Friday, June 25th 2021

Thanks to Windows 11, Scalpers Buy Out Add-on TPM 2.0 Modules

Most modern PC platforms include an fTPM (firmware trusted platform module) of some form. Those that don't, have a TPM 2.0 compatible header on the motherboards. Microsoft's requirement of a hardware TPM for Windows 11 has scalpers go after add-on TPMs, which are typically priced around $20, but now marked up to $100, according to price-tracking by Shen Ye, a senior HTC VIVE exec, who has been tracking prices of add-on TPMs on Twitter.

Scalpers possibly anticipate a rush of ill-informed buyers out for add-on TPMs, who haven't spent 5 minutes digging through their UEFI setup programs for the fTPM toggle. Below is a screenshot of a Ryzen 7 2700X-based machine, paired with an AMD B450 chipset motherboard (a platform from 2018), with its fTPM toggle turned on. The PC now meets Windows 11 system requirements. Windows 11 uses hardware TPMs for secure storage of credentials. "Microsoft, can you not impose a TPM requirement during a silicon shortage? Especially considering most desktop motherboards support TPM only as a purchasable accessory," Shen Ye tweeted.
Source: Shen Ye (Twitter)
Add your own comment

263 Comments on Thanks to Windows 11, Scalpers Buy Out Add-on TPM 2.0 Modules

#176
Athlonite
FoxinuhhBoxI'm one of the few that got ahold of a TPM 2.0 20-pin for my motherboard, I ignorantly thought my 4th gen 4.3 GHz i7-4790K would be supported. I was mistaken. while I may have been able to acquire the TPM, my CPU and any intel cup below 8th gen are not supported because they feel like it.
Well atleast you can more than your money back for it so sort of makes up for the waste of time
Posted on Reply
#177
FoxinuhhBox
ironwolfYup, checked the net last night for a TPM module for an ASRock H97 Performance board with a i7-4790K on it. $40 from 3rd party on Newegg was cheapest I could find from a quick look. Nuts!
I had to order a TPM too, but i neglected to see that our i7-4790Ks will not be supported. the same goes for any intel chip below 8th gen. dumb ass Microsoft

Have a TPM 2.0 now but still not supported :(
AthloniteWell atleast you can more than your money back for it so sort of makes up for the waste of time
I guess you are right my friend. do you think i should just sell it or maybe hold out hope that the requirements will change?
Posted on Reply
#178
Athlonite
FoxinuhhBoxI guess you are right my friend. do you think i should just sell it or maybe hold out hope that the requirements will change?
yeah I'd just sell it MS are not going to change their minds and back track on allowing older CPU's
Posted on Reply
#179
windwhirl
FoxinuhhBoxdo you think i should just sell it or maybe hold out hope that the requirements will change?
I don't think they will back down on this. If nothing else, you're not missing out much by staying on Windows 10.

EDIT: BTW, they're also putting similar restrictions on Windows 10 feature upgrades.
Windows Processor Requirements Windows 10 21H1 Supported Intel Processors | Microsoft Docs
You say you have a 4790K, so Devil's Canyon, so Haswell. If you don't get the 21H1 (or May 2021) update, it's probably because your CPU is not on the supported list.

EDIT2: Disregard the previous statement, since it seems this restriction is even older but has not applied. My old Core i3-4330 doesn't show up in those lists but I have a rig with that processor that has been updated to the 20H2 version.
Posted on Reply
#180
VEGGIM
Athloniteyeah I'd just sell it MS are not going to change their minds and back track on allowing older CPU's
Well thing is windows 11 will be uefi only and they are stripping the 32bit from it. This means any 16 bit applications you have will not work with windows 11. 32 bit applications however will. This also means any windows before windows 8 era computer if not upgraded is dead.
Posted on Reply
#181
First Strike
lexluthermiesterIt is a world were we the people need to learn to protect ourselves instead of relying on government and corporations to protect us like pathetic little sheep.
That's security through ignorance, literally, if you are following updates in the field of security. For a very basic one, how the hell are you going to protect yourself from a website hosting JS-based Spectre attacks? How can you be so sure that the top website you visited has not been hacked to host such attacks?

For physical security, if you failed to protect yourself, well, the worst case scenario is getting injured or killed. I mean, criminals or bad luck can only do so many stuff in a day. World won't burn.
In the digital world, millions of devices or accounts are at stake. You are feeling safe not getting Spectre attacks, not because you are genius, but because this thing is undetectable and is (probably) patched early on, or because the criminals thought targeting less-experienced users is easier and more profitable for now.
Posted on Reply
#182
Isaac`
R-T-BWhy do you think this? The official compatability tool suggests otherwise.
a yt video clearly demonstrating its not mandatory
Posted on Reply
#183
R-T-B
Isaac`a yt video clearly demonstrating its not mandatory
A youtube? Of a beta? Gotcha. Don't count on that working forever.
Posted on Reply
#184
Isaac`
R-T-BA youtube? Of a beta? Gotcha. Don't count on that working forever.
Thats true but im willing to be there will be some way to give you a local acount anyway
Posted on Reply
#185
Vayra86
I might go all XP-ish over this Windows 10 installation I have going right now. Growing attached to it. Stahp, MS, please.
Posted on Reply
#186
R-T-B
Isaac`Thats true but im willing to be there will be some way to give you a local acount anyway
Local account is a seperate thing from making it install without the hardware root of trust it wants.
Posted on Reply
#187
lexluthermiester
Athlonitehere in Gougelandastan (New Zealand)
That just made me laugh..
First Strikehow the hell are you going to protect yourself from a website hosting JS-based Spectre attacks?
Simple: NoScript(or disabling JS). However, and I KNOW I've said this in other treads, Spectre/Meltdown attack CAN NOT SUCCEED REMOTELY! Physical presence is REQUIRED.
First StrikeHow can you be so sure that the top website you visited has not been hacked to host such attacks?
I'm not going into a dissertation on how and why that is easily protected from.
First StrikeFor physical security, if you failed to protect yourself, well, the worst case scenario is getting injured or killed.
You seem to be taking this to an extreme NO ONE will ever face.

Protecting ones self on the internet is somewhat involved, it's not rocket science.

Quit with your sad flame baiting.
Posted on Reply
#188
First Strike
lexluthermiesterHowever, and I KNOW I've said this in other treads, Spectre/Meltdown attack CAN NOT SUCCEED REMOTELY! Physical presence is REQUIRED.
Yes, they absolutely do. I'm curious where you hear the physical presence part from. Most likely you are referring some other vulnerabilities released around the same time. Not the Spectre.

Spectre only exploits CPU microarchitectures. Any code gets running on the target platform can theoretically perform the attack. The range of attack is dependent on the specifc variant and attack vectors. However your browser password is definitely within reach for JS-based Spectre attacks. That's why the very first fixes lands on Chrome and Firefox with big warning signs if you don't swallow the update.
lexluthermiesterSimple: NoScript(or disabling JS).
This is a solution indeed. But that's a "Internet surfs you" solution in 2021.


Let me present my ideas better. User expertise is never the best strategy in security. It is kind of like the last line of defense while the attacks are extermely scalable and still evolving. Long gone are the days of "up a firewall and good to go", and "Spectre CAN SUCCEED REMOTELY" is the new reality. Self protection only is like using pistols against enemies from street thugs all the way up to Russian tank hoards. Normally, the tanks are fended off by the Army as it should be.
Posted on Reply
#189
ShiBDiB
lynx29will be going to Linux anyway now, so scalpers and M$ can eat it. damn, it feels good to be free once and for all. Linux to the moon!
Made it one reply before the "LOL LiNuX is BeTtEr, M$ BaD" post...

Nix has its uses, but literally no one besides the other 7 daily linux users care that you suffer thru inconvenience because "M$ iS BaD"
Posted on Reply
#190
breakfromyou
Makavelii'm curious to see how this will work for older motherboards that you can buy the TPM and add it. Because even with doing that Haswell doesn't meet the cpu requirements for windows 11.

Intel 8th gen and up.
I'd hope it would work, at least if you picked up a TPM2.0 module and have it on. Does the system meet the other requirements as well? If not, a few tweaks in BIOS might be needed.
Posted on Reply
#191
Isaac`
lexluthermiesterYou seem to be taking this to an extreme NO ONE will ever face.
oh yes that time i forgot to enable TPM 2.0 and i got killed
Realisticly that chip cant do anything so i 100% agree with this
it dont need to be enabled
Seems to just be artifical eof to me
Posted on Reply
#192
R-T-B
Isaac`yes that time i forgot to enable TPM 2.0 and i got killed
Physical Security != hardware security
Posted on Reply
#193
lexluthermiester
First Strike"Spectre CAN SUCCEED REMOTELY"
No, it can NOT. And even if it could, TPM and SecureBoot would do NOTHING to stop such an exploit. However, such is off-topic for this thread. Hush up about it.
Posted on Reply
#194
Mussels
Moderprator
I think modders will find ways to get W11 to install on older hardware very very quickly

MS having official support saves them a lot of work and effort, but sheeit, we know they wouldnt bother blocking it unofficially working - they WANT people on their OS, they just want to save on costs patching and fixing shit on old hardware

I bet they're going to use this as a new security method, to try and give W11 a better security reputation
Posted on Reply
#195
lexluthermiester
MusselsI think modders will find ways to get W11 to install on older hardware very very quickly
Oh yeah. There is a modding group already working on it.
MusselsMS having official support saves them a lot of work and effort, but sheeit, we know they wouldnt bother blocking it unofficially working - they WANT people on their OS
Oh, that's a good point! Not offically supported but they won't stop anyone from doing it anyway? I'd be ok with that on a personal level. I still think it's total humbuggery to even post such requirements.
Musselsthey just want to save on costs patching and fixing shit on old hardware
Typical lazy-a$$ microsoft..
MusselsI bet they're going to use this as a new security method, to try and give W11 a better security reputation
Perhaps.
Posted on Reply
#196
trparky
R-T-B
Isaac`Secure boot is not mandatory
Why do you think this? The official compatability tool suggests otherwise.
I don't have Secure Boot enabled on my motherboard and the compatibility checking tool says that my system can be upgraded to Windows 11 just fine.

As for why I don't have Secure Boot enabled, I have no idea how to enable it on my motherboard. I tried to enable it in UEFI but it gave me some cryptic message about it not being able to be enabled and that's when I said, 'fuck it' and went on my merry way.
Posted on Reply
#197
woom
Upgraded my AMD 3800X to windows 11 all good ,also did my 4790k with Z79X MB AND A 3570K all ugraded from w10 pro.
Posted on Reply
#198
lexluthermiester
woomUpgraded my AMD 3800X to windows 11 all good ,also did my 4790k with Z79X MB AND A 3570K all ugraded from w10 pro.
Any issues or difficulties?

BTW, Welcome to TPU!
Posted on Reply
#199
woom
Small thing at the start when i went to put w11 on the AMD pc it said i had to download and put a appraiserres,dll in the file SOURCES in the iso file on my USB stick
and after that w11 installed fine ,dont know what the,dll file did just did it like it said.this is the link for it,tekdeeps.com/how-to-download-and-install-leaked-windows-11/
Posted on Reply
#200
Athlonite
trparkyI don't have Secure Boot enabled on my motherboard and the compatibility checking tool says that my system can be upgraded to Windows 11 just fine.

As for why I don't have Secure Boot enabled, I have no idea how to enable it on my motherboard. I tried to enable it in UEFI but it gave me some cryptic message about it not being able to be enabled and that's when I said, 'fuck it' and went on my merry way.
there's two things you need to do to enable Secure Boot
1: Turn it on in your UEFI/BIOS settings
2: Make sure your Boot Drive is using a GPT partition type not the old MBR type
Posted on Reply
Add your own comment
Copyright © 2004-2021 www.techpowerup.com. All rights reserved.
All trademarks used are properties of their respective owners.