When Microsoft released Windows 10 in 2015, Microsoft developer Jerry Nixon said that Windows 10 would be the last version of Windows. In the future, Microsoft would only add new features and fix vulnerabilities on the Windows 10 platform.

When Microsoft released Windows 10 in 2015, Microsoft developer Jerry Nixon once said that Windows 10 will be the last version of Windows. In the future, Microsoft will only add new features and fix vulnerabilities on the Windows 10 platform.

Before Windows 10, the version update cycle of Windows was basically maintained at about 3-4 years. It is rare for a version like Windows 10 to have not received a major update after 6 years of operation.

Just when everyone thought that Microsoft had come to an end for Windows, Microsoft suddenly announced the arrival of Windows 11.

Regardless of whether Microsoft is slapping itself in the face in the past, Windows 11 still brings a lot of freshness to old users who have been living with Windows 10 day and night for 6 years. Moreover, this upgrade is free, and many users will use it after the official version is released. They all plan to upgrade their experience.

However, some users with older computer hardware have found that their computers do not meet the upgrade requirements for Windows 11.

What’s even more bizarre is that this is not because the computer’s CPU performance is insufficient, or the hard drive or memory capacity is insufficient, but because of a chip that has never been heard of before - the TPM 2.0 security chip.

"What TPM chip, Intel or AMD?"

Since the security of Windows systems has been criticized, Microsoft joined forces with a number of PC manufacturers in 2011 to promote the TPM security chip to improve the defense of Windows systems. From then on, basically every computer shipped from the factory will have a built-in TPM 1.2 chip.

Simply put, the TPM chip is specially used to process the encryption key of the computer, and can play a role in security authentication, key storage, etc. Compared with the security protection of the software, the hardware-level protection provided by TPM is much more closed, so it is more Not susceptible to intrusion and tampering by viruses and other malware.

The new CPU has integrated the TPM 2.0 chip

In 2016, TPM 2.0 chips began to be promoted, and many manufacturers also kept up with the pace of updates. However, users at the time were basically unaware of this "minutical" upgrade until Windows 11 of launch.

Some users who are still using TPM 1.2 era hardware accused Microsoft of using the Windows 11 upgrade to forcefully promote TPM 2.0 chips. In fact, it is to stimulate old users to replace new hardware and accelerate the speed of hardware obsolescence.

Therefore, they have developed many methods to bypass TPM chip detection and forcibly upgrade Windows 11. These methods are vividly called "smuggling".

Microsoft explained that the purpose of promoting TPM 2.0 chips is actually to deal with increasingly severe information security issues.

Microsoft security researchers have discovered that the use of hardware firmware vulnerabilities (CPU, memory, hard disk, etc.) to attack systems is increasing day by day, and this kind of malicious code is difficult to detect or remove. Once infected, users can only reinstall the system. Or replace the hard drive.

These vulnerabilities not only threaten users' information security, but also indirectly have a serious impact on the real world. For example, the ransomware that plunged the world into an information security panic in the past few years once paralyzed computers in important institutions such as hospitals and gas stations, causing irreparable losses.

In order to explain the importance of the TPM 2.0 chip more intuitively, Microsoft decided to personally become a "hacker" to demonstrate how Windows 11 resists being invaded. Whether

is safe or not, you will know after intrusion

Microsoft's chief "insider"

Microsoft invited David Weston, Microsoft's director of enterprise and operating system security, to demonstrate the intrusion.

David has established a professional hacker team at Microsoft. His job is to find security issues that threaten the system faster than hackers. Therefore, he can be said to be an expert in attacking Windows.

David first demonstrated remote intrusion into a Windows 10 computer that did not have TPM protection or secure boot enabled, and then installed ransomware on the puppet machine to lock its hard drive. The process of

intrusion is very simple. David found an open RDP port and forcibly logged into the computer remotely.

The process of breaking its system password is also very rough. It is to retrieve various leaked passwords and constantly try to unlock them. It can be broken after a few minutes or days of brute force cracking.

Once a hacker successfully enters the system, the puppet machine basically loses control. The hacker can arbitrarily implant ransomware and other Trojans and change the system's boot file. At this time, even if you use WinPE or WinRE to repair the hard disk, there is no guarantee that it will be completely Restore system partition.

To unlock important data, users have to pay high ransoms to hackers in cryptocurrencies such as Bitcoin.

How can Windows 11 protect these important files from being "kidnapped"? David said the solution is not complicated, and that is to use the built-in "safe boot mode".

In the safe mode of Windows 11, when the system starts, it will check whether the code and key of the startup program are consistent with the information of the TPM chip to confirm whether they have been modified.

then runs with the correct boot file based on the running healthy boot log, rejects the modification of the ransomware, and allows you to log in to the Windows backup file normally, thereby minimizing the loss of the ransomware invasion.

After demonstrating remote control, David then demonstrated another face-to-face security cracking - using gummy bears to crack fingerprint recognition.

Since it is very difficult to forge an identical fingerprint, most people have the inherent impression that fingerprint recognition is very safe.

It is indeed a difficult problem to forcefully break through the security door of fingerprint recognition, but it is possible to bypass it and enter the system directly.

David has prepared a device called PCI leech, which can directly access computer memory information through thunderbolt interface . As long as the computer is patched with a "any information can be unlocked" patch, then the fingerprint information can be successfully bypassed and entered into the computer. .

At this time, any conductive object (finger, nose, gummy bear, etc.) can be used to unlock the computer and access all private content.

This kind of memory attack is not uncommon, because many programs will store data in memory temporarily when they are running, and attackers will take advantage of this opportunity to modify the data.

If your computer falls into the hands of criminals who know the relevant technology, then the "confidential files" in your favorites will most likely be in danger.

But if you happen to use a TPM chip to protect against intrusion, everything will be different.

David then performed the same intrusion demonstration on a Windows 11 computer and found that fingerprint recognition still worked correctly.

This is because at this time, the fingerprint recognition information is no longer simply stored in the memory, but is isolated and locked in an independent and secure virtual area. Every read requires key verification.

The key is stored in the TPM chip that is isolated from the outside world, and the security is greatly improved.

David said that many security features in Windows 11 can also be used in Windows 10. However, these features were only optional in the previous version, and are now enabled by default in order to improve the security performance of Windows 11.

Therefore, whether you plan to upgrade from Windows 10 to Windows 11 or not, Microsoft recommends that you check your TPM version and enable it in the BIOS.

It’s time to pay attention to the security chip

In addition to system-level security protection, the TPM 2.0 chip has many protection measures. The most common one should be Bitlocker added from the Windows Vista period.

For enterprise-level users, Bitlocker driver encryption has become indispensable. Bitlocker is a full-volume encryption technology that simply puts a lock on your hard drive. Even if the hard drive is stolen, the thief cannot read information from it.

The key to protecting information is the TPM 2.0 chip. When you encrypt your disk, part of the encryption key is stored in the motherboard's TPM chip.

This not only provides higher security encryption protection, but also when your hard drive unfortunately falls into the hands of others, it will also be unusable due to the lack of the key on the TPM chip, providing powerful offline protection.

At a time when digital currency and virtual assets are popular, many "digital tycoons" NFT assets and digital wallet keys worth hundreds of thousands of dollars may be stored in the computer hard drive. Once lost, the consequences will be disastrous.

Therefore, it is necessary for individual users to use hardware-level encryption technologies such as Bitlocker to protect their important data. In addition to data security, the

TPM chip also has some unexpected uses, such as anti-cheating in games.

In recent years, we have witnessed many phenomenal games suddenly become popular, such as " PlayerUnknown's Battlegrounds ", "APEX", "Jelly Bean Man", etc. The reasons for their popularity are different, but the reasons for "going cold" are mostly the same. ——There are too many plug-ins.

The struggle between game developers and cheaters has never stopped since the day the game was born. Now, some developers have decided to use more stringent means to deal with cheaters, including "League of Legends" Developer fist games.

Riot Games’ new anti-cheat system Vanguard will detect whether players on Windows 11 have TPM 2.0 enabled. If not, they will not be able to enter the game.

Security experts have analyzed that Riot Games intends to use the TPM 2.0 chip to confirm the cheater’s hardware information and permanently ban the device.

The measures taken by "Fearless Contract" are radical and bold, which may inspire other online game companies to use physical bans to increase the cost of cheaters, but at the same time, some people say that this stricter supervision is a further step towards personal privacy. Violate.

However, driven by Windows 11, there may be more and more games or applications like "Fearless Contract" that require TPM 2.0 chips. By then, higher standards of information security protection requirements may become a new reason for people to replace their equipment.