Hacker News new | past | comments | ask | show | jobs | submit login
I wish Microsoft had been brave enough not to release Windows 11 (pcgamer.com)
44 points by Alupis 86 days ago | hide | past | favorite | 53 comments

You just cannot stick with version 10 when your major competitor goes all the way to 11 ;)

And macOS has just gone up to 12. They better hurry!

(blank look) But this one goes to 11...

I'm afraid it's no longer 1 louder, it's 1 quieter now ;-)

Try to beat Windows 2000.

Win11 with the tpm requirement is part of their control ratchet. Microsofts gameplan is not new, nor is it super secret. They've been ratcheting up signing control. Meanwhile all their competitors fully own the app install process and earn those juicy 30% fees.

Put another way, if I sounds like a duck and walks like a duck: do you really think Microsoft isn't envious of the appstore?

You don't like security? How is Trusted Platform Module part of their "control ratchet"?

The security arguments are dubious at best. Seems more closer to direct vendor/platform lock-in.

Games like Valorant now require a TPM 2.0 chip to run. Why? It's a videogame? Why does it need to be locked down to Windows only. How long before all sorts of software get vendor locked in like this? Same kind of bs that happens on Android, safetynet and root. How is this not a ratchet for vendor control?

Also screw security if it means planned obsolescence. Microsoft has basically declared that every machine before 8th gen Intel and Zen 2 as obsolete in 5 years time. Why? Those machines are perfectly usable and fast.

It's not my keys in there. Giving more power to someone else does not count as security in my book.

I've yet to see a single reason why I would want Windows 11.

Native running of android apps?

I've yet to see a single reason why I would want Windows 11.

Not there yet.

Reportedly better performance.

How much does it cost when you already have Windows 10?

RAM, processing power and HD space.

Would this be the same cost if it were a point release (or service pack, what's the proper terminology in MS world?) rather than a major version release?

Just switch to Linux if you are already switching.

1) The CVE list for Linux begins at 1996 while for Windows 10 it begins at 2015.

2) Linux users appear to be more adept/willing to find and report bugs. A bug that's out of sight and out of mind doesn't mean that it doesn't exist.


3) I suspect the openness of Linux facilitates individuals willing to find and report bugs.

Number of CVEs and CVSS scores is a terrible way to judge relative security.

OK, so that combined with patch rates would be a better way?

Any data on that?

Disclaimer: I am not religious about operating systems. I am trying to learn here.

Unfortunately not. Judging security is actually really hard! But CVSS is essentially a useless number in every sense, and number of CVEs is not directly useful because different OSes get different amounts of attention. My hobby OS is not infinitely more secure than Linux just because it has no CVEs, for example. On might thing that "mitigations" or "vendor approachability" could be used, but they are only part of the story and have their own problems: some software (not saying which…) is known to just glom on "mitigations" without abandon that don't actually help. And, while rarer, there are vendors who respond appropriately to bug reports but fail to ever actually meaningfully improve security.

Really, the best way to judge security is to ask security researchers: they break the software, they're at the forefront of what it takes to do this and what kinds of things the software is doing to keep them out. They'll tell you which things work and which don't, and how "serious" a vulnerability is (assuming it's not one they found, because they're not immune to bragging :P). In general, across the modern OSes, there is no "one" OS that is more security on every front. Windows has its own issues in subsystem X, Linux is broken in responding to Y, etc.

Practically speaking, it's impossible to compare these metrics between open and closed systems for various reasons. In open systems, bug reporting is a part of the culture. Moreover, as you are closer to the vendor, you can actually count on it being fixed, in trivial cases overnight. You have public bug tracking systems where the bug is almost like your baby: you talk to others about it, you argue in favor if it being fixed. Moreover, a good number of users actually fixes the bugs. Sometimes it's enough a bug report is published that you patch your own system without asking anyone. As source code is available, for some people it's a kind of a hobby to go through and find bugs. Some do it for sport, some for learning/as a part of their curriculum, some as a part of their product development or audits.

With closed systems, many of these points above are not true. Users are not accustomed to reporting bugs, and even if they report a bug sometimes, they become put off as they don't know what happens with it later. They don't actively analyze the source code to find bugs. If a bug is found, they pray the patch is released soon. It is very rare someone has enough low-level skills to manually patch a binary based on a CVE description.

