my machine. When once dialogs were simply informational, they were now suggestive and intrusive, and groan-inducing. It's only gotten worse, and more pervasive.
I updated my PC a few times when trying to get Elden ring to work last week, and ran into the infamous full-screen not-normally-closable Edge advertisement. The 'close' button was disabled, rightclick in taskbar->close did nothing, and the ONE option available was to click 'Get Started', implying that I as a user agree with this all in some way. Instead, I killed the window via task manager, and decided that my next desktop PC will be linux-first, with a locked-down Windows partition for when cross-compat isn't available for my use cases.
I view an OS as a piece of software that allows me to make use of the hardware in my PC, and not as a service. Cue me, some years ago setting up something for Windows, and being told by the installer that "Windows is a Service". Bullshit!
> my issue is the principle of MS assuming that MS knows better than their users.
Web devs do this too when they decide to change scrolling behavior. One website I went to decided that 1 click should be half a line of scrolling and override my 1 click = 2 lines behavior. I'm just trying to figure out what would possibly make a web dev think overriding a user-defined setting with the dev's own personal preference is a feature. They had to go out of their way to spend time to develop that, which made me spend time figuring out exactly which JavaScript file to block with to prevent that from happening again.
> [win 10 forced updates]
Aggravating indeed, but I don't think Microsoft is entirely to blame. There are plenty of users that would just never update their systems if it wasn't forced. How many XP machines were vulnerable to MS08-067 for YEARS after a patch was available?
But yeah...I planned on doing a CPU-Mobo-RAM trifecta upgrade next year, along with a new NVMe drive, and take that time to upgrade to Windows 11, but the more I hear about it, the more I think I should just stick with 10. After tweaking, it behaves well enough. Win11 just doubles-down on dark patterns and anti-consumer bullshit. I'd switch to Linux in a heartbeat if all my games worked on it.
My big gripe with websites is when they break my standard 'flow' of opening links in a new tab to view later, or my 'flow' of web use in general. For years upon years, I'm taught by experience that clicking a link should either replace my current window or open a new one, and that middle-clicking will ignore that, opening the linked content in a separate tab.
Great! I can do a (cognitive) lazy-load and effectively finish my first train of thought before further narrowing my field of focus.
Now, when searching on Google Maps for restaurants in an area (and plenty of other sites for other purposes), middle click does nothing (aside from engaging the scroll thing that I never use). I must follow Google's flow of clicking, being taken to a new tab, and returning to my original one in order to complete my original task, since I also can't just rightclick->open in new tab.
All this, on an element that is made to look like a hyperlink, but not actually act like one. It's just some cheap-feeling .js SPA that acts more like an app than a website, which makes me do extra work to accomplish a given task.
> Updates
I totally understand wanting security patches to be made available at high speed and wide breadth, and if Windows Update spun off security updates into some sort of module for Windows Defender, I'd be much more willing to accept the nags to update. However, I don't think it's in MS's interest to do so, as that would mean less auto-installed telemetry, and less MS-beneficial default settings being auto-applied or re-applied upon update, less people 'accidentally' defaulted back to Edge and Bing.
We're also in a different internet ecosystem than the XP days. Software is often built to expect constant connectivity, or be entirely reliant on it.
A somewhat relevant example is how PC versions of Call of Duty dropped support for dedicated servers after Modern Warfare (One or two more releases had dedicated servers, but I can't be bothered to remember which). My clan from those days ran a Hardcore-mode Search and Destroy server, and we were able to form and govern our own community, because we effectively 'owned' an instance of the game server, and had control over it.
Nowadays, you hit quick-play, drop in, and everyone is just as unimportant and anonymous as the next person. When the main servers are offline, so are you, because the lobbies are yet-another-instance of some VM or server software hosted in the cloud by the company. The game exists as a 'Live Service', which just means that they're going to drip out some purchasable content and 'season passes' for bundles of the dripped content.
I'll be rebuilding pretty much my whole PC in the next 2 or 3 years, since everything in it is getting old (and a GTX 1080 isn't as good as it used to be), and Linux will be my main OS since I play much fewer games anyways. Windows will be for when I just need DirectX and whatever proprietary DRM/Anticheat spyware for my software to be usable, and I'll practice ripping out telemetry from the OS when I get bored.
Google Maps has some hiccups, but overall I like the way it works. Did you ever use MapQuest in the early '00s? Having to do a full page load to move your view was awful
I've considered running Windows only as a shell for running a Linux VM (that I would actually do my daily driving in) and Windows-only games, but I don't know how well that would work. How good is GPU acceleration in a VM is you're not using PCI-E pass-through? I'd also worry about the RAM requirements to make that work well, as I'd effectively be splitting my RAM in half, though I was planning on going to 64 GB on my next upgrade anyways.
GMaps is good when I'm using it for navigation, but exploration is clearly not its intent, which is probably why I take so much issue with it. My utility company seems to use an SPA for their portal, and I've never had an issue with it, since everything I need it to do is readily accessible.
I've yet to try setting up GPU or PCIe passthrough, but I imagine that they wouldn't take up too much overhead on their own. It isn't 1:1 comparable to your situation, but Linus Tech Tips has a few videos titled something like "X gamers on 1 machine", which shows it's doable.
Having a guest OS in a VM would likely be the bigger performance bottleneck (with extra input lag), and I'm pretty sure that some anticheat software detects and discriminates against being run in a VM. I'd sooner try to get a game in a working state on the Linux OS with Proton or Wine, and drop down to installing on Windows if it fails or gets too fussy.
It's hard to sell something that no one wants or needs, so the sales pitches become progressively stranger and more desperate.
IMHO, from a consumer POV, Win 95 and Win 7 are the high points in Microsoft's OS release history. Win 8 was horrendously bad. Win 10 is marginally worse than Win 7.
My 2021 Win 10 laptop keeps trying to convince me to upgrade to Win 11, although even a quick googling indicates that it is almost sure to slow down my AMD-based machine.
Essentially. They're in no way forcing you to give away credit card info.
Even the title is editorialized in a way to incite hatred against something that's already present in a competing OS. Isn't there an HN policy against such titles?
I made the switch on my personal devices from Win/MacOS to Linux a couple years ago.
God! it's so liberating not to live behind walled gardens, dark patterns, corporate giants tracking every click you do and selling and/or misusing that information... let's remind ourselves to donate to FOSS causes.
In a world where there's no FOSS option, I'd seriously consider not using technology vs having to cope with the sheer incompetence and/or malice of modern software design, led by Apple, MS, Google and co.
> Asking for credit-card information within Windows isn’t that startling, as you’ve probably already entered payment information into the Microsoft ecosystem either for buying apps or movies on the Microsoft Store app or for making similar purchases via your Xbox. Still, those transactions are normally performed via your Microsoft Account web page, which manages all of that online and behind the scenes.
The main difference being that instead of a browser interfacing your Microsoft Account, there's a Settings interface for the same information.
What I would really like is some compare/contrast with alternative operating systems. We know how this works in Windows before this change. Does macOS have any way to manage your Apple Account payment information through settings, or do you have to go to a web page? How about iOS and Android?
On macOS, there's a prominent top banner in 'System Preferences' for 'Apple ID, iCloud, Meida & App Store', where if you click the 'Apple ID' button there, you are then one click away from a button labeled 'Payment & Shipping'.
A similar UI exists on iOS. Android is a little different in that the 'Google' option in Settings is a bit hidden on Google reference devices and OEMs get to customize the main app, too.
Yeah, from the headline I thought that the credit card was mandatory for access to the test build or something. But it's just allowing you to (voluntarily) save credit card info for making purchases in the App Store, similar to how Android and Apple devices do it.
> as you’ve probably already entered payment information into the Microsoft ecosystem either for buying apps or movies on the Microsoft Store app or for making similar purchases via your Xbox.
Is this really that common? I've never interacted (directly) with the Microsoft "ecosystem" in my whole life, and I've been a Windows user that entire time. If I was going to purchase a movie or an "app", the Microsoft store is not the place I would go.
- buying Office or having a personal/family Office 365 subscription
- XBox gaming / entertainment
- buying (other) software or devices from Microsoft
Less common might be using Microsoft for laptop movie purchases. And once upon a time the XBox Music / Groove was actually a really nice service for the price. Not sure if that still exists or what name it has now? (Edit: Looks like it's sort of still around, but evolving - https://www.windowscentral.com/goodbye-groove-music-new-medi... )
I also used to have a Windows Phone, but... that is NOT COMMON. Ha!
Apple uses a central point of entry - your Apple account, and it often requires you re-enter your password to revalidate who your are and will explicitly validate that you want to "really": buy (which you can suppress - I've never done that).
Another interesting addition is what Microsoft calls Smart App Control, or SAC. Microsoft describes it as a “new security feature for Windows 11 that blocks untrusted or potentially dangerous applications.”
I've already started having problems with 3rd party security software that marks mine as likely malware because the installer unpacks itself to the temp folder. I dread to think what this might get up to.
Or it could just be a clone of macOS Gatekeeper, which is a signature check. Could be Microsoft used an “or” after “blocks untrusted…” instead of an “and”, and a sig check is all they’re doing. If that’s the case, Gatekeeper can be a minor inconvenience but doesn’t block installation if one knows to right-click the icon. EDIT: but who knows, the Windows blog post implies it might involve more than checking signing certs: https://blogs.windows.com/windows-insider/2022/03/02/announc...
But, yeah, if they’re doing some malware heuristic, nooooo thanks.
I agree. Making it easier for their customers to manage the payment information they already voluntarily gave Microsoft is about as boneheaded of a move as I can imagine. /s
I don't think it's entirely absurd that people will be more forgiving to a product that they actually like. Apple certainly has some stupid aspects to their cloud/account system, but for the most part, when I'm using my iPhone or Mac I don't feel like I'm being tracked with every single thing I do. They're not overhauling their settings menu every few years, they don't have 5 types of right-click menus that can pop up depending on where you are in the OS, they don't keep secretly installing Candy Crush on my machine and putting it front and center in the OS's top-level search menu. I could go on.
Windows has been worsening and worsening on the privacy and UX fronts, and all for an OS that nobody actually likes to use, but we continue to for some platform-locked games or killer app. We're hostages of Microsoft and they continue to use their position to abuse its "customers"
The haphazard nature of Windows features is always bizarre. Windows in tablet mode still can't tell when the user has tapped on a text box and forces the user to manually open the onscreen keyboard. This from a company that forced a functionless Lock Screen that must be clicked past to get to the login screen onto desktop users just because smartphones were popular and smartphones have one.
Holy clickbait blogspam Batman! Microsoft added a payment information screen to the settings, so that you don't need to go through your browser, where you may or may not be logged in already and may need to jump through auth hoops.
"Conceptually, however, it implies that your PC is as much a tool to make purchases as it is to simply work and game."
Hot take Mark Hachman, you joke of a "journalist."
Only half-joking: Wait until this becomes part of the initial setup sequence, and you can't skip this step unless you turn off your network connection and wait for it to throw an error. That's what happened with using a Microsoft account vs. local login credentials under the Windows 10 Home edition.
new security feature for Windows 11 that blocks untrusted or potentially dangerous applications
Every time Microsoft does this they make it harder for me to run what I want without making the whole system less secure than it was before their "upgrade".
Windows 7 was probably the last true Personal Computer Windows version in the original sense of the word.
Your PC is yours, has a local account only, no real telemetry, no cloud syncing, it really is your computer.
The future for Windows is what you already have in your pocket, on iOS or Android. Cloud-based, linked to an account, every single thing tracked, and as many things as possible are deeply integrated, payment, health, and much more coming.
It's going to be more convenient, secure, consistent, so consumers will embrace it. It all feels like a smooth transition yet people are missing the dramatic steps taken.
As just one example: files. We used to manage them locally and only we had access. Now they're in the cloud and a private business has access, with a back door to government.
Your cloud files will be auto scanned for violations, even if they're not public. In the physical world we'd call this an illegal search, requiring a warrant. Not anymore. The process may also flag you as a false positive, with no way to repeal, or it taking very long.
Or, maybe you were born in the wrong country, which means no files for you. Sorry. Please just "overthrow" your government or something.
You could of course make the same point regarding money. You can now be financially "cancelled" with the push of a button. No such thing is possible with cash.
I am serious when I say that we're giving up an incredible amount of privacy and freedom in record time. Whilst simultaneously dramatically elevating the power of authorities. Under the assumption that it will not be abused.
Before, if the government would want to track you, they had to hire somebody to physically follow you. If you made an offense, they would have to find you and go through a lengthy legal process. If they wanted to seize your financial assets, they wouldn't even know how much you have and where it is. Blocking you from making transactions would be impossible altogether.
Now all these barriers are taken away. It's just a push of a button.
