Windows 11

Mercutio

Fatwah on Western Digital
Joined
Jan 17, 2002
Messages
22,303
Location
I am omnipresent
Tiny 11 Builder has been updated to support all Windows 11 releases. It's basically a long Powershell script that pulls out a list of bullshit Windows Store applications, but it also gives your Windows 11 install an Edge, Media Player and OneDrive-ectomy. The script is very easy to read and modify, if for example you'd rather keep Media Player and the News apps while saying goodbye to Teams and Clipchamp.

My biggest headache with customizing any Windows 11 ISO is ensuring that I have storage and USB drivers for 12th-gen+ Intel systems. Every time I think I have all the drivers I'll need for that, I run in to some new bullshit laptop that expects a slightly different combination of stuff than I had prepared. AMD? It's all fine and good. Have a party. Intel? Sometimes a wired USB mouse won't even work during Windows installation. Thanks, guys.
 

sedrosken

Florida Man
Joined
Nov 20, 2013
Messages
1,823
Location
Eglin AFB Area
Website
sedrosken.xyz
Yeah, I don't know what's up with Intel based laptops these days, but on 11th gen and newer I've reliably had no mouse in setup, and especially on HP implementations they seem to like to enable RST for no good reason with no way to turn it off, necessitating installation of disk controller drivers during setup that reminds me of the bad old times trying to get AHCI working on XP boxes. I am quite glad to see NTDEV's pivoted more toward distributing the scripts rather than images -- not that I personally didn't trust them, but I've seen the concern raised several times and I've heard of enough "light" images in the past turning out to have been compromised that I'm a lot happier to use a script that I can read through and kind of understand what it's doing by comparison.

Merc, have you heard anything about Edge/Media Player and friends showing back up after Windows updates? I imagine it'd be a much bigger issue for build upgrades but I've heard from a few of my users that apps they uninstalled seem to come back every time our RMM lets updates go through.
 

Mercutio

Fatwah on Western Digital
Joined
Jan 17, 2002
Messages
22,303
Location
I am omnipresent
Edge and Media Player aren't the one I hate, but yes, I've seen OneDrive come back in spite of Group Policies and removing the binaries and registry entries for it. Microsoft is VERY thorough in re-adding it in spite of any precaution to keep it off computers.

I manually used the ADK to build my Windows 11 install media with a baseline for a Ryzen 7000 notebook and a 12th gen Intel something. It has updates, custom folders (I toss all my extra utilities in C:\bin) and various scripts to run after the install. The total size for the whole thing is just over 7.8GB, and almost all the extra is drivers. And it probably STILL won't cover every Intel RST/USB scenario. Importantly, I do not give the option to complete setup with a Microsoft account at all. They can add it back on their own.
 

Mercutio

Fatwah on Western Digital
Joined
Jan 17, 2002
Messages
22,303
Location
I am omnipresent
Apparently, Windows 11's next big update is going to start pressuring users on local accounts to switch to Microsoft accounts. This is a whole new level of aggravation, and something that's not going to get better in Windows 12.
 

LunarMist

I can't believe I'm a Fixture
Joined
Feb 1, 2003
Messages
17,497
Location
USA
Isn't that what they are already doing unless you take extra measures to disable that?
 

Mercutio

Fatwah on Western Digital
Joined
Jan 17, 2002
Messages
22,303
Location
I am omnipresent
Isn't that what they are already doing unless you take extra measures to disable that?

They're going to start bitching for local accounts that already exist.
How long until people with non-federated on premises domain accounts get the same treatment?
 
Last edited:

ddrueding

Fixture
Joined
Feb 4, 2002
Messages
19,747
Location
Horsens, Denmark
My laptop did exactly that after a recent update. After the reboot it presented me with the "create an online account" window. Fortunately there was a "no" button that, after showing a bunch of warnings, allowed me to continue.
 

LunarMist

I can't believe I'm a Fixture
Joined
Feb 1, 2003
Messages
17,497
Location
USA
They're going to start bitching for local accounts that already exist.
How long until people with non-federated on premises domain accounts get the same treatment?
So that means the computer has to be connected to the internet forever after that? :(
I'm thinking of only connecting the computer online every month or so and wiping/restoring it each time. I'm pretty much done with the Topaz or any software that needs internet all the times.
 

Mercutio

Fatwah on Western Digital
Joined
Jan 17, 2002
Messages
22,303
Location
I am omnipresent
It's not so much that it must be connected to the internet forever, but it has to be connected for the Microsoft account to be set up. Current standards also default to encrypting the primary drive with Bitlocker and creation of a PIN that is emphatically not the password associated with the named account. It can also mess with what would normally be transparent authentication between Windows PCs, if you're used to stand-alone home or small office systems.

All in all, it's just not something I want to bother with or be bothered by.
 

LunarMist

I can't believe I'm a Fixture
Joined
Feb 1, 2003
Messages
17,497
Location
USA
It's not so much that it must be connected to the internet forever, but it has to be connected for the Microsoft account to be set up. Current standards also default to encrypting the primary drive with Bitlocker and creation of a PIN that is emphatically not the password associated with the named account. It can also mess with what would normally be transparent authentication between Windows PCs, if you're used to stand-alone home or small office systems.

All in all, it's just not something I want to bother with or be bothered by.
So the PIN is per computer/ssd and the account is for the user tracking?
Do you need to log in with the PIN every time?
 

ddrueding

Fixture
Joined
Feb 4, 2002
Messages
19,747
Location
Horsens, Denmark
You have a password and a PIN. By default you are able to log in with the PIN. The frustrating thing for me is that people entirely forget their password a week after they set up their PC (because they never have to use it), then when I need the actual password for admin-type stuff (or even just LogMeIn remote access), they keep insisting that their password is their PIN.
 

LunarMist

I can't believe I'm a Fixture
Joined
Feb 1, 2003
Messages
17,497
Location
USA
I am still confused. Normally I have no password or PIN for Win 10. I set a PW for a travel laptop, but not a PIN. In Win 11 I have to know the PIN and PW for each computer?
 

Mercutio

Fatwah on Western Digital
Joined
Jan 17, 2002
Messages
22,303
Location
I am omnipresent
Microsoft has users create a Microsoft Account with an email address and a password.
Microsoft has a separate security system called Windows Hello, which can be tied to a local OR a Microsoft account and can use secondary authentication methods like facial recognition, fingerprint reader or, most often, a short PIN. IIRC, four digit PINs are A-OK.

Windows Hello can fail for a bunch of reasons, and then your face / fingerprint / PIN stops working to authenticate your access. If you've been using the PIN constantly for as long as you've had the computer, and never had even one reason to go look at something on your Microsoft account in any other way, you have to hope you provided proper recovery email and/or SMS-able telephone numbers on your account, or you're left in the same state as the guy with dementia I was dealing with a couple weeks ago.
 

LunarMist

I can't believe I'm a Fixture
Joined
Feb 1, 2003
Messages
17,497
Location
USA
From what I understand the Hello only works with laptops. Assuming the email is gone and a PIN is not developed, can one just use a PW like in the old days? Or does it communicate something with the MS? Maybe using MS is a form of demetia itself?
 

jtr1962

Storage? I am Storage!
Joined
Jan 25, 2002
Messages
4,379
Location
Flushing, New York
I don't recall being asked for a PIN when I set up my new laptop. It is set to log me in with facial recognition. Maybe to future-proof that against my appearance changing radically I should make a cast of my face.

Merc, I wonder if you could get an artist to do something similar with that guy who can no longer log on to his computer? If they have a few old photos of his, they can probably make something close. There's also 3D software which made models of faces from front and profile photos.
 

Mercutio

Fatwah on Western Digital
Joined
Jan 17, 2002
Messages
22,303
Location
I am omnipresent
From what I understand the Hello only works with laptops. Assuming the email is gone and a PIN is not developed, can one just use a PW like in the old days? Or does it communicate something with the MS? Maybe using MS is a form of demetia itself?

Windows Hello is available on all Windows 10 and 11 computers. It is a form of extensible authentication that can use a PIN or a card/NFC reader or a biometric sensor. If I happen to conduct an e-commerce transaction from MS Edge, it'll try to fill card details it imported from some other browser and prompt for the card verification code. After I have provided that, Edge will cheerfully tell me it can use my Windows Hello credential (a PIN or a fingerprint) instead.

If Windows Hello credentials are deemed invalid for some reason, users can THEN use the login and password they created, if they know them. One reason I am aware that can invalidate Windows Hello is using a device on a new network, or booting Windows on a computer that doesn't have all the same sensors as were found on its previous hardware, but I've also seen it happen with Windows home PCs just at random.
 

LunarMist

I can't believe I'm a Fixture
Joined
Feb 1, 2003
Messages
17,497
Location
USA
So if I deliberately invalidate the HEllO and discard the account activation email address, then can I use the traditional password method and unencrypt the C: partition? Can I change the password and do everything normally, or do I need to log in with the email and PW and be online?
I clear the browser cache constantly and usually restore the C: drive, so there is no sensitive information stored locally.
 

jtr1962

Storage? I am Storage!
Joined
Jan 25, 2002
Messages
4,379
Location
Flushing, New York
There are normally two image sensors, one for tricolor visible light and one for IR to confirm that the head is real.
That explains why using a picture doesn't work. I guess if you cut off someone's head and attempted to use that to log in it wouldn't work, either. I'm surprised more fingerprint ID sensors don't use IR also. True story here-one of my family members was scammed by someone. A relative (who is now dead) may have been connected to Cosa Nostra. My mother was very secretive about what he did for a living. Anyway, this person cut off the index finger of the perpetrator, used it to access his workplace, and took back all the stolen money, and then some. It's a bit of a mystery what the final disposition of the perpetrator was, but I'll guess since he was into online scamming he lost more than just his index finger. Hard to use a computer with no fingers, possibly no arms knowing my relative. Anyway, had the fingerprint ID system used IR, the finger "trick" wouldn't have worked.
 

Mercutio

Fatwah on Western Digital
Joined
Jan 17, 2002
Messages
22,303
Location
I am omnipresent
So if I deliberately invalidate the HEllO and discard the account activation email address, then can I use the traditional password method and unencrypt the C: partition? Can I change the password and do everything normally, or do I need to log in with the email and PW and be online?
I clear the browser cache constantly and usually restore the C: drive, so there is no sensitive information stored locally.

You can ALREADY just create a local account and use any account belonging to the Administrator group to decrypt the PC. You don't have to do anything with Windows Hello at all for that. It's just that future versions of Windows are going to nag you about not being in a Microsoft-approved configuration.
 

jtr1962

Storage? I am Storage!
Joined
Jan 25, 2002
Messages
4,379
Location
Flushing, New York
Honestly, I smell a big class-action lawsuit against MS for stuff like this. You shouldn't have to jump through all their hoops just to access your own data. I get security to some extent but you should be able to disable it. I'm the only one who will ever access my PCs. Nobody lives with me. Even when my mother was alive she was more or less computer illiterate. That was before she got dementia. Other than my new laptop, I can't physically take any of my computers with me. My laptop would never be out of my sight if I did bring it on a trip. So why can't I disable all the security BS? I'd just want to keep the parts which prevent people from hacking into my system online.
 

LunarMist

I can't believe I'm a Fixture
Joined
Feb 1, 2003
Messages
17,497
Location
USA
You can ALREADY just create a local account and use any account belonging to the Administrator group to decrypt the PC. You don't have to do anything with Windows Hello at all for that. It's just that future versions of Windows are going to nag you about not being in a Microsoft-approved configuration.
Yes for now, but I assumed the concern is that the nagging will be changed to a mandatory requirement.
 

LunarMist

I can't believe I'm a Fixture
Joined
Feb 1, 2003
Messages
17,497
Location
USA
Honestly, I smell a big class-action lawsuit against MS for stuff like this. You shouldn't have to jump through all their hoops just to access your own data. I get security to some extent but you should be able to disable it. I'm the only one who will ever access my PCs. Nobody lives with me. Even when my mother was alive she was more or less computer illiterate. That was before she got dementia. Other than my new laptop, I can't physically take any of my computers with me. My laptop would never be out of my sight if I did bring it on a trip. So why can't I disable all the security BS? I'd just want to keep the parts which prevent people from hacking into my system online.
I suppose they will argue that there is enough competition that you d on't need to use MS if the T&C are not to your liking.
Most of the CA suits are because a product does (or does not do) something in the T&C and that you were not informed about it.
 

LunarMist

I can't believe I'm a Fixture
Joined
Feb 1, 2003
Messages
17,497
Location
USA
Who wants to listen to some kind of angry fool? There is no credibility.
 

jtr1962

Storage? I am Storage!
Joined
Jan 25, 2002
Messages
4,379
Location
Flushing, New York
Who wants to listen to some kind of angry fool? There is no credibility.
He repairs PCs for a living, so that at least gives him some credibility.

Truth is people are too complacent. We should have nipped this whole thing in the bud years ago. It's not just happening with PCs, either. Too many things are becoming rentals instead of buy once and use forever.
 

LunarMist

I can't believe I'm a Fixture
Joined
Feb 1, 2003
Messages
17,497
Location
USA
Pretty much everything is becoming a service. Of course there are strong business reason for that regardless of the negative impact to individual users. Unless you can develop a better model, it will be difficult to sell the 20th century mentality in the 2020s.
 

jtr1962

Storage? I am Storage!
Joined
Jan 25, 2002
Messages
4,379
Location
Flushing, New York
Pretty much everything is becoming a service. Of course there are strong business reason for that regardless of the negative impact to individual users. Unless you can develop a better model, it will be difficult to sell the 20th century mentality in the 2020s.
The 20th century model worked fine. The problem is businesses think their profit margins should be a lot higher now. It's the difference between making a reasonable profit providing a good or service, versus an obscene profit. It's also the result of defacto monopolies like Microsoft. In theory there may be alternatives. In practice for many businesses and people using the alternatives would at least temporarily hurt your competitiveness. And some of the alternatives to Microsoft are as bad or worse (i.e. Apple).
 

Mercutio

Fatwah on Western Digital
Joined
Jan 17, 2002
Messages
22,303
Location
I am omnipresent
Microsoft had a big event today where it announced a bunch of new BS, including new Windows 11 features and AI nonsense and a crap ton of Snapdragon Elite X ARM-based Windows notebooks. Geekbench scores for the new Qualcomm SoCs make them compare favorably with Intel Core Ultra 7 155H on the low end and Core Ultra 9 185H on the high end, with battery life for many of the new devices at or above the 20 hour mark.
 

LunarMist

I can't believe I'm a Fixture
Joined
Feb 1, 2003
Messages
17,497
Location
USA
How does the hardware affect 3rd party application performance? Is the Greekbench optimized for the new system?
We saw that some x86 programs are hardly accelerated by the APPLE M stuff over the old iNtel and that only the new, natural software for M worked much better. I almost always plug in laptops for best performance.
 

Mercutio

Fatwah on Western Digital
Joined
Jan 17, 2002
Messages
22,303
Location
I am omnipresent
Geekbench is a synthetic workload, so we'll have to wait for products to get in people's hands before we really know if the performance claims are real or just a pile of marketing.
 

LunarMist

I can't believe I'm a Fixture
Joined
Feb 1, 2003
Messages
17,497
Location
USA
The 14th gen laptops just came out recently and now are already obsolete. I was not convinced 155 than a 1360P other than maybe 2x of the graphics going from really slow to just slow. Do you think that the AMD 28W mobile CPUs coming out later this year are substantially better and what about iNtel Lunar Lakes? I like the nomenclature of that last one. ;)
 

Mercutio

Fatwah on Western Digital
Joined
Jan 17, 2002
Messages
22,303
Location
I am omnipresent
It's hard to call a brand new CPU obsolete just because another company is doing something different. Intel knows that its package is the definition of x86 compatible and we have no idea how it compares in real world usage to Qualcomm, especially with the Prism compatibility layer that more or less no one is talking about yet. AMD has a struggle in mobile; its offerings (from OEMs I like, at least) are pretty limited, even if they are at least competitive with Intel in that space.

It does seem that Adobe, DaVinci and Bytedance (Capcut, which is beloved by Tiktok and Onlyfans creators everywhere) are all set to release ARM-native content creation apps with hardware support for AI functions on Snapdragon Elite for Windows, as well as some adaptive input device manufacturers.

I really need to know if ARM platforms are going to upgradeable storage and RAM. I'm willing to accept that it isn't on low-cost devices, but so far all the discussion has been about $1000+ hardware.
 

LunarMist

I can't believe I'm a Fixture
Joined
Feb 1, 2003
Messages
17,497
Location
USA
Then the Lunar Lake might still be the best choice in Q1/Q2 2025 for 28W laptops if I understand correctly. My laptop budget is quite low - only $1500 not counting M.2 SSDs. I would want at least 8TB (preferrably an option for 16TB) of SSDs.
 

LunarMist

I can't believe I'm a Fixture
Joined
Feb 1, 2003
Messages
17,497
Location
USA
So MS chose it for the power efficiency of the Copilots spying performance? :LOL:
 

Mercutio

Fatwah on Western Digital
Joined
Jan 17, 2002
Messages
22,303
Location
I am omnipresent
So MS chose it for the power efficiency of the Copilots spying performance? :LOL:

You can just ignore it or turn off the widgets. I'm not sure what Copilot is supposed to do either. Or why I should want to pay for Gemini or a subscription tier of Alexa, for that matter.
 

LunarMist

I can't believe I'm a Fixture
Joined
Feb 1, 2003
Messages
17,497
Location
USA
So the MS Snappenendragon X Elite Surface 11th with 13" display, 32GB RAM, and 1TB SSD is $2100 and weighs 2.0 lbs.
You could by a real laptop for less cost than that at just slightly more weight. It's not clear how easy it is to upgrade the Surface's SSD to 4 or 8TB.
 
Top