Given these differences, I think the only viable metric is the response time, i.e. the time between the bug being disclosed and fixed.

Thank you very much for taking the time to respond.

So what you wanna say is that Linux people find more CVEs?

Honest question.. any stats on linux/win/macos desktop user patch rates? As in, who is actually updating the most?

Sure, ok.. and they are public knowledge and they are not fixed.

your links do not filter for "not fixed"

My sincere apologies. I don't have a horse in this race.


I would like to add that in my muggle opinion, a CVE being closed does not mean that every desktop has been patched.

There is no such thing as an open or closed CVE. Conflating "description is public" with "has been patched" would be wrong, but claiming that all existing CVEs ever are "open vulnerabilities" is nonsensical.

OK, thank you.

However, the downside of publicly reporting vulnerabilities is that everyone has this knowledge and does not need a team of pen testers to find these vuln's, correct?

Is there any public info on linux/macos/win desktop patch rates?

I have personally been screwed by Ubuntu patching. I am not a total idiot and I assume I can't be the only one.


edit: I realize that I have foot in mouth syndrome in this thread, but does anyone have real world patch rates on desktop OSes?

Also, am I way off in the thought that publicly posting CVEs allows less technical adversaries to attack you? I believe in the benefits of OSS, but everything has positives and negatives.

If desktop linux has lower patch rates, as is my experience, then maybe we shouldn't be recommending desktop linux to everyone?

These are honest questions in the hope of learning.

It's generally accepted that open published CVEs push vendors to actually patch their software, instead of covering up and ignoring bugs. It also gives you a heads up that the software your running has an issue and you need to update. It's tempting to think that making this knowledge publicly available gives the bad guys a roadmap, but in security you really can't just assume that because a vulnerability isn't public knowledge the bad guys won't know about it.

Frankly with the proliferation of the vulnerability black market, lack of public disclosure of CVEs would mean that only the black hats know it.

You know what they say about "security through obscurity" right?

I feel that this used to be a large advantage of using less popular OSes.

They probably did that because otherwise people would not accept that they had to buy new hardware in order to run it.

Honestly it's better with a version number. That way you could stay behind if you really want to. I am switching to Linux (finally) since I will simply use a remote desktop configuration for the only program I need to use for work that doesn't work on any other platform than windows.

You know, this is probably the most straightforward way to raise the hardware floor. Would anyone really prefer Fall Creators Update 2021 as the patch that killed Windows support for their machine, or a clean break with a new OS?

I installed Windows 11 to try it out. I figure, Windows 10 telemetry is bad already, Windows 11 probably won't change that. It isn't that much different than Windows 10. The most noticeable difference is the location of the start icon, but other than that it feels almost exactly like Windows 10. It has been stable so far, more stable in fact.

I had a weird issue with my graphics card on Windows 10 where it would crash. I think I determined at some point that my graphics card wasn't getting enough power, although my power supply should have been sufficient. I recently moved, so the improvement could be due in part to that. My last place, anytime I'd run the microwave and have a space heater on it would flip the circuit breaker.

Anyhow, haven't had any issues with Windows 11. Don't know if they have better power management or what, but seems resolved now and no more random crashes when playing games which to me is a huge improvement.

> Note, Windows isn't my primary OS.. I just use it for my kids gaming computer. I run Linux on my personal computer.

It seems there is really no performance reason to switch to W11.



They painted themselves into a marketing corner, the article makes the salient point that it's fairly unattractive to sell a new laptop with "Windows 10 21H2". What they should have done is ditch the version numbering altogether.

"Windows is the last version of Windows".

I really enjoy Windows 11. It's faster than the previous version and has a better UI.

Guys just get tpm disabled w11 image. I even installed it on a 2011 t420 thinkpad with i5 8gb ram and ssd, and works like a charm

New version of Windows means more money in upgrades for Microsoft.

But upgrades are free.

For those having hardware supporting TPM and compatible with Windows 11.

Is Microsoft making money off hardware upgrades?

OEM sales I guess?

Those who have PCs that can't run Windows 11 will have to buy new hardware.

This won't happen anytime soon though as currently there is zero reason to upgrade your hardware just to bump the version number.


Where was this person when Windows 10 was released

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact