Windows 11

[sedrosken]

I only have use for non-C: drives and mostly for the FedRex, UPS, or luggages. If somebody steals I suppose they could use my programs or lift the license codes. I've not thought about it much, assuming that was more of a hassle than it is worth if I decided to apply the BitLockers on C: several times a week. I'm pretty sure there would be nothing in temp files other than software settings.

It's not something you have to continually apply, Lunar, it's a checkbox you tick and let it run initial setup and then it's protected thereafter transparently to the user. And like I said you'd be shocked what ends up in your temp files. Lots of settings and software installers unpack there, to be sure, but that's just one half of it -- your browser cache for another example is a very juicy source of information. It's a great way to fingerprint you -- sometimes even auth tokens and such end up cached and they can abuse those to get into accounts you might have signed in to. I don't know anyone who religiously clears their cache and cookies anymore -- these days it's often more a detriment in the form of having to sign into everything over and over again, and only undertaken as a last resort if someone has issues.

 

[LunarMist]

I keep an image of C: and only update from that each time, making a new one at least once a month (<35 days). I restore C: from that image every week or less. I use several of the basic privacy tools commonly available. I clean the browser and other cache constantly. (The Koreans descrined it as OCD-like.) I also don't do anything very important online nor visit sketchy type of sites.
I do this for Win 10, but tried and it works OK in WIN 11. I probably should use crypto on the laptop C: partition. I need to know if the physical M.2 slot 1 drive will show the 2nd un-encrypted parturition when installed in a USB bridge and connected to another computer.
I'm debating when to forcibly upgrade 10->11, but not seeing any advantage to 11 yet. Ultimately it will depend on the viability of AMD Zens 5 and it if is fully SMP.

 

[jtr1962]

There are some tools in the https://www.storageforum.net/forum/forums/toolbox-reference-section.14/ to clean up. I generally make a clean image of the SSD onto a flash drive before booting into Windows and then uninstall all obnoxious Windows programs and apps. Especially remove any anti-virus. If the computer was previously used you could run a recovery utility to return it to unused condition. Maybe I'm paranoid but it could have been used for a nefarious purpose.

It's Windows 11 Home, and the OS was installed on February 21, 2024. BestBuy does a fresh install on all their open box items. It's essentially like getting a new computer.

Maybe you can upgrade the SSD at some point if it is not a good one. (Which one does it have?)

The drive appears to be this one:

https://www.newegg.com/micron-512gb-2400/p/0D9-0022-000N3

Read speeds up to 4500 MB/s, write speeds up to 3600 MB/s. It seems to be a decent drive.

Being that the price difference between the 512GB and 1TB models was only $20 I gladly would have paid that if they gave me the option to upgrade. I suppose down the road if I'm running low on space I'll think about upgrading to at least 2TB, possibly 4TB. I guess I would have to also get an M.2 2230 drive enclosure to image my install to my new drive before swapping it in. The laptop only has one drive slot unfortunately.

I doubt the RAM is upgradable but 16GB is fine if you close programs fairly often and don't run too many memory hoggers at a time.

It's soldering in unfortunately but I knew that going in. For what I'd be using a laptop for 16GB is plenty. I have 32GB on my desktop but rarely use more than half of it.

The only thing you really will miss is a real graphics card. I have an ultralight laptop with a 1360P, similar CPU to what you have but with fewer P cores and lower power. The integrated Xe GPU in the Raptor Lake is not good for any intensive video use or AI enabled stuff.

The thing is being that this was sort of solution in search of a problem I limited myself to $500 and change net price. I love the 2880x1800 OLED screen. It's great for viewing videos, doing image editing, and playing Open Rails. It should also be great for microcontroller programming where I can get a lot of lines of text on the screen while still retaining legibility. With that resolution I don't even need to enable antialiasing when playing Open Rails. I just can't notice jagged edges. Anyway, at least for Open Rails I'm getting 40+ fps even in scenery dense areas, and 60 to 80 fps out in the country. This is with all settings maxed out at the native display resolution, including enabling dynamic shadows. Open Rails probably stresses the graphics engine more than anything else I'm going to do on this computer.

Truth is for my uses anyway even the AMD APUs from c. 2012 made having a separate graphics card redundant for me. If I ever did need major graphics power, I'd prefer to upgrade my desktop, or perhaps just install a graphics card in my existing A10-7870K system so I can keep using Win 7 there.

 

[LunarMist]

The A10-7870K had a wimpy CPU even in 2015 when compared to the slightly older Haswells or newer Skylakes, but you probably chose it for the APU. The 13700H is ways better than that old stuff for sure. That QLC DRAM-less SSD is low end, but serviceable. When upgrading SSDs you can do a direct clone, but I usually prefer making an image to a USB flash drive, swapping SSDs and then restoring from the flash drive. There are a number of USB 3.2 Gen 2 M.2 bridge enclosures; get one that has metal heatsinking in contact with the SSD.

It's not Win 11 related, but the Li-ion battery will be the main determinant in the longevity of the laptop. If your laptop has a utility to maintain the charge at 80 or 85% instead of 95-100% that will help your battery life.

 

[jtr1962]

The A10-7870K had a wimpy CPU even in 2015 when compared to the slightly older Haswells or newer Skylakes, but you probably chose it for the APU.

Yes, exactly. Intel's integrated GPUs sucked back then. I knew AMD's CPUs didn't quite match Intel, but for my uses they were "good enough". Now their Zen cores give Intel a run for their money.

The 13700H is ways better than that old stuff for sure.

Definitely. It's worlds ahead of my A10-7870K for sure.

That QLC DRAM-less SSD is low end, but serviceable. When upgrading SSDs you can do a direct clone, but I usually prefer making an image to a USB flash drive, swapping SSDs and then restoring from the flash drive. There are a number of USB 3.2 Gen 2 M.2 bridge enclosures; get one that has metal heatsinking in contact with the SSD.

I could do it that way. I have a Samsung T5 portable SSD which I can image the laptop drive on to, then put in the new SSD and restore the image.
I'd get an M.2 metal enclosure to use the 512GB drive as an external drive.

It's not Win 11 related, but the Li-ion battery will be the main determinant in the longevity of the laptop. If your laptop has a utility to maintain the charge at 80 or 85% instead of 95-100% that will help your battery life.

Interestingly, my sister's new laptop has that option in one of the power settings. She told me it wasn't charging past 80%. Then she looked at the settings and saw that was by design. I told her just leave it. It's better for the battery. I haven't found anything similar on my machine yet but I'm still digging around Win 11 trying to learn it. Being that I'd use the machine plugged in much of the time, there's no reason to charge the battery past 80%. If I go out with it, I'll just charge to 100% the night before.

 

[LunarMist]

Windows power and battery management has no charging level options AFAIK. That's up to the computer supplier, kind of like how Samsnug adds extra features to the ONeUI over the basic Androids. Maybe you can find an app for it at Asus or elsewhere.

 

[jtr1962]

I actually did find a setting in MyAsus called battery care mode. I enabled it. It limits battery charge to 80%. I guess that's the same setting as on my sister's machine.

 

[Mercutio]

Microsoft is changing the PC keyboard again. We're all going to have a Copilot key soon. I'm sure that will be great the very instant I figure out why people need copilot in the first place.

 

[sedrosken]

Having an extra key to rebind for my own nefarious uses is always nice. But then, most keyboards will likely have it replacing the Menu key, having the Menu function as a Fn layer, I suppose.

 

[Mercutio]

I just started using this thing specifically because I can bind a bunch of nonsense in my content creation applications to it. I have a Davinci Resolve Editing Deck as well but it's a little too big to go on my desk and share space with my drawing tablet.

Many keyboards seem to treat the menu button as optional as well. Either that or the world hasn't run out of 101 key keyboards made before 1998.

 

[LunarMist]

Microsoft is changing the PC keyboard again. We're all going to have a Copilot key soon. I'm sure that will be great the very instant I figure out why people need copilot in the first place.

Do I need to stock up on old keyboards, since I have the KVM connector? I'm not planning to upgrade the OS any time soon.
Is there any way to disable the co-pilot and still use Windows or is that illegal?

 

[Mercutio]

KVMs don't change all that much and new or oddball keys don't impact how they work.
Copilot seems to be one of those things like Onedrive that will show up again even if you disable it, but it's also really easy to ignore.

 

[LunarMist]

I go through a keyboard a year or so though I don't use the Windows keys or the menus key.
Laptops are probably the worst case, if you have the widely fingers. The space bar is already quite small on the lesser laptops. I really hope they don't cram another key in there, but reroute one of the Windows or something.

 

[Mercutio]

Apparently, Microsoft doesn't like end users mucking around with File Explorer. The hot new thing about the next semi-annual Windows 11 update is preventing users from using popular tools for modifying the Start Menu and/or file explorer, such as ExplorerPatcher. Because who cares what users want to do on their own PCs, right?

 

[LunarMist]

Are there any viable 3rd party File softwares?

 

[Mercutio]

Probably, but it remains to be seen if Microsoft will allow them to operate. Supposedly, just renaming the impacted executables twice allows them to operate again, but that's definitely anticompetitive behavior.

 

[LunarMist]

Stuff like this: https://www.techradar.com/best/the-best-file-manager

 

[sedrosken]

Starting to think they're deliberately trying to go after stuff like Open-Shell and StartAllBack, which literally just serves to give people back the Windows 7 era or XP era start menu if they want it. Can't wait for the seventeen million step registry hack that fixes that.

In other annoying news, Microsoft just made my deployment script obsolete until I can find time to write a powershell snippet it calls to disable the driver doing this BS and delete the scheduled task that re-enables the driver.

 

[Mercutio]

Until a couple years ago, I was using powershell to generate sqlcmd scripts because that was easier than reinventing the wheel with things that weren't implemented by the sqlserver module. And then I found out that the dbatools module has been around for years and did pretty much all things I was using my scripts to do. I truly have no idea how I missed that.

 

[Mercutio]

A Windows 11 horror story:

I'm looking at a Dell XPS 9320 (11" 13th gen intel, just over a year old). Its owner is in early onset dementia. He can't remember his Microsoft PIN or password and his appearance has changed so substantially over the last year that he can't use his Windows Hello camera sign on any longer. The drive is encrypted but the PC has academically valuable data on it that he needs to pass on to a colleague. Dude has been trying all year to get in to his computer and now it's my problem.

 

[LunarMist]

That's not a Windows problem. Security is working as expected, which is a good thing.
It's a human data management problem. What if he died from a heart attack or a road accident? What if the drive failed?
If the data is so valuable, then perhaps you can find a company that applies AI password attacks.

 

[Mercutio]

Also, the phone number he provided to his Microsoft account is apparently a land line.
The only progress I've made with this is that he finally did come up with the email address he signed up to use on his computer.
An address he no longer has access to.

I'm at the point where I've tried printing out older photos of him to see if I can fool the Hello Camera on the off chance I can get that to work.

There's truly nothing to be done though. He has a little book full of passwords. None of them work to get in his PC. Microsoft wants "personal information" to satisfy its identity requirements, including contact info and e-mail messages it thinks that it should have, but he read his e-mail on the web, not in any of Microsoft's mail clients and not on his phone, and that probably means they have no data to base a claim for his identity.

It's impossible to talk to a human being at Microsoft about it. The appeal process is apparently 100% automated. I really feel for the guy; he knows the data is on this computer (he's a former history professor). But unless he can get in to his Microsoft account SOMEHOW, nobody can do a damned thing for him. Short of a court order, he's SOL.

 

[jtr1962]

This is a textbook case of why you should back up your data in multiple places, like thumb drives, external hard drives, the cloud, etc.

As for passwords. I've long ago made spreadsheets of passwords I use for various sites. There's no way I'm going to remember many or most of them. Besides, a few insist on changing your password regularly, as if that really helps. It'll be nice when something like retinal scans are the norm to log on to websites and computers. No more fussing with passwords, or worrying if your appearance changed.

I personally find most security measures are more of a nuisance than anything else. You should be able to disable them. The main thing I care about is keeping hackers out of my PC. I couldn't care less about limiting in-person access to my computer. I'm the only one who will ever use it. It seems Windows 11 is giving you little choice in the matter.

Are the changes in this guy's appearance from hair styles, growing a beard, shaving a beard, or anything else which he could change to revert closer to how he looked a year ago? Also wondering how, short of facial damage or plastic surgery, one's appearance can change that much in a year so that his computer doesn't recognize him. My state ID card has a picture of me at 30. Outside of less hair, my features have changed very little.

 

[LunarMist]

You act like that is a bad thing. If any Bozo could get into my encrypted computer

Also, the phone number he provided to his Microsoft account is apparently a land line.
The only progress I've made with this is that he finally did come up with the email address he signed up to use on his computer.
An address he no longer has access to.

I'm at the point where I've tried printing out older photos of him to see if I can fool the Hello Camera on the off chance I can get that to work.

There's truly nothing to be done though. He has a little book full of passwords. None of them work to get in his PC. Microsoft wants "personal information" to satisfy its identity requirements, including contact info and e-mail messages it thinks that it should have, but he read his e-mail on the web, not in any of Microsoft's mail clients and not on his phone, and that probably means they have no data to base a claim for his identity.

It's impossible to talk to a human being at Microsoft about it. The appeal process is apparently 100% automated. I really feel for the guy; he knows the data is on this computer (he's a former history professor). But unless he can get in to his Microsoft account SOMEHOW, nobody can do a damned thing for him. Short of a court order, he's SOL.

How much and how old is the work on his computer? If he was on dementia the past few years, maybe it is not so valuable.

 

[Mercutio]

His eye socket was shattered in a fall down some stairs a couple years ago, where he was also diagnosed with dementia, along with substantial weight loss probably due to depression.

He chose to retire during the pandemic and had been working on a text of personal interest, which involved travel travel to India and Afghanistan. I can't speak for the quality of his work, but he does seem to know someone who is interested in taking up his work.

I feel for this guy in every way. He doesn't have the face he's used to and he can't remember simple things but can eloquently discuss South Asian politics across the span of time. I wouldn't be able to live like that either.

 

[LunarMist]

TBI vs dementia, hmmm.
If you have some words or numbers that the victim might use, can the AI password tools help enough? It;s better than brute force and I'm guessing you don't have a quantum system to work any faster.

 

[sedrosken]

Also, the phone number he provided to his Microsoft account is apparently a land line.
The only progress I've made with this is that he finally did come up with the email address he signed up to use on his computer.
An address he no longer has access to.

I'm at the point where I've tried printing out older photos of him to see if I can fool the Hello Camera on the off chance I can get that to work.

There's truly nothing to be done though. He has a little book full of passwords. None of them work to get in his PC. Microsoft wants "personal information" to satisfy its identity requirements, including contact info and e-mail messages it thinks that it should have, but he read his e-mail on the web, not in any of Microsoft's mail clients and not on his phone, and that probably means they have no data to base a claim for his identity.

It's impossible to talk to a human being at Microsoft about it. The appeal process is apparently 100% automated. I really feel for the guy; he knows the data is on this computer (he's a former history professor). But unless he can get in to his Microsoft account SOMEHOW, nobody can do a damned thing for him. Short of a court order, he's SOL.

I've got a similar situation where I've got an older gentleman in his eighties who was pretty high up in his industry and has a lot of old data tied behind a 365 business sub he's still paying for, but that he can't get into -- we know his password, but he lost his 2FA stuff, and we can't seem to supply enough information to satisfy the automated appeal. He has this idea that he can find someone to talk to at Microsoft, but we can't even get to a real person there, much less get them to unlock his account.

So far we've just set him up a new tenant so he can continue to conduct business, as he was pretty old school and did keep most of his data locally. He's in contact with the credit card company he set up his original payments through so hopefully we can get some scrap of useful information like an invoice number or account number we can provide them, but I'm honestly not very optimistic.

 

[fb]

MS authentication is frustrating in so many ways.

I feel that the process is broken if Microsoft accepts land line telephone numbers but don't offer a "Call me back" option, like some of the other online services do.

 

[Mercutio]

My partner's Microsoft account is the one she made for Xbox when she was a little girl, and it's tied to just under two decades of product purchases and game achievements. Unfortunately, it's also tied to 2FA info that belongs to her dad, since six year olds generally don't have private email addresses or SMS-able phones. This makes setting her up on a new PC (or Xbox, I guess) a goddamned nightmare, because she has to get her dad on the phone to read back the 2FA prompts before they expire. We've tried to get the prompts set up to go directly to her, but even that involves cooperation from the dad in question, who has the attention span and interest in any of this as any other man who definitely knows what it means to chain smoke blunts.

This is not actually an odd situation. I know some other GenZs in the same boat. I know why it's a big deal on both sides; people have real money tied up in those accounts, but there also needs to be some kind of way to mediate control over an account.

 

[ddrueding]

I've already had to use identity validation services that included steps like "we're going to video call you and you need to hold your passport up to the screen next to your face while we ask you questions" so there are ways to do it if the company cares enough. But with all the AI generated everything lately there is a level of transaction that should only be allowed in person going forward, and the level of that transaction is going down along with the cost of generating the fakes.

It is going to get really interesting in the next couple years.

 

[LunarMist]

If anyone wanted to see my pass port they better have a legal reason to do so, like representing a government or being involved in visa/travel for ex US. I'm sure there are plenty of frauds involving 2FA.

 

[jtr1962]

I don't get that, either. A driver's license, or non-driver's ID, issued by the state with your picture should be sufficient to serve as ID on a video call.

 

[ddrueding]

This was for the purpose of regaining access to an account. I was the one making the request, so the burden was on me to provide satisfactory evidence. As I was the one initiating the process, concern of fraud on their end was considerably lower.

American drivers licenses are not useful identification outside the US.

 

[Mercutio]

My best friend's older sister is a naturalized citizen of Germany, and so my friend was given on an older National ID card to my friend to use for 18 - not-quite 21 shenanigans. Hilariously, that meant we could go to The Aviary in Chicago but got the cops called for trying to use it to walk in to a neighborhood Dispensary in Denver. Those cops eventually decided it looked legit to them. Legal IDs are weird sometimes.

 

[LunarMist]

I'm not understanding how some illegal ID is a good example. In most countries you are expected to have an official ID of some kind, but the item is not relevant without validity being checked. Obviously Leo only have limited resources and can't deal with all crimes.

 

[Mercutio]

It's a FUN example; it was a form of identity that worked perfectly anywhere someone might reasonably encounter a European ID card in the US. I think it actually got less scrutiny than oddball US State IDs, where someone might actually look for all the details on the card.

When my friend needed it, we were mostly using it to go in 21+ clubs where she thought she might choose to work. Being underage, she could legally work in those places but not walk in to experience them as as a guest. Being able to get a cocktail with her dinner a couple years early was just a nice bonus.

Also: it's very hard to establish a proper, life long identification system, ESPECIALLY if non governmental entities are the ones who need it. Digital property is even more maddening as an adjunct to that.

 

[ddrueding]

One of the cool things about Denmark is that the state saw the value of having a reliable 2FA system that wasn't proprietary or commercial in any way, and made one. In order to enable your identity on the app you need to physically go into one of the state run offices, prove your identity, and have them enable it. Once it is enabled on one device you can enable it on a second without going in, so having a second device at home that is enabled (like an old smartphone) is a good idea.

Since it is license free and you can count on every member of society having it, pretty much every company has developed for it. You use it to access your bank account, file your taxes, authorize credit transactions, sign contracts, buy train tickets, switch cell phone providers, etc.

 

[sedrosken]

I'm a little disappointed in myself that my first impulse was to be horrified at how widespread that system is. I can see how it'd be useful, but I'm skeptical that such a system wouldn't inevitably be abused, or that a slow-moving bureaucratic governmental body is the best choice to run such a system. Granted, I'm sure it works just fine in Denmark, but like a lot of good things you have over there, we'd find ways to screw it up pretty much instantaneously because we don't want it to work.

 

[ddrueding]

Yup, there are a lot of things that work here that won't work elsewhere because the foundation isn't there. In this case the most important is probably that any public/private partnership remains entirely transparent and will be shut down if the private partner is perceived as not acting in the spirit of the agreement. That and being small enough that it is fairly agile, total population is less than 6 million.

 

[fb]

It is similar in Sweden, we have Bank-ID, not developed by the state but the large banks and defacto standard, useful almost anywhere in the digital domain.

Maybe it's easier to implement these things in smaller countries? I think Estonia is the most digitalized countries in the world.