Yes. Computers with super sensitive data are often airgapped and specifically not connected to the network or the internet. It's mostly a false claim. You could argue that going online and not...
Yes. Computers with super sensitive data are often airgapped and specifically not connected to the network or the internet.
It's mostly a false claim. You could argue that going online and not using a Microsoft account is insecure but that is also not true, now you could lie and say it is though.
I cannot see a way where a local account for home use is insecure.
Ehhh. While the comment about airgapping is true, and I don't trust this is the real reason at all, for like 99% of the populace, making them actually apply patches and updates is a huge fucking...
Maybe I'm crazy, but I feel that claiming that forcing Internet connectivity immediately improves security is just outright false.
Ehhh. While the comment about airgapping is true, and I don't trust this is the real reason at all, for like 99% of the populace, making them actually apply patches and updates is a huge fucking hassle, and by FAR the worst security concern.
No one wants to blow a 0 day to crytpo lock your machine, but if you haven't patched it in 3 years, then connect to the web or some device, then yeah there's probably someone who's scrapped a list of all the known patched vulnerabilities in the last 3 years probing anything they can touch.
There are obviously more elegant ways to do this than what windows is doing (and I'd swear i heard about this months ago and then there was an immediate work around/solution?), but basically every big hack you hear about usually starts with "they were running windows 8 and had a policy to plug in found usb's to determine who they belonged to".
It's the "wash your fucking hands" of cybersecurity.
Edit-
Ahh this is them removing it AGAIN, after the workaround was found/used for the last few months.
I really like the the word allow here. It really highlights the expectations that the computer is not actually owned by the user. This has been pretty obviously coming since at minimum a decade...
I really like the the word allow here. It really highlights the expectations that the computer is not actually owned by the user.
This has been pretty obviously coming since at minimum a decade ago. My next guess for new features is actual ads on lockscreen instead of annoying widgets, less ads subscription, popup over the full screen width if it cannot connect to the internet, safety net like features and more.
And if someone thinks this cannot happen I encourage them to load up Windows 7 image and compare it with 11. Also go over majority reactions when anyone suggests using Linux.
But my cousin had a problem installing printer drivers on Linux 15 years ago and also a terminal emulator killed my mother, so I think I'll continue on my blind march toward corporate dystopia,...
Also go over majority reactions when anyone suggests using Linux.
But my cousin had a problem installing printer drivers on Linux 15 years ago and also a terminal emulator killed my mother, so I think I'll continue on my blind march toward corporate dystopia, thank you.
I'd argue that's less true now than ever before, but even if we disregard that, the solution to that problem isn't nestling even deeper into Microsoft's monopolistic garden. Developers will go...
I'd argue that's less true now than ever before, but even if we disregard that, the solution to that problem isn't nestling even deeper into Microsoft's monopolistic garden. Developers will go where the users are. It's a bit of a chicken and egg conundrum, but as people become more and more frustrated with the bullshit economy, I think we'll see more people willing to put out a bit of effort to break free.
Frankly I am astonished that Adobe has not ported their stuff to Linux. It’s not like there isn’t any demand. But knowing how buggy their stuff is I would imagine that it would be a nightmare.
Frankly I am astonished that Adobe has not ported their stuff to Linux. It’s not like there isn’t any demand. But knowing how buggy their stuff is I would imagine that it would be a nightmare.
From a business perspective it often simply isn't worth it to support Linux. The market share is tiny incredibly fragmented making support a nightmare. You sometimes see software vendors deciding...
From a business perspective it often simply isn't worth it to support Linux. The market share is tiny incredibly fragmented making support a nightmare. You sometimes see software vendors deciding to support on specific distro (often Ubuntu or Redhat/Fedora) which makes it slightly easier. But it also reduces the already tiny share to even lower numbers.
So, purely looking at the numbers it simply isn't that attractive of a sell.
However on the flip side for the general casual browser user sending emails, and using Facebook, and maybe editing a document online there's very little some people do outside of a browser and...
However on the flip side for the general casual browser user sending emails, and using Facebook, and maybe editing a document online there's very little some people do outside of a browser and that experience is exactly the same no matter what's running underneath.
That is exactly the situation I'm in. I work from home and use my personal desktop, and most of the software I have to use for work is simply not available on Linux.
That is exactly the situation I'm in. I work from home and use my personal desktop, and most of the software I have to use for work is simply not available on Linux.
My computer is mine to do with however I please but I 100% think this is the case for the OS if you use Microsoft or Mac. As far as I'm concerned if you're a closed source, for profit company you...
I really like the the word allow here. It really highlights the expectations that the computer is not actually owned by the user.
My computer is mine to do with however I please but I 100% think this is the case for the OS if you use Microsoft or Mac. As far as I'm concerned if you're a closed source, for profit company you have the right to put in whatever BS restrictions, ecosystem shoveling, and money gouging ideas you want. And we all have the right to jump ship to Linux.
I would love to start seeing computer manufacturers normalizing shipping with dual boot options. A lot of users literally only need a browser these days and if they could easily access a better experience I think it would really give Microsoft pause before whatever their next shitty step is.
They have the ability to but I would argue that this is a clear case for regulation. They are effectively forcing everyone that wants to do general computing on a dominant default platform to have...
They have the ability to but I would argue that this is a clear case for regulation. They are effectively forcing everyone that wants to do general computing on a dominant default platform to have account with them.
Note that my position could change if I could go out and buy same model computer with a Linux distro preinstalled for at least a significant fraction and cross section of market, regardless of actual Linux marketshare.
Can you download an app on an iPhone without an account? (No.) So how is this any different?
They have the ability to but I would argue that this is a clear case for regulation. They are effectively forcing everyone that wants to do general computing on a dominant default platform to have account with them.
Can you download an app on an iPhone without an account? (No.)
So how is this any different?
Ideally it would not be any different and it would just be standard that user can use their purchased electronics to their full potentional excluding actions requiring actual positive effort from...
Ideally it would not be any different and it would just be standard that user can use their purchased electronics to their full potentional excluding actions requiring actual positive effort from the company without any further involvement of the company.
Personally I focus my preaching advocacy (though I limit the extent of it) on Windows because I have to use it.
At this point I'd honestly be disappointment if they didn't commit to the multi dip. Pay for the OS and offloading as many essential tools to a subscription as possible. And also forcing an online...
At this point I'd honestly be disappointment if they didn't commit to the multi dip. Pay for the OS and offloading as many essential tools to a subscription as possible. And also forcing an online connection to train copilot, even if you don't use it.
Seriously, MS is practically the devil in my eyes at this point. Can't trust them to not break everything on a whim or believe anything they say. The fact that you could effortlessly prompt your way to critical information with guest copilot access in a live environment means they have no clue what they're forcing into 90% of the worlds computers.
With the shear amount of analytics they're collecting on Windows usage, I imagine it's only a matter of time before they add more tiers on Windows locked behind subscriptions.
With the shear amount of analytics they're collecting on Windows usage, I imagine it's only a matter of time before they add more tiers on Windows locked behind subscriptions.
We’re removing the bypassnro.cmd script from the build to enhance security and user experience of Windows 11. This change ensures that all users exit setup with internet connectivity and a Microsoft Account.
I recently updated to W11 as 10 really was going to go, but I was already doubting whether or not I should continue with Windows. It's currently fine, I have a local account setup and tweaked...
I recently updated to W11 as 10 really was going to go, but I was already doubting whether or not I should continue with Windows. It's currently fine, I have a local account setup and tweaked Windows a bit to be more like I'm used to, but there aren't many more steps I'm willing to take before I do take the plunge into another OS.
The only reason to do this, is to pull you into their ecosystem. It doesn't add anything to the OS, it doesn't add anything to the experience, and it doesn't add anything in terms of security. I'd even argue that my local account is safer on account the credentials can't be leaked.
Apologies if this is covered in the article, but, how can they enforce this if you're building a system that lives entirely disconnected from the internet? Like a high security system, a lab, or...
Apologies if this is covered in the article, but, how can they enforce this if you're building a system that lives entirely disconnected from the internet? Like a high security system, a lab, or something like that?
Pretty much any operation of that nature would be within a larger organization that uses Microsoft's enterprise licensing. Microsoft offers a suite of provisioning & deployment tools that allow...
Pretty much any operation of that nature would be within a larger organization that uses Microsoft's enterprise licensing. Microsoft offers a suite of provisioning & deployment tools that allow administrators to declaratively configure mass deployments, rather than having to go through the OOBE for each machine as a consumer would, and in that context the provisioned licenses would be tied to an organisational Microsoft account regardless.
Edit: I just realized I wrote this far too technically for people without an IT background. "OOBE" means Out of Box Experience, it's the setup process you go through the first time you power on your machine and configure language, date & time, account credentials etc. Microsoft offers tools to their enterprise customers that allow administrators to do all that configuration beforehand as well as all the Group Policy stuff required by the organisation, so the licensing is dealt with in a way that isn't seen on screen. For customers that have offline security requirements, they can host the activation server on premises so the machines don't have to phone home to Microsoft. Home/Pro edition users don't have this option IIRC.
I've done no testing but I'd suspect if you use Rufus to create your USB installer using the official Windows 11 ISO image (third option) it should give an option to remove this check. Anyway I...
I've done no testing but I'd suspect if you use Rufus to create your USB installer using the official Windows 11 ISO image (third option) it should give an option to remove this check.
Anyway I thought it was funny they're changing the BSOD to be green after like 35 years for no goddamn reason. I wonder what focus group / committee voted for that and which project manager is getting a raise for that. Someone is putting that on their resume.
Isn't the green screen just for their insider/beta program? Like, not a thing that's in the program to roll out after testing, but as a means to specifically identify beta crashes
Isn't the green screen just for their insider/beta program? Like, not a thing that's in the program to roll out after testing, but as a means to specifically identify beta crashes
I'm not sure. I guess that makes sense? In case they want to separate testing group forum posts versus release channel bug reports... I guess? Surely there's a better way to track bug reports...
I'm not sure. I guess that makes sense? In case they want to separate testing group forum posts versus release channel bug reports... I guess? Surely there's a better way to track bug reports other than "Is your screen blue or green?"
That's actually a great way to quickly filter out certain issues. BSOD renders the computer unusable, so people tend to take a picture. Now without reading a single letter, you'll already know if...
Surely there's a better way to track bug reports other than "Is your screen blue or green?"
That's actually a great way to quickly filter out certain issues. BSOD renders the computer unusable, so people tend to take a picture. Now without reading a single letter, you'll already know if this is a normal Windows machine or not.
Perhaps. But if you are willing to spend that much energy, why just don't install Linux? Isn't the whole point of using something like Windows that you don't have to think too much and that...
I used this loophole trick, I suppose you could use an old installer and then update from there?
Perhaps. But if you are willing to spend that much energy, why just don't install Linux? Isn't the whole point of using something like Windows that you don't have to think too much and that everything works out of the box? Once that is gone, why on earth keep using it?
Sometimes you're willing to put in more work upfront if future things are easier. Sometimes you need Windows so you're just looking for the workaround that gets you in the door.
Sometimes you're willing to put in more work upfront if future things are easier. Sometimes you need Windows so you're just looking for the workaround that gets you in the door.
I haven't installed win11 in ages, does it now force you to make an account/login? Before there was a skip button at the login page. If they force me to login one day it might be the straw that...
I haven't installed win11 in ages, does it now force you to make an account/login? Before there was a skip button at the login page.
If they force me to login one day it might be the straw that breaks the camels back for me I dunno. Proton is so good these days I might go back to a Debian daily driver.
DO IT. Fuck windows. 2025, the year of the Linux desktop! Just buy a second drive to slap Linux on and go. I'm not the biggest gamer but most games work for me. The only ones that don't work are...
Proton is so good these days I might go back to a Debian daily driver.
DO IT. Fuck windows. 2025, the year of the Linux desktop!
Just buy a second drive to slap Linux on and go. I'm not the biggest gamer but most games work for me. The only ones that don't work are where devs disable anti-cheat on Linux. Lots of multiplayer games still work as well. I have have basically 100% success rate running single player games in steam.
It still had a skip button for me earlier this year. Do some people not see that? I don't understand why a workaround with a hidden script is needed otherwise
It still had a skip button for me earlier this year. Do some people not see that? I don't understand why a workaround with a hidden script is needed otherwise
This is why I only use Windows as a gaming box now. I use Linux for anything important or personal. I respect certain parts of the Microsoft brand but Windows has only ever pushed the boundaries...
This is why I only use Windows as a gaming box now. I use Linux for anything important or personal. I respect certain parts of the Microsoft brand but Windows has only ever pushed the boundaries of what consumers will tolerate (which is unfortunately a lot).
I'm sorta in the same boat. Switched to a dual boot setup a while back. Windows is mostly for game mods that just outright arent supported on Linux. I've been really into randomizers lately and...
I'm sorta in the same boat. Switched to a dual boot setup a while back. Windows is mostly for game mods that just outright arent supported on Linux. I've been really into randomizers lately and many of them just come with "sorry Linux users" written in the setup documentation.
It's weird that they insist on an online account during initial set up but allow creating local accounts afterwards. I actually want to sync with my Microsoft account but ended up creating a local...
It's weird that they insist on an online account during initial set up but allow creating local accounts afterwards. I actually want to sync with my Microsoft account but ended up creating a local account just to change the user folder name (online accounts take the first 5 characters of your email address).
It seemingly never comes up in these discussions, but I think a large part of the reason is bitlocker. New installations have had bitlocker enabled by default for a while now. If your TPM is...
It seemingly never comes up in these discussions, but I think a large part of the reason is bitlocker. New installations have had bitlocker enabled by default for a while now. If your TPM is reset, you move your drive to a new system, or your motherboard dies, you need your bitlocker key to recover the data. Windows will back up bitlocker keys to a Microsoft account (can be disabled for higher security).
Imagine this scenario: someone gets a new laptop and has their ”techy" relative set it up. That person bypasses the Microsoft account login because they have ideals or a security posture that the laptop owner likely does not share. They also do not backup the bitlocker keys, because they aren’t aware of the need. Then a few years down the line, something happens and they need their bitlocker key. Well now all their data is gone forever. They now blame Microsoft because windows destroyed their data.
I think that scenario happens way more often than techy people on the internet want to admit. From this perspective, requiring at least one Microsoft account makes a ton of sense.
I think there should be an option to not need a Microsoft account without enterprise licensing, but I can understand why they are doing it.
Yeah, it isn’t the strongest of arguments. But I do think you undersell at rest encryption. Also, one point you made is wrong. Full disk encryption is now the industry standard. Every single...
Yeah, it isn’t the strongest of arguments. But I do think you undersell at rest encryption.
Also, one point you made is wrong. Full disk encryption is now the industry standard. Every single consumer OS does FDE by default. That includes Windows, macOS, iOS and derivatives, Android, and chromeOS. In this way, Linux is the exception in that it (in general) isn’t encrypted by default.
They could always separate their key backup service from their Microsoft account service, which would satisfy the need without requiring people to expose their identity to the Microsoft ecosystem...
They could always separate their key backup service from their Microsoft account service, which would satisfy the need without requiring people to expose their identity to the Microsoft ecosystem that they may not want to be exposed to. That would also probably result in a better user experience (people with accounts would get that service linked to their account automatically, and users who don't want all account are far less miffed about a key backup step in the wizard with clearly described pros and cons for each option. They could even support third party backup services for advanced users.
These things would result in a better and more robust product, but would take away from Microsoft's bottom line. They would be willingly giving customers a way to avoid a bunch of jank are otherwise locked into. Locked-in jank is good for Microsoft because it allows them to build jank and call it a success.
