Windows 10 Windows Insider Build Not Installing???

[nmsuk]

Newer machines that use UEFI have a built in shall, it's a lot like a linux console. Always you to manage drives and Pxe for booting. Being dumped to it really did throw me.

 

[stueycaster]

My machine was built in early 2017. Maybe it doesn't have that. I'm sure I'd have been scratching my head over that one. The TPM thing threw me for a loop.

 

[nmsuk]

I should boot into it and show you. Is cool and yet terrifying after just an update

 

[stueycaster]

If you want to I'd be interested.

Sent from my SM-G935T using Tapatalk

 

[nmsuk]

If you want to I'd be interested.

Sent from my SM-G935T using Tapatalk

Imagine getting this.

Sent from my SM-G950F using Tapatalk

 

[stueycaster]

Yeah that would have freaked me out totally. If you know what all that means then my hat's off to you sir. I see where it gives a couple choices. How do you deal with that?

 

[nmsuk]

You stare at and then sigh and type exit and it boots to windows. Have it fixed but still it was a shock. Only popped out for a cup of tea and came back to that. So another tea was grabbed while I sorted it out. Can see the funny side now but a couple of days back not so. I wanted Gates head on a stick.

 

[stueycaster]

Lol. That's funny. But still, you had to reinstall. That sucks. I hope they fix this.

 

[nmsuk]

I'm guessing they will do.

 

[Neemobeer]

Most home users won't have a TPM and even if they do are not likely using it.

 

[nmsuk]

They more than likely will have secure boot and the efi shell, they'll hopefully never enter either.

 

[stueycaster]

Correct me if I'm wrong but I remember about 10 years ago there was talk of putting a TPM on just about every Motherboard to be made. Isn't secure boot info stored in it?

 

[Sonny]

My Asus board has TPM 2.0 but it is disabled. I don't know much about it. Since it is disabled and has been since I have had it. I think I will leave it that way. I don't see no reason to enable it. My board is about 5 years old.

 

[stueycaster]

Yeah the info I'm finding says it's mostly about encryption. W10 Home doesn't natively do that. My TPM.Msc says its ready for use. I guess I'm wrong about it storing Secure Boot info.



It says mine doesn't support Attestation. I take it that means all it does is store info but can't affect anything else.



I'm still puzzled about why the new update made me clear it.

 

[nmsuk]

No the secure boot keys are stored within the UEFI and nothing to do with the TPM, it's used for bitlocker and encryption key storage

 

[stueycaster]

Ok cool. Now I know. Thanks guys. This shows me how much I stall have to learn about computers. @Sonny I'm with you on "Never too old to learn".

 

[nmsuk]

Ok cool. Now I know. Thanks guys. This shows me how much I stall have to learn about computers. @Sonny I'm with you on "Never too old to learn".

Indeed never too late to learn something new. Is one of the more interesting parts of life.

Sent from my CLT-L09 using Tapatalk

 

[Neemobeer]

It's a bit confusing. There is EFI booting and legacy. EFI requires the signed EFI boot loader and a GPT formatted disk. Then secure boot does require a TPM to validate the trusted boot loader. There is also Trusted Boot and Measured Boot which are more secure.

Secure boot itself stores data in NV RAM.


Secure the Windows 10 boot process

 

[stueycaster]

So are these different ways computers boot up owing to different security needs of businesses or maybe government agencies?

 

[Neemobeer]

It's just different levels of trusted computing. Whether or not they will be enabled is entirely up to the business or gov entity.