I fully realize that I sound old and paranoid. I used to hate comments like these. Lately, I've been changing my mind. Mostly because the actual scenario is unfolding.
I just wish there was a good enough equivalent of visual studio for C++ on linux, especially for its debugger.
I'm not sure Clion is good enough.
The usual answer I get is "use emacs or vim", but I really don't have the patience to use vim and gdb and configure it. I just don't want a terminal editor.
I like linux, but in all seriousness, visual studio C++ is just one of the things that makes me stay on windows. I don't see any good enough GUI editor to debug some C++ code on linux, with autocompletion and basic IDE features.
Honest question: who actually wants these features? Why are MS-specific subscription integrations at the OS level desirable to me as a home user? It really doesn't seem hard to visit a website the rare times I want to modify a subscription, or to get email notifications about expirations.
The more I read about Win 11 the more I wonder who they're designing the OS for. None of the features I've read about so far are really anything I care about.
It doesn't matter if anybody needs them or not. Microsoft introduces whatever is profitable for them and most users have little choice. Those who could, Migrated to macOS or even Linux already. The rest will be milked, permanently.
The want to kill honest binaries (aka, access to raw hex instructions of programs allowing them to be cracked). UWP games on windows 10 was a trial run of trusted computing tech where windows update disabled cracked exe's, that's why UWP games can only run on certain verisons of windows 10. Windows 11 is that on steroids, Microsoft is lying because they know the average person using windows is clueless and tech illiterate. They learned that in 1997 with ultima online, everquest in 99 and wow in 2004. Client-server software is the same as buying a program with missing files. It's literally a broken application.
This is who they are designing it for, big media companies:
TC provides for a monitoring and reporting component to be mounted in future PCs. The preferred implementation in the first phase of TC emphasised the role of a `Fritz' chip - a smartcard chip or dongle soldered to the motherboard. The current version has five components - the Fritz chip, a `curtained memory' feature in the CPU, a security kernel in the operating system (the `Nexus' in Microsoft language), a security kernel in each TC application (the `NCA' in Microsoft-speak) and a back-end infrastructure of online security servers maintained by hardware and software vendors to tie the whole thing together.
The initial version of TC had Fritz supervising the boot process, so that the PC ended up in a predictable state, with known hardware and software. The current version has Fritz as a passive monitoring component that stores the hash of the machine state on start-up. This hash is computed using details of the hardware (audio card, video card etc) and the software (O/S, drivers, etc). If the machine ends up in the approved state, Fritz will make available to the operating system the cryptographic keys needed to decrypt TC applications and data. If it ends up in the wrong state, the hash will be wrong and Fritz won't release the right key. The machine may still be able to run non-TC apps and access non-TC data, but protected material will be unavailable.
The operating system security kernel (the `Nexus') bridges the gap between the Fritz chip and the application security components (the `NCAs'). It checks that the hardware components are on the TCG approved list, that the software components have been signed, and that none of them has a serial number that has been revoked. If there are significant changes to the PC's configuration, the machine must go online to be re-certified: the operating system manages this. The result is a PC booted into a known state with an approved combination of hardware and software (whose licences have not expired). Finally, the Nexus works together with new `curtained memory' features in the CPU to stop any TC app from reading or writing another TC app's data. These new features are called `Lagrande Technology' (LT) for the Intel CPUs and `TrustZone' for the ARM.
Once the machine is in an approved state, with a TC app loaded and shielded from interference by any other software, Fritz will certify this to third parties. For example, he will do an authentication protocol with Disney to prove that his machine is a suitable recipient of `Snow White'. This will mean certifying that the PC is currently running an authorised application program - MediaPlayer, DisneyPlayer, whatever - with its NCA properly loaded and shielded by curtained memory against debuggers or other tools that could be used to rip the content. The Disney server then sends encrypted data, with a key that Fritz will use to unseal it. Fritz makes the key available only to the authorised application and only so long as the environment remains `trustworthy'. For this purpose, `trustworthy' is defined by the security policy downloaded from a server under the control of the application owner. This means that Disney can decide to release its premium content only to a media player whose author agrees to enforce certain conditions. These might include restrictions on what hardware and software you use, or where in the world you're located. They can involve payment: Disney might insist, for example, that the application collect a dollar every time you view the movie. The application itself can be rented too. The possibilities seem to be limited only by the marketers' imagination.
reply