None of this is to disagree with your take. I just like to remember in times like this that there is almost always a better way, but profit incentives mandate that they give us the minimum that is competitive.
It appears Microsoft is finally doing a bit of backpaddling on the issue of hardware requirements. Its no complete course reversal, but its at least something.
Yes. Computers with super sensitive data are often airgapped and specifically not connected to the network or the internet.
It's mostly a false claim. You could argue that going online and not using a Microsoft account is insecure but that is also not true, now you could lie and say it is though.
I cannot see a way where a local account for home use is insecure.
Ehhh. While the comment about airgapping is true, and I don't trust this is the real reason at all, for like 99% of the populace, making them actually apply patches and updates is a huge fucking hassle, and by FAR the worst security concern.
No one wants to blow a 0 day to crytpo lock your machine, but if you haven't patched it in 3 years, then connect to the web or some device, then yeah there's probably someone who's scrapped a list of all the known patched vulnerabilities in the last 3 years probing anything they can touch.
There are obviously more elegant ways to do this than what windows is doing (and I'd swear i heard about this months ago and then there was an immediate work around/solution?), but basically every big hack you hear about usually starts with "they were running windows 8 and had a policy to plug in found usb's to determine who they belonged to".
It's the "wash your fucking hands" of cybersecurity.
Edit-
Ahh this is them removing it AGAIN, after the workaround was found/used for the last few months.
I really like the the word allow here. It really highlights the expectations that the computer is not actually owned by the user.
This has been pretty obviously coming since at minimum a decade ago. My next guess for new features is actual ads on lockscreen instead of annoying widgets, less ads subscription, popup over the full screen width if it cannot connect to the internet, safety net like features and more.
And if someone thinks this cannot happen I encourage them to load up Windows 7 image and compare it with 11. Also go over majority reactions when anyone suggests using Linux.
But my cousin had a problem installing printer drivers on Linux 15 years ago and also a terminal emulator killed my mother, so I think I'll continue on my blind march toward corporate dystopia, thank you.
I'd argue that's less true now than ever before, but even if we disregard that, the solution to that problem isn't nestling even deeper into Microsoft's monopolistic garden. Developers will go where the users are. It's a bit of a chicken and egg conundrum, but as people become more and more frustrated with the bullshit economy, I think we'll see more people willing to put out a bit of effort to break free.
Frankly I am astonished that Adobe has not ported their stuff to Linux. It’s not like there isn’t any demand. But knowing how buggy their stuff is I would imagine that it would be a nightmare.
From a business perspective it often simply isn't worth it to support Linux. The market share is tiny incredibly fragmented making support a nightmare. You sometimes see software vendors deciding to support on specific distro (often Ubuntu or Redhat/Fedora) which makes it slightly easier. But it also reduces the already tiny share to even lower numbers.
So, purely looking at the numbers it simply isn't that attractive of a sell.
However on the flip side for the general casual browser user sending emails, and using Facebook, and maybe editing a document online there's very little some people do outside of a browser and that experience is exactly the same no matter what's running underneath.
This was basically the idea behind Chromebooks. If you can keep everything confined to the browser, the OS doesn't really matter.
Chromebooks are still computers you don't own, see this thread: https://cloudisland.nz/@rmi/114219847307106213
That is exactly the situation I'm in. I work from home and use my personal desktop, and most of the software I have to use for work is simply not available on Linux.
Is this not a thing already? I thought my work PC had some of those after the update until I disabled as much lock screen stuff as I could.
My computer is mine to do with however I please but I 100% think this is the case for the OS if you use Microsoft or Mac. As far as I'm concerned if you're a closed source, for profit company you have the right to put in whatever BS restrictions, ecosystem shoveling, and money gouging ideas you want. And we all have the right to jump ship to Linux.
I would love to start seeing computer manufacturers normalizing shipping with dual boot options. A lot of users literally only need a browser these days and if they could easily access a better experience I think it would really give Microsoft pause before whatever their next shitty step is.
They have the ability to but I would argue that this is a clear case for regulation. They are effectively forcing everyone that wants to do general computing on a dominant default platform to have account with them.
Note that my position could change if I could go out and buy same model computer with a Linux distro preinstalled for at least a significant fraction and cross section of market, regardless of actual Linux marketshare.
Can you download an app on an iPhone without an account? (No.)
So how is this any different?
Ideally it would not be any different and it would just be standard that user can use their purchased electronics to their full potentional excluding actions requiring actual positive effort from the company without any further involvement of the company.
Personally I focus my
preachingadvocacy (though I limit the extent of it) on Windows because I have to use it.Glad I went with Linux Mint for my recent PC build. How long until M$ adds a monthly subscription fee to have an account?
At this point I'd honestly be disappointment if they didn't commit to the multi dip. Pay for the OS and offloading as many essential tools to a subscription as possible. And also forcing an online connection to train copilot, even if you don't use it.
Seriously, MS is practically the devil in my eyes at this point. Can't trust them to not break everything on a whim or believe anything they say. The fact that you could effortlessly prompt your way to critical information with guest copilot access in a live environment means they have no clue what they're forcing into 90% of the worlds computers.
This is not new. I’m pretty amazed they managed to change to a benign/good reputation at all.
With the shear amount of analytics they're collecting on Windows usage, I imagine it's only a matter of time before they add more tiers on Windows locked behind subscriptions.
I mostly stopped playing video games and was able to switch to MacOS. Currently deciding if I should sell my Windows desktop.
Original source:
https://blogs.windows.com/windows-insider/2025/03/28/announcing-windows-11-insider-preview-build-26200-5516-dev-channel/
I recently updated to W11 as 10 really was going to go, but I was already doubting whether or not I should continue with Windows. It's currently fine, I have a local account setup and tweaked Windows a bit to be more like I'm used to, but there aren't many more steps I'm willing to take before I do take the plunge into another OS.
The only reason to do this, is to pull you into their ecosystem. It doesn't add anything to the OS, it doesn't add anything to the experience, and it doesn't add anything in terms of security. I'd even argue that my local account is safer on account the credentials can't be leaked.
Apologies if this is covered in the article, but, how can they enforce this if you're building a system that lives entirely disconnected from the internet? Like a high security system, a lab, or something like that?
Pretty much any operation of that nature would be within a larger organization that uses Microsoft's enterprise licensing. Microsoft offers a suite of provisioning & deployment tools that allow administrators to declaratively configure mass deployments, rather than having to go through the OOBE for each machine as a consumer would, and in that context the provisioned licenses would be tied to an organisational Microsoft account regardless.
Edit: I just realized I wrote this far too technically for people without an IT background. "OOBE" means Out of Box Experience, it's the setup process you go through the first time you power on your machine and configure language, date & time, account credentials etc. Microsoft offers tools to their enterprise customers that allow administrators to do all that configuration beforehand as well as all the Group Policy stuff required by the organisation, so the licensing is dealt with in a way that isn't seen on screen. For customers that have offline security requirements, they can host the activation server on premises so the machines don't have to phone home to Microsoft. Home/Pro edition users don't have this option IIRC.
I used this loophole trick, I suppose you could use an old installer and then update from there?
I've done no testing but I'd suspect if you use Rufus to create your USB installer using the official Windows 11 ISO image (third option) it should give an option to remove this check.
Anyway I thought it was funny they're changing the BSOD to be green after like 35 years for no goddamn reason. I wonder what focus group / committee voted for that and which project manager is getting a raise for that. Someone is putting that on their resume.
Isn't the green screen just for their insider/beta program? Like, not a thing that's in the program to roll out after testing, but as a means to specifically identify beta crashes
I'm not sure. I guess that makes sense? In case they want to separate testing group forum posts versus release channel bug reports... I guess? Surely there's a better way to track bug reports other than "Is your screen blue or green?"
That's actually a great way to quickly filter out certain issues. BSOD renders the computer unusable, so people tend to take a picture. Now without reading a single letter, you'll already know if this is a normal Windows machine or not.
Ahh, the Green Screen of Opportunity
(Joke/Noise, please)
Perhaps. But if you are willing to spend that much energy, why just don't install Linux? Isn't the whole point of using something like Windows that you don't have to think too much and that everything works out of the box? Once that is gone, why on earth keep using it?
Sometimes you're willing to put in more work upfront if future things are easier. Sometimes you need Windows so you're just looking for the workaround that gets you in the door.
I haven't installed win11 in ages, does it now force you to make an account/login? Before there was a skip button at the login page.
If they force me to login one day it might be the straw that breaks the camels back for me I dunno. Proton is so good these days I might go back to a Debian daily driver.
DO IT. Fuck windows. 2025, the year of the Linux desktop!
Just buy a second drive to slap Linux on and go. I'm not the biggest gamer but most games work for me. The only ones that don't work are where devs disable anti-cheat on Linux. Lots of multiplayer games still work as well. I have have basically 100% success rate running single player games in steam.
It still had a skip button for me earlier this year. Do some people not see that? I don't understand why a workaround with a hidden script is needed otherwise
This is why I only use Windows as a gaming box now. I use Linux for anything important or personal. I respect certain parts of the Microsoft brand but Windows has only ever pushed the boundaries of what consumers will tolerate (which is unfortunately a lot).
I'm sorta in the same boat. Switched to a dual boot setup a while back. Windows is mostly for game mods that just outright arent supported on Linux. I've been really into randomizers lately and many of them just come with "sorry Linux users" written in the setup documentation.
It's weird that they insist on an online account during initial set up but allow creating local accounts afterwards. I actually want to sync with my Microsoft account but ended up creating a local account just to change the user folder name (online accounts take the first 5 characters of your email address).
It seemingly never comes up in these discussions, but I think a large part of the reason is bitlocker. New installations have had bitlocker enabled by default for a while now. If your TPM is reset, you move your drive to a new system, or your motherboard dies, you need your bitlocker key to recover the data. Windows will back up bitlocker keys to a Microsoft account (can be disabled for higher security).
Imagine this scenario: someone gets a new laptop and has their ”techy" relative set it up. That person bypasses the Microsoft account login because they have ideals or a security posture that the laptop owner likely does not share. They also do not backup the bitlocker keys, because they aren’t aware of the need. Then a few years down the line, something happens and they need their bitlocker key. Well now all their data is gone forever. They now blame Microsoft because windows destroyed their data.
I think that scenario happens way more often than techy people on the internet want to admit. From this perspective, requiring at least one Microsoft account makes a ton of sense.
I think there should be an option to not need a Microsoft account without enterprise licensing, but I can understand why they are doing it.
Yeah, it isn’t the strongest of arguments. But I do think you undersell at rest encryption.
Also, one point you made is wrong. Full disk encryption is now the industry standard. Every single consumer OS does FDE by default. That includes Windows, macOS, iOS and derivatives, Android, and chromeOS. In this way, Linux is the exception in that it (in general) isn’t encrypted by default.
They could always separate their key backup service from their Microsoft account service, which would satisfy the need without requiring people to expose their identity to the Microsoft ecosystem that they may not want to be exposed to. That would also probably result in a better user experience (people with accounts would get that service linked to their account automatically, and users who don't want all account are far less miffed about a key backup step in the wizard with clearly described pros and cons for each option. They could even support third party backup services for advanced users.
These things would result in a better and more robust product, but would take away from Microsoft's bottom line. They would be willingly giving customers a way to avoid a bunch of jank are otherwise locked into. Locked-in jank is good for Microsoft because it allows them to build jank and call it a success.
None of this is to disagree with your take. I just like to remember in times like this that there is almost always a better way, but profit incentives mandate that they give us the minimum that is competitive.
It appears Microsoft is finally doing a bit of backpaddling on the issue of hardware requirements. Its no complete course reversal, but its at least something.