←back to thread

Upcoming Windows 11 builds cannot install without internet and Microsoft Account

(infosec.exchange)
268 points tech234a | 1 comments | 29 Mar 25 04:13 UTC | HN request time: 0s | source
Show context
soraminazuki ◴[29 Mar 25 05:47 UTC] No.43513090[source]
It's such an absurd lie. If Microsoft's idea of security is to force its users to authenticate online for a local account, they should never be allowed in the software industry at all. They're needlessly and dramatically increasing the attack surface of one of the most security critical software running on user devices.
replies(5): >>43513349 #>>43513354 #>>43513571 #>>43513574 #>>43514238 #
charcircuit ◴[29 Mar 25 07:33 UTC] No.43513571[source]
Microsoft's idea of security is moving people away from local accounts protected by passwords and to Microsoft accounts protected Windows Hello.

The Windows Hello PIN is protected by the TPM. This means you can't brute force it like a password could be.

replies(2): >>43513581 #>>43513921 #
GoblinSlayer ◴[29 Mar 25 08:55 UTC] No.43513921[source]
To brute force a password, attacker needs full access to the system, guessing the password won't give them more access.
replies(1): >>43517415 #
1. charcircuit ◴[29 Mar 25 18:18 UTC] No.43517415[source]
No, they don't. They can clone your hard disk and use a different computer. A TPM based pin makes that approach impossible and you must have access to the system